d90987a8f7a56cd9c09f69585de0ee6241c326f5b41399b2a8319d03fe6ce64e

Analysis

max time kernel
163s
max time network
164s
platform
windows10-2004_x64
resource
win10v2004-20250313-en
resource tags

arch:x64arch:x86image:win10v2004-20250313-enlocale:en-usos:windows10-2004-x64system
submitted
28/03/2025, 18:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fabric-installer-1.0.1.exe
Size

449KB
MD5

7f0502234a4af4bb9ee0b35ee38b8711
SHA1

e708d55f12586a153770bafa4b7fbfa8441b1409
SHA256

d90987a8f7a56cd9c09f69585de0ee6241c326f5b41399b2a8319d03fe6ce64e
SHA512

4dc60b1c4da89d3f40456ca54665c797816e42fa1e44e9b2873f799ccf2a4f834732b2854e3f8491e1ab1be562e7d7528fef19acb49d072a63a668e7e5468320
SSDEEP

6144:nI+0wPnAFavZtK9qEgsdjMpgmo6KlspZpP5OLhmsGpAiXx74syabpA+J:BPnAFSS36lKmPpemsGmiXxVfnJ

Score

6^/10

discovery motw phishing

Malware Config

Signatures

Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs

phishing motw

flow	ioc	pid	Process
499	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html	4488	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	fabric-installer-1.0.1.exe

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133876607048286684"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1279544337-3716153908-718418795-1000\{615105F5-E96F-4DEE-AD0C-CCA22AF9F3CD}	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4008	chrome.exe
4008	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 41 IoCs

pid	Process
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe
Token: SeShutdownPrivilege	4316	chrome.exe
Token: SeCreatePagefilePrivilege	4316	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3532	javaw.exe
3532	javaw.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5672 wrote to memory of 5088	5672	fabric-installer-1.0.1.exe	85
PID 5672 wrote to memory of 5088	5672	fabric-installer-1.0.1.exe	85
PID 5672 wrote to memory of 3532	5672	fabric-installer-1.0.1.exe	89
PID 5672 wrote to memory of 3532	5672	fabric-installer-1.0.1.exe	89
PID 4316 wrote to memory of 3036	4316	chrome.exe	92
PID 4316 wrote to memory of 3036	4316	chrome.exe	92
PID 4316 wrote to memory of 4488	4316	chrome.exe	93
PID 4316 wrote to memory of 4488	4316	chrome.exe	93
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 3184	4316	chrome.exe	94
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95
PID 4316 wrote to memory of 4628	4316	chrome.exe	95

C:\Users\Admin\AppData\Local\Temp\fabric-installer-1.0.1.exe
"C:\Users\Admin\AppData\Local\Temp\fabric-installer-1.0.1.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:5672
- C:\Program Files (x86)\Common Files\Oracle\Java\javapath\javaw.exe
  "javaw.exe" "-version"
  2⤵
  PID:5088
- C:\Program Files (x86)\Common Files\Oracle\Java\javapath\javaw.exe
  "javaw.exe" "-jar" "C:\Users\Admin\AppData\Local\Temp\fabric-installer-1.0.1.exe" "-fabricInstallerBootstrap" "true"
  2⤵
  - Suspicious use of SetWindowsHookEx
  PID:3532

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffaf34bdcf8,0x7ffaf34bdd04,0x7ffaf34bdd10
  2⤵
  PID:3036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=1544,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=2172 /prefetch:3
  2⤵
  - Mark of the Web detected: This indicates that the page was originally saved or cloned.
  PID:4488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=2144,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=2140 /prefetch:2
  2⤵
  PID:3184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2368,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=2312 /prefetch:8
  2⤵
  PID:4628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3132,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=3168 /prefetch:1
  2⤵
  PID:4576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3144,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:5732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4308,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=4324 /prefetch:2
  2⤵
  PID:4860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4720,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=3124 /prefetch:1
  2⤵
  PID:3748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4916,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=4940 /prefetch:1
  2⤵
  PID:2792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5124,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5116 /prefetch:8
  2⤵
  PID:5440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5484,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5504 /prefetch:8
  2⤵
  PID:2208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5360,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5576 /prefetch:8
  2⤵
  PID:2380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5260,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5512 /prefetch:8
  2⤵
  PID:3500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5520,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5684 /prefetch:8
  2⤵
  PID:996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5932,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5588 /prefetch:8
  2⤵
  PID:5220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6088,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=6136 /prefetch:8
  2⤵
  PID:3680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6140,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5772 /prefetch:8
  2⤵
  - Modifies registry class
  PID:3376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=208,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5756 /prefetch:8
  2⤵
  PID:2020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5272,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5732 /prefetch:8
  2⤵
  PID:1916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5524,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5940 /prefetch:8
  2⤵
  PID:1268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5188,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=4392 /prefetch:2
  2⤵
  PID:4728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5904,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5992 /prefetch:1
  2⤵
  PID:3180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6192,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=6168 /prefetch:8
  2⤵
  PID:1040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=4976,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5024 /prefetch:1
  2⤵
  PID:3020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=6356,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=6308 /prefetch:1
  2⤵
  PID:1468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=6292,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5376 /prefetch:1
  2⤵
  PID:1876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=5580,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5756 /prefetch:1
  2⤵
  PID:3716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6808,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=6832 /prefetch:1
  2⤵
  PID:3192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=6724,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=6748 /prefetch:1
  2⤵
  PID:4436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=6888,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=6864 /prefetch:1
  2⤵
  PID:3916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=7024,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=7008 /prefetch:1
  2⤵
  PID:4056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=7120,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=7164 /prefetch:1
  2⤵
  PID:4108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=7196,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=7220 /prefetch:1
  2⤵
  PID:1900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=7352,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=7376 /prefetch:1
  2⤵
  PID:2288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=7520,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=7532 /prefetch:1
  2⤵
  PID:1140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=7672,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=7688 /prefetch:1
  2⤵
  PID:3688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=7816,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=7828 /prefetch:1
  2⤵
  PID:4924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=7988,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=8000 /prefetch:1
  2⤵
  PID:1452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=8144,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=8156 /prefetch:1
  2⤵
  PID:5800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=8300,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=8316 /prefetch:1
  2⤵
  PID:5208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=8448,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=8468 /prefetch:1
  2⤵
  PID:3516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=8496,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=8628 /prefetch:1
  2⤵
  PID:3884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=8764,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=8784 /prefetch:1
  2⤵
  PID:4792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=8008,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=8944 /prefetch:1
  2⤵
  PID:1516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=8136,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=9152 /prefetch:1
  2⤵
  PID:5356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=9148,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=9260 /prefetch:1
  2⤵
  PID:5096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=9456,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=9452 /prefetch:1
  2⤵
  PID:1680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=9576,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=9564 /prefetch:1
  2⤵
  PID:4076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=9740,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=9764 /prefetch:1
  2⤵
  PID:5384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=9732,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=9888 /prefetch:1
  2⤵
  PID:3104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=10008,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=10024 /prefetch:1
  2⤵
  PID:3000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=8012,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=9420 /prefetch:1
  2⤵
  PID:6104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=8052,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=8004 /prefetch:1
  2⤵
  PID:1916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=9488,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=10052 /prefetch:1
  2⤵
  PID:5288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=6204,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=9612 /prefetch:1
  2⤵
  PID:6148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=8644,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=8616 /prefetch:1
  2⤵
  PID:6156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=6832,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=6580 /prefetch:1
  2⤵
  PID:6288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=5588,i,6240450149234630450,14557329159981822409,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=6068 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4008

C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
1⤵
PID:4828

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:5320

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x414 0x4a4
1⤵
PID:2500

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp

Filesize
46B

MD5
8747fc47c4eff999635a38bd6aaeaacf

SHA1
0c653047d94ce44f64d0470e3cdbdba66714a6dd

SHA256
c5554814777605071e8f49563ba2d5a7875724ac4598d2a02b2b1241b84c1b0a

SHA512
c2f8ab8bb9b20fd9183db61289dea7240e253a70c711eb626df46e328779acce015a132925c0d3e3a86a3f4e72dae26555e01bd6918fa5ad38c44e91628e35c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\51b37d62-55d4-484e-b284-5e0a54da419a.tmp

Filesize
13KB

MD5
9541ff408d4c43463309513d9f7ec405

SHA1
1aaaeb00fafa3b264b2469e28522889dae757947

SHA256
aa61cea2fe377910dc9a5dc7b410cc1683634cc87b26e55ffb3696e106de1505

SHA512
e8cd1f098d8a42bc5083b2d856a58f22336b3b623fce3e8d7e03858bbf9b01d6734e64d546c4bb235cb4d1151a00aadfdf9707a4ae77e12675d491d3be98be76

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
d8dc986c2b0758b61651234a957440b0

SHA1
33cb1cfb394538a42dc9d04bf5c4430c14b78542

SHA256
cf2483e0ac757bb1cda24a865ce6e5ab7b4e973e8cde60d310671596350854af

SHA512
3f3fd09ced80dda8119a8a331aa2193a9f3f549a959367bc1be433731f843cb8d61a129806abd4320935cb354481ce6867945971c10b44695034dbcb6ceea7c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b

Filesize
24KB

MD5
d42c085b7dd73fdb240db10473206bfe

SHA1
0d1555fee1a6ea9147203d5ad491aa21de1a87e3

SHA256
26394b8bdadb759a754322334d7345ed102052eb21f6e9cf3fd9ab0cbc902175

SHA512
270d207445bcbe1af6f4621666742c43bde7a3b01a9a9dbe035a7838b96b812058aded9af605dda4e9737201f4586be5a5ff555d35d4210b8a351d8c8505b450

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
307202dcebc8709ab48b7716c5e48955

SHA1
687a6a2741aed1c3b21b43d49eef78af4e35a244

SHA256
a6333b0caff2a20be2104dbad44aa0211675852c253adbece2c43dad42d4f651

SHA512
946921bb5356355802da1de05a8176eb74d211dcd8c57391ec8e0ff46648fedb9d4d2c724f1fd35daf398a5558adb1d9e85fec42d1c76ea7e835f20f1cafca2b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
bef8f16ba2a0a6715cf252e886094371

SHA1
84e15cce0f28d7bee3a5bcc7f445a06cd39ce756

SHA256
126e66457a01697c866966c7eccc0269e0184790d48e816a757fcc6e36c4d084

SHA512
682b56da522cd33712ed4ccb0e42e3fadb0c806161c5f87d2d984109a2fc74d8a69f7353345e0e915e2544fafcb243c6af709086e52564616fc55b76c8a4532f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
a207367fe1d24008c07d6dd421c61be9

SHA1
db465b4269dd574248478fa870de51b07102caa1

SHA256
7094741e50ab6487f59e64184928f9411ce3e374104e7365c234dff343c20cd0

SHA512
fea460c4375c9041b60a6db69eaebb160d9232e282005dd1d2c65a9052b3d5e473ed7ad53992d16cd5c792a6ebee392977083124c685c9a0a82027a6680b22a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnGraphiteCache\data_1

Filesize
264KB

MD5
3119b5c68e377b112ebbde384173555f

SHA1
048438742ba5bf412b0a978d562d1bf89a95110b

SHA256
f2259b3e1457937bfa59acd63199c35ba4313c85f28adb1d5a1c19e68ffe6f8a

SHA512
86a791f03c293c1a71fcc4b4445061f00e793a624626054fbbee411db5cc0a812774181ed4e3bd3b3ab4dd3f50159cdd8468e52a1636f1fc2dabbd8860332306

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.90.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000003.log

Filesize
87KB

MD5
8d1fdd35e3e48e6eafd1d5c317cb64b3

SHA1
5f7aa291a2705e80d00a32126de20cac58deadcc

SHA256
da1a9ad6ae1f62af08983bc9c8a80ebb960325a34b7d84772b4a8b2dfdfa0d47

SHA512
716ae9221e888d149efe6bd0dffb59c78a6cee016e0541266044b2bdd2bf5e2d2571ed7032a71764aeb1d2e5ef910e0cb3dc8e8c1c0599b7ede2e51c4b8db9fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG

Filesize
349B

MD5
ad9e1341804b0f65f0f2b110011cec5f

SHA1
7d7a0ac77f370e3cedc33f3b3eed640fa1866aef

SHA256
a222fc0ee5e4415a6b9388b62d00e9694702e98d9adc3e09a460e56e06588137

SHA512
d0ec8ac9f881b55014da09dbc03d4546c43ffc6399ef3f8a7aeacdeaee29acd2e2f225723d97ab54158350fdaba18b23d591e025c1b9e39d6e099b283f973764

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
34KB

MD5
f803e963bcf526a9f5c86fb36fba78dc

SHA1
1fc723e55b40829bf45f40c7077f6bfe0492f1ab

SHA256
8303bdbaf09de5619516d5c5e294ca51975d807ec4f6ccbad6093566720958dd

SHA512
0e09e76aff10a892b849ca5428230b7bef9ee193467896b06b5b615d6e1332b4dc97bbb1bed5dd659ba21911e9b8da4bedc058b757f314e6e5c264a150670311

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
10KB

MD5
7a32f4785fa8b23117bd683acb2dac24

SHA1
bfc346c2457a851def372020df9fd26ee10af71e

SHA256
a10c301051ab77c60588faf5752bfb0751ba63356bdbbc5187e4d72329e7569b

SHA512
92c68622317c6ce9d813776bec2514675cede6f296c572434e609b5dee1f0d1e3020d56c5b635a6f28f9bb03f881ac0d7188ca69a44030f1fd12fc3dda453edc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
34KB

MD5
1ecb13035770353a4661dd280527ecc5

SHA1
9dd4b0c693c3a8c890bcfe8ff3bd4149302bca5b

SHA256
8232a989c2244693ca0f576602eca05b3d388391a6a1929e430b6254bf946544

SHA512
02b78299fde0f8d75af0bb724ca7ed937092f0e3b1bf5728d94b7e03f6546dae4d18f4b190e0b8761040fe105344a9050daa6f76664fffe0eefcc25ba872f11c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
b9044fa2050eac31008e26109dfeacd8

SHA1
4d168cd61986509587e6c9f7e69f948b520d05a0

SHA256
06b3283a995954269c323fbadf624b0f022021f4e8347c5de3784735d3efc259

SHA512
f0526dcbf8f92868a2e57bb5390d62264bfc4471cb83919444e67a4170f58dbbc3053b37f7c916fd25dee1ce9e307b014e455ffbb7fa86322f3b81879c8ff0ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
e5c826c1ba25d013d19bd631b068e6f7

SHA1
4e0a593308dacc64b938faac6914b8cb43f77d67

SHA256
5099fa5aa9742fa484f7f91c3349a28c49b4babf28303397c17dae208279d138

SHA512
14d1f52109ebcf2f7f8eb04fa03cdb2a21c2bf93857a151c3b368fcd9663d9ace47901b96a0137c5c1c58506daee7f4252d33fdeec01a75e8699ce55b1ed54a0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
bb15b38a9607657bb2f389bf77748542

SHA1
8312ae165f3a30206451662ce430418dc7a20f43

SHA256
61af18c335f68eeb2d1fe4f852a723d5596a887d3d7102c97de8b4eef37825e0

SHA512
966263708f29c1d228cf28554f451a27e1dae5e223aef0b7a6bf8e26e3ef0f08743993b6b5045a5adfe0970b4f75c5f5aa6ab33bbeef46864c95d092694f69f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
6ad11afda3489f97a8fc912388d57ce1

SHA1
7640f544dd6582c7f1749ecd75e008b62771410c

SHA256
0ba8a1b57fe1116372f552e368fff6fb4ab041d7b3625b327e90f21fc4d32a04

SHA512
4065060f367b4a28e36a4726400f2c99c0c25402fe56ba9fe7f5350263af1a1303bb616f3c076ffab164de48b017e906c7187a88e33f7a9bdfcce306f84f57bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
56a9f81ba1b918eee37c90ba58b4d90d

SHA1
b0431b7020b73df8f64c4980957d5fcf85d0c482

SHA256
e10e82224fd8dbda5cf36a8eacc7f0e9c704bc85a3a65e4f59fe35df7474fe60

SHA512
273330ac21a6bff6ebc34db86fffffc30ef96adb30576829a16a844175bf77847c2e500ac1a6cf700e4b5160efce662fd9f9db34b1bc8dcab76fc2e7210f01c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
84207c5c716d394bb75eefee9b89a168

SHA1
689ef3f2c052ac1dbad7543773fe2310db0f74c7

SHA256
6f5fa74f662c105d4578643db9f1272e161f3d5fc75c8a536a8364de9251d504

SHA512
447fbc1eff316daa5ce45af214c6a5537caa8d37e2da654c7b5df2809058f50813a66b145b161fe3a71280dae701e57b04a11692de23d872f376497d61128e14

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
6b1365b8d65a5c69d3eaf1122b0abcc3

SHA1
1a637ceef99220308565fb9dfdeb743e05e1654b

SHA256
8f81b7c45dc581924090d97327d79aebf387bdea586e468003ff951eec8c8242

SHA512
c8ba7b2ed85a977d6b36283cf7724a607c5f3a47cb1e116ea54d8e2ed04abac044e78bf20bb9bbffda055fa0a5b63b3293c720d93160aedbc3af3d6c5fe43b59

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
af22ab7bcf4aafacc8e8e841e497a068

SHA1
c702bef4cebfecd06b0fc7b71945f3c710d1cd85

SHA256
2295fd65859af072dc0ce7603887ccc5588d5001cfdc2b5faa36fded2077847a

SHA512
4b0ef8fdec1756ba7dea6a8f6ccee242947963f4ccc43cdf9a6af2beb3403de095714823b65808cc2a86d920c876f11836bdf1eefd4733e80cb8e02a241b33d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
f54b3e3896fe48504c0b0a3019868461

SHA1
d04809210c6e2049ce2f3c0477c46c7b0ecf3a81

SHA256
c326d8edf65ba0e48c798c4de5e9c86bdfbdd5b7f00d49c309deec74915cee5b

SHA512
83eab1454e71e77ae4722b285a43f5dd56b2d8f45135d965ed34827b8c09cd806128106d0384cb35bfbb4378f116a3c446cd84f6d756c9db201e1728bb3aaa6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
0ac3e283ee05a687272e88bea8b9d23f

SHA1
daa2d56289725455eddca6e645df2855db8bae00

SHA256
e546a87c23ae98b26a9e64e0ad461c5eb1b79e1c6cf2b5a35c740aa51655062a

SHA512
0591c71480177bc64a36134e4002018bc9695fd01a66b6dca2815981272ebff122fe7083d6c2433bc48d148690ffee3114971c7b6d779c9fd1fe72686df3cbff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
18KB

MD5
f172d819ad2a352c99136b892b7967bd

SHA1
c25a10bccea5cdbbb81fa1d14950825b89640394

SHA256
939d90efde8f6f0676f4cff85e7ebb4459459e268373bf90783085cf987c7398

SHA512
c9cb34923c89137974dcbdb1f85a482de69327ffceaefdc790d17046c6ff0334aa8affb04b0a4a41ead176e726ef91c1422f8cc888f7dfb9abf5653c862f888a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
92519518dd5b573f26141a71c994a92d

SHA1
f6aeb2708d66e828d21c1a977ed4c6e0898cb532

SHA256
0c3b3facd6ddbbc9f3f51ec076d1887cbe858d09369bdd4c52bd704013442ac8

SHA512
80ce0c2e099854c7628ecd2cf99e429258dd759c03ae3cdfea746ae4d281464d4d7405ffeef7b9b044bbb9e455087cea650a14c593f015c7dce1a42eb6da73ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a563ad49-ac14-43f1-b837-51f60a216edc\index-dir\the-real-index

Filesize
2KB

MD5
8c3cf0076413510a1a5c0b6887164f1b

SHA1
11b6ed08f55820d597c67b1e6935c182733acda3

SHA256
7dfe472546d5059de8b62250ab50fc702a5af3ae4a6fc4d225d730b085ea1bab

SHA512
eb8e92c44cef1e4c23539fd6951bd0f12d53d0e37435d5bdde354aeef4962a00ed81bc24a51e65472178db697dd5540408d9b22b4cde7c6b44099f0117e545e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a563ad49-ac14-43f1-b837-51f60a216edc\index-dir\the-real-index~RFe583795.TMP

Filesize
48B

MD5
397a201c371640ce3018aa492aa8971a

SHA1
9ee3705f987254b15c7381c30a7fa6459e01e4de

SHA256
1f9fb73269d657e2793ab7e504f92f623e7bccd91f1ee0f1ca8bbfd528bcc19f

SHA512
df2be72424cc08ac874bccbd3121239910a096a0c66259fad548ec52ce3a6c123dffb11d22bb476f4e071ddc601d4c4d47649c2e62bc42c0918891cb05994328

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
16b0028ee48352686bdf9f6a755bf729

SHA1
f1e12e28457b43888b72d311057eb1137d106407

SHA256
71e682bd8f6dca44236280c766c26c31ef96ec274a1e187bd72d3ea55ce59123

SHA512
eb6d59b8d8773da18d856656d44caa895c3eeab6f8a7f3f199a5d89b08354ea179d155abb2533c440fb18d742a0b213df2c7d5576f6c9089b8fe0f17c437f26f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
ba094e89989cab47288b7822c87f9640

SHA1
e5bdf83bfea42bcb012c9b8620420d57b7ec241a

SHA256
12e9de656f15fdcde0c73e052b1d50b165c3cf9b38f294a182ad46eb6d2da9a5

SHA512
de33533f9ba3920c38853922ab76414f62b55f044df48ca08be71a6d45bec420c0aeba76bb9ea4e048e7e379daa26ffb6db5904bb7120a0298fb4a215ec53bce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
d347e808a5faebc64c62292230fa48dd

SHA1
8f3dd7d32df641403e2adfe745b1a4e8dc9baa2d

SHA256
890efef8072babaf89cc3531a799a2965fab326b9902ad0c12435e0336f6a9e1

SHA512
1af535c0d0307c05a1951ec7e958dbc24b6d25db54d3029e4bef7d8247f6e9920eb69937a336d126cff2669b9765b91d56685379882b3413f546fcd5a37e5de7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe582d35.TMP

Filesize
119B

MD5
cd382c084364074da287af00b3ebdde1

SHA1
6b89baedddcb9eaa0876daaf7fcd0e261e9fce91

SHA256
934b5090681eaa0f76426aa3a0f43fed448881c00c6945fab76ec22181285b4f

SHA512
4ac1c70cdc414491752e3a07a2bbf30e52e9658080935c2400f50df745ad2012da76619dcfd16da8518ca85d1c1dbf886b9ec9bdada97a8707755cf4b582a8fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
d394aa53b78d39e61123ce9a9d319e36

SHA1
24e12bc2e5882a8c5866248a2de76a35229b840f

SHA256
88099af9f9a836e3cc8083d7dc8fbfddad7344cbc4949341a51b129c0185109f

SHA512
cca86c33a42ccaf8281ddc0e79307f0c5aa7027ba0e8891387856e9e6d0739f0f0cfa47388e0fc193a88a51fdad1df1b0cf2593de1a58a407d31810b97794ba4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
1931c6a59ca1b1fcabd7364bee6f4546

SHA1
9e8914c4b08eafc38a1e7ab2e0728d6b9e2d0152

SHA256
c7214e1bd64ada4ff0f60efd0ffe272a421b43a1e7426bf146d5c93dfab9b9dc

SHA512
fda26d048e7cd9c1fc6de8b0cef33a21999bf1ad961e51bab819084e3ffd2c54450aa0fd846884bc365a6d03f03d6bba20fe652c7cfd8d91fb5579a230a0f011

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57de79.TMP

Filesize
48B

MD5
539ff0cbbc7044a38c02fb9348bb373a

SHA1
c7a19460b3812eed5d89872e4abb289ef54aa7be

SHA256
0761ca028ebc48aeb614b29244868be4d14eaa310fc9acdb108d8e560e0e186c

SHA512
bfeb050c5579b268f20c9aa7bd38df88b3408810f0e75687345365114d47a771b1ba1020da782480f8908c91bcb44f84026ada236408c1d1aca47e193ae92e41

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\index-dir\the-real-index

Filesize
72B

MD5
39c5d9551d9c8d4c101a1d6b8189b2b3

SHA1
482c3f71f9220b44fb7265c2afb66315f4c25438

SHA256
03dbe6bcf4d67537d3f1a7f725a70d85e51fc9459e998afe3940839d7c6331f3

SHA512
b6fe01e2555dac3f5646bf918234dbd8d61706683f45aa317884410c29caab6b5b3c47e15d7d55fb1d503629308cc5d4e25a516d5007cf986892de137815d034

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4316_1919304102\Shortcuts Menu Icons\Monochrome\0\512.png

Filesize
2KB

MD5
206fd9669027c437a36fbf7d73657db7

SHA1
8dee68de4deac72e86bbb28b8e5a915df3b5f3a5

SHA256
0d17a989f42bc129aca8e755871a7025acb6292ce06ca2437e95bedbc328fa18

SHA512
2c89878ec8466edf1f214d918aefc6a9b3de46d06ffacff4fdb85566560e94068601b1e4377d9d2eabefdc1c7f09eb46b00cf4545e377cc84a69edf8e57e48b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4316_1919304102\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
529a0ad2f85dff6370e98e206ecb6ef9

SHA1
7a4ff97f02962afeca94f1815168f41ba54b0691

SHA256
31db550eb9c0d9afd316dc85cdfd832510e2c48e7d37d4a610c175667a4599c6

SHA512
d00e2d741a0a6321c92a4aab632f8f3bafd33c0e2875f37868e195ed5e7200a647b4c83358edcef5fc7acbc5c57f70410903f39eac76e23e88a342ac5c9c21cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
155KB

MD5
1d8180d3ef9a0f13f00c8e70979454f2

SHA1
0e9cbe4f977d8b82d6dfed02bf47977dbcd67417

SHA256
3045a060f7a165e11d5761f84ac1327937083fbc42441ea99f4f15c9c186684c

SHA512
bc1e302f4f68cf1735955a92f702ea127c5099a59e2a6300a845abaa456fe7da939f4cea958810c908c795452cca10c435757cba259a46cbc237223a6dfc45cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
155KB

MD5
20634a5b487c80010e6a3c58884364f6

SHA1
3fc47af880a0a3d96f40ccdf1cdc121b1fd1324c

SHA256
6e762fcd9444b7a012fe6de67abcec79b77311217f262dc32eb146e9d78760b7

SHA512
ec70c8bd60eb53c1b0ef6f13079f2749bc52db2227a9422e602e930b4af0ccd146c53928369abd1017ad3d9e2d335c0af3bbe9208a2e32da8be6d7ce7a09d287

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
79KB

MD5
788c0534201c69240e1e5aa4777d81ac

SHA1
f57f9998acaad1e955b77961cf610b80d77473d7

SHA256
4219f9c7b7aaa7151648ddf38175df6f1004ed975abc4d9335c42093ed2e8642

SHA512
2dae4acaf4279761fbe983a4a8cd769f3596166fb5f4af337d4eac5a1944a21c095bcbece8b9d8baf431207d3fe6bd640210237c71b8a24caf82003289ddf434

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
156KB

MD5
87cea0980fd2a621836ca9cf67f7d523

SHA1
f6e9086fde276c3f024a33b0decd8903e57e329f

SHA256
ca238912991ed7406f2a5f50a5402743fe5b44a84e5a0883a3090bc9d44b1017

SHA512
9d2d73483f98534d35fc605247145ecd9dbb8ee47ca69b5c08abff756ae36a814f3045d83f9b5c1ec4306f3eaca3b1c0661cf55ff3ce9fa9075f996c58664130

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4316_736634307\dd0b7e04-3fe1-4ff0-8652-e658491de8da.tmp

Filesize
152KB

MD5
dd9bf8448d3ddcfd067967f01e8bf6d7

SHA1
d7829475b2bd6a3baa8fabfaf39af57c6439b35e

SHA256
fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

SHA512
65347df34378c2bbb34417e2cccfb3251a0b2412422cc190eed9df525b6e0a9948e0295ea3c33b3ad873ce81e369e89a138ac41d6eb7229546c3269107e661de

Download Submit
memory/3532-46-0x0000026B2A660000-0x0000026B2A661000-memory.dmp

Filesize
4KB

Download
memory/3532-26-0x0000026B2A660000-0x0000026B2A661000-memory.dmp

Filesize
4KB

Download
memory/3532-565-0x0000026B2A660000-0x0000026B2A661000-memory.dmp

Filesize
4KB

Download
memory/3532-129-0x0000026B2A660000-0x0000026B2A661000-memory.dmp

Filesize
4KB

Download
memory/3532-117-0x0000026B2A660000-0x0000026B2A661000-memory.dmp

Filesize
4KB

Download
memory/3532-80-0x0000026B2A660000-0x0000026B2A661000-memory.dmp

Filesize
4KB

Download
memory/3532-579-0x0000026B2A680000-0x0000026B2A8F0000-memory.dmp

Filesize
2.4MB

Download
memory/3532-578-0x0000026B2A660000-0x0000026B2A661000-memory.dmp

Filesize
4KB

Download
memory/3532-137-0x0000026B2A660000-0x0000026B2A661000-memory.dmp

Filesize
4KB

Download
memory/3532-16-0x0000026B2A680000-0x0000026B2A8F0000-memory.dmp

Filesize
2.4MB

Download
memory/3532-150-0x0000026B2A660000-0x0000026B2A661000-memory.dmp

Filesize
4KB

Download
memory/5088-2-0x0000024CA1CA0000-0x0000024CA1F10000-memory.dmp

Filesize
2.4MB

Download
memory/5088-13-0x0000024CA1CA0000-0x0000024CA1F10000-memory.dmp

Filesize
2.4MB

Download
memory/5088-12-0x0000024CA0430000-0x0000024CA0431000-memory.dmp

Filesize
4KB

Download