hxxps://steamcard[.]cfd/8530194683

Analysis

max time kernel
299s
max time network
298s
platform
windows10-ltsc_2021_x64
resource
win10ltsc2021-20250314-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20250314-enlocale:en-usos:windows10-ltsc_2021-x64system
submitted
31/03/2025, 21:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://steamcard.cfd/8530194683

Score

5^/10

steam discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand STEAM. 1 IoCs

phishing steam

flow	pid	Process
20	3528	chrome.exe

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133879299086393192"	chrome.exe

Modifies registry class 4 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1498259476-758239146-3116387113-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428\Children	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-1498259476-758239146-3116387113-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1498259476-758239146-3116387113-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428\DisplayName = "Chrome Sandbox"	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1498259476-758239146-3116387113-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428\Moniker = "cr.sb.odm3E4D1A088C1F6D498C84F3C86DE73CE49F82A104"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
7596	chrome.exe
7596	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe

Suspicious use of FindShellTrayWindow 35 IoCs

pid	Process
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1048 wrote to memory of 6060	1048	chrome.exe	83
PID 1048 wrote to memory of 6060	1048	chrome.exe	83
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 1688	1048	chrome.exe	84
PID 1048 wrote to memory of 3528	1048	chrome.exe	85
PID 1048 wrote to memory of 3528	1048	chrome.exe	85
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86
PID 1048 wrote to memory of 4420	1048	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://steamcard.cfd/8530194683
1⤵
- Drops file in Windows directory
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0x21c,0x220,0x224,0x1f8,0x228,0x7ff9e09bdcf8,0x7ff9e09bdd04,0x7ff9e09bdd10
  2⤵
  PID:6060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=2036,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=2032 /prefetch:2
  2⤵
  PID:1688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=1592,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=2256 /prefetch:3
  2⤵
  - Detected potential entity reuse from brand STEAM.
  PID:3528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2372,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=2384 /prefetch:8
  2⤵
  PID:4420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3136,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3180 /prefetch:1
  2⤵
  PID:5212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3144,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3204 /prefetch:1
  2⤵
  PID:1856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4384,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4428 /prefetch:2
  2⤵
  PID:5436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4688,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4704 /prefetch:1
  2⤵
  PID:4384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5228,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5240 /prefetch:8
  2⤵
  PID:2136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=3904,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5532 /prefetch:8
  2⤵
  PID:5368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=3920,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5464 /prefetch:8
  2⤵
  PID:2520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5500,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5332 /prefetch:8
  2⤵
  PID:5104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5484,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5460 /prefetch:1
  2⤵
  PID:6100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5748,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5720 /prefetch:1
  2⤵
  PID:6096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5908,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5888 /prefetch:1
  2⤵
  PID:4032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5564,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5660 /prefetch:1
  2⤵
  PID:4716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4796,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4768 /prefetch:1
  2⤵
  PID:5096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4584,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4804 /prefetch:1
  2⤵
  PID:2064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=6200,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6188 /prefetch:1
  2⤵
  PID:5808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=4772,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6068 /prefetch:1
  2⤵
  PID:5352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6388,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6360 /prefetch:1
  2⤵
  PID:5884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5760,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5768 /prefetch:1
  2⤵
  PID:4020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=4708,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5712 /prefetch:1
  2⤵
  PID:3796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=3328,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6092 /prefetch:1
  2⤵
  PID:4352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5668,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4828 /prefetch:1
  2⤵
  PID:788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=6192,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5744 /prefetch:1
  2⤵
  PID:2956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=4716,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6560 /prefetch:1
  2⤵
  PID:5912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6584,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6700 /prefetch:1
  2⤵
  PID:3532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6804,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6820 /prefetch:1
  2⤵
  PID:3580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=6828,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6980 /prefetch:1
  2⤵
  PID:3444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=7108,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=7132 /prefetch:1
  2⤵
  PID:3044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=7264,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=7288 /prefetch:1
  2⤵
  PID:3148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=7416,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=7444 /prefetch:1
  2⤵
  PID:464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=7576,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=7588 /prefetch:1
  2⤵
  PID:4192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=7708,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=7732 /prefetch:1
  2⤵
  PID:1168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=7908,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=7880 /prefetch:1
  2⤵
  PID:4824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=8036,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=8060 /prefetch:1
  2⤵
  PID:3336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=8256,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=8280 /prefetch:1
  2⤵
  PID:3756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=7112,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6680 /prefetch:1
  2⤵
  PID:1132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=8584,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=8624 /prefetch:1
  2⤵
  PID:1444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=6492,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=8648 /prefetch:1
  2⤵
  PID:2960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=8840,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=8860 /prefetch:1
  2⤵
  PID:4696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=7256,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=8464 /prefetch:1
  2⤵
  PID:5948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=9024,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=9156 /prefetch:1
  2⤵
  PID:3080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=9176,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=9316 /prefetch:1
  2⤵
  PID:5704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=9452,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=9468 /prefetch:1
  2⤵
  PID:448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=9604,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=9600 /prefetch:8
  2⤵
  PID:444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=9772,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=9688 /prefetch:1
  2⤵
  PID:2992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=10048,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=10020 /prefetch:1
  2⤵
  PID:2316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=10188,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=10200 /prefetch:1
  2⤵
  PID:3248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=10352,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=10376 /prefetch:1
  2⤵
  PID:1336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=10468,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=10476 /prefetch:1
  2⤵
  PID:5040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=10656,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=10004 /prefetch:1
  2⤵
  PID:5216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=10852,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=10876 /prefetch:1
  2⤵
  PID:4700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=10904,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=11064 /prefetch:1
  2⤵
  PID:5792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=11220,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=10828 /prefetch:1
  2⤵
  PID:4740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=5600,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=11036 /prefetch:1
  2⤵
  PID:1792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=11420,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=11400 /prefetch:1
  2⤵
  PID:5484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=11392,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=11432 /prefetch:1
  2⤵
  PID:5724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=11452,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=11552 /prefetch:1
  2⤵
  PID:5788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=11536,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=11584 /prefetch:1
  2⤵
  PID:6040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=11704,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=11724 /prefetch:1
  2⤵
  PID:5552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=11852,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=11884 /prefetch:1
  2⤵
  PID:3384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=12008,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=12060 /prefetch:1
  2⤵
  PID:6148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=12176,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=12208 /prefetch:1
  2⤵
  PID:6192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=11728,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=12580 /prefetch:1
  2⤵
  PID:6200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=12756,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=12772 /prefetch:1
  2⤵
  PID:6208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=12908,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=12924 /prefetch:1
  2⤵
  PID:6216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=13052,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=13076 /prefetch:1
  2⤵
  PID:6224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=13212,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=13228 /prefetch:1
  2⤵
  PID:6232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=13348,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=13384 /prefetch:1
  2⤵
  PID:6240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=13528,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=13424 /prefetch:1
  2⤵
  PID:6252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=12624,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=12192 /prefetch:1
  2⤵
  PID:7100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=11516,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=11504 /prefetch:1
  2⤵
  PID:7224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=13868,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=13884 /prefetch:1
  2⤵
  PID:7232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=13848,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=14060 /prefetch:1
  2⤵
  PID:7416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --field-trial-handle=14164,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=14180 /prefetch:1
  2⤵
  PID:7424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --field-trial-handle=14356,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=14212 /prefetch:1
  2⤵
  PID:7528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --field-trial-handle=14384,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=14504 /prefetch:1
  2⤵
  PID:7536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --field-trial-handle=4752,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6452 /prefetch:1
  2⤵
  PID:7648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --field-trial-handle=14020,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=13864 /prefetch:1
  2⤵
  PID:7656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --field-trial-handle=14708,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=14824 /prefetch:1
  2⤵
  PID:7748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=5972,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=8496 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:7596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=on_device_model.mojom.OnDeviceModelService --lang=en-US --service-sandbox-type=on_device_model_execution --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=1248,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3160 /prefetch:8
  2⤵
  PID:5764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --field-trial-handle=13724,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=14308 /prefetch:1
  2⤵
  PID:1792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --field-trial-handle=12424,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=8552 /prefetch:1
  2⤵
  PID:8076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --field-trial-handle=10160,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=7712 /prefetch:1
  2⤵
  PID:7360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --field-trial-handle=7624,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5620 /prefetch:1
  2⤵
  PID:4596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --field-trial-handle=8468,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=12456 /prefetch:1
  2⤵
  PID:4756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --field-trial-handle=8544,i,12871208400714160554,4006102429112434660,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=7680 /prefetch:1
  2⤵
  PID:7828

C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
1⤵
PID:5780

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:5624

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x338 0x33c
1⤵
PID:3524

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
1a711b7105bf4e15e5a2bde9f5bcd202

SHA1
653d6753e700061a3b9907b10c007e98f20644d4

SHA256
c183e3cacbeb1f37fb9e276f70a986481433cf21b56dec4c07f734140f9466a8

SHA512
190c3077af681255eb49a3d5613810369809c11ce40e1526d8374b7022bcd0821c3726f3f9cde3932bad73536edafcdf73bfbca3db322f8369782882a9a5e26a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000098

Filesize
101KB

MD5
5afc26b6caf8cb38c15d4a5592bb5534

SHA1
4a4cec054dbc98ce92f913b6397ae16db9afdac9

SHA256
c88a975d1bb926e59f2382250fc555ddc9335014094bb3831017fbdc396d6f8f

SHA512
3f37fa689ae83b778e086089d9f78fed9e75b13f29af7d256ab9413ad1069bc82ccd3b900709eb7410dd4286b13daa8fe3ddc9aa6b19d116902b05ffc2f6f46a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000099

Filesize
39KB

MD5
9a01b69183a9604ab3a439e388b30501

SHA1
8ed1d59003d0dbe6360481017b44665153665fbe

SHA256
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

SHA512
0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b9

Filesize
599KB

MD5
4b2c99c6d3b9368968e882a04e849a10

SHA1
d6cb3846452af01b0df1e77d305a134eea20fe83

SHA256
1b0348acbbab88317cc5b81f2bb23d9321957f1ef710cc0559c1f435304c354c

SHA512
bb18efcc82acb80219e1ea9a09ca84da232597774d25ec840c5bd413a58bb6f78d299ab903ce8f11a6c3f3ae6d1c6a7f684f0e8c60e87d7e19ba50c329f60bff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d5

Filesize
93KB

MD5
ff06127c6885fbc041e753fad9f2c1ac

SHA1
ff33b7d6404468a8f15dafddb959384f78273564

SHA256
36a39f2a0f5c113f840dab715bce4b9b06f32ed98f2a373f21d5e009774cf2d4

SHA512
734e37e50f0cc6c95001b20d2a6f755fded28f1dae441db49e2717433a5ea17074a35c9a16dfbb5e30dc9fc90dbdfeea7d93e8d697fd88391f710601a0c152c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000dd

Filesize
56KB

MD5
6bd2ba5c6781d762648b47b082158eae

SHA1
488d98405dba6b5fbe55be37ae0d5d820b818f89

SHA256
b17e40d1fef078044898df1b0cc907844bbcb56b0862957b207394c6f7b3a6e3

SHA512
817cc100d77a3e355920010750931a672cdaa9229a2a7c6932580cdabcee97adf0c32b36a8585ee06fb8239e78ad7aeb9ec85b683defbbb8519bb5537dee81b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e1

Filesize
115KB

MD5
ce6bda6643b662a41b9fb570bdf72f83

SHA1
87bcf1d2820b476aaeaea91dc7f6dbedd73c1cb8

SHA256
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6

SHA512
8023da9f9619d34d4e5f7c819a96356485f73fddcb8adb452f3ceefa8c969c16ca78a8c8d02d8e7a213eb9c5bbe5c50745ba7602e0ee2fe36d2742fb3e979c86

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e3

Filesize
119KB

MD5
57613e143ff3dae10f282e84a066de28

SHA1
88756cc8c6db645b5f20aa17b14feefb4411c25f

SHA256
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

SHA512
94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e4

Filesize
121KB

MD5
2d64caa5ecbf5e42cbb766ca4d85e90e

SHA1
147420abceb4a7fd7e486dddcfe68cda7ebb3a18

SHA256
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

SHA512
c96556ec57dac504919e806c7df536c4f86892b8525739289b2f2dbbf475de883a4824069dbdd4bb1770dd484f321563a00892e6c79d48818a4b95406bf1af96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
08434cdb34e30f9e5a79ef44cc1eb7b5

SHA1
54f79e8fe85504185c00d22e6e959f5c5f4c8c86

SHA256
4fa97d2cf2dddbfb6cffb4719fc8169f83200348b1b8087049dba8db272815b9

SHA512
66ff4224730c954144a2e9cdf79102e286fc3437894207b4678a7b823033f699c7403a24fdf5db8dfabdb118e5665d90869854d1cce1bad80f01ade89a260fc6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
576B

MD5
a6c171528113f6d82b157c8ec1b5e87b

SHA1
f81fdcdb8599498b9f08001f272b6e059de60766

SHA256
3bf2bd312be7292f6c68ea884c7badfc6f679a54c3498be9ec4bb62e7f41b4d8

SHA512
9dfd113bf040802bf6be53bcf742211dc7498d1c22ca283261e68863b0756b35f8bb0c3e5c47f4df0eff1bbbe532ad6b314400a7d48ee50076963e7e1f0b2bef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
7ba3ce6e32859440d6f81c52dd9ccc0e

SHA1
bbc9c1e0c64814ec2dc3e4241c04d00311b99dc6

SHA256
62f26ef0aec0a4bfe76443eac7ac9d8d0c24995f5ddbf8fcccc47442a87ae59d

SHA512
96561db9bca82f226c6e937a4e7d86b15c1977a4ab3a9b8b68e0598ee113c15082cb1a117022c3d65c09843d03dd3483717c90f006d6a4d13a8cf440da1ddcff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
52KB

MD5
6bf43d776d6433ac9472cede38db90ad

SHA1
f3ffa490fb4dfb61e89421aaa2dfac0ccdb9cb5f

SHA256
722abbf0caf31b79bb6ae21d274f5381285a1d5d2adbc7b813c5eb7e10eefafa

SHA512
f0bf3702fddc16b66ad04c68a07afe168630e1d6b814c75f2f2741579ea873fbfe9699358f5af845e6bd89814e66073e1b674f1a27c53ebb919be8cd36064ba7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
c86cf99c441ced73256911b959132469

SHA1
b2e688e92dec7ab4ccaf51578941cbea6be5faa4

SHA256
7f1c33923e8703f14001df46c66c0fdeed2ccdcb6999b1d02365525718c5531c

SHA512
380e0ceff61c4ee1675e64f7dc5078a09599b3b5508517a14e423bf01f31affaef24e3f8e196de1a1a95073528598d4ad37eafc0e0c01d47ad7211597339f762

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
60KB

MD5
70c6df339e63c27bc528ea2a4fa64d13

SHA1
f4c5e886881164b0e3cc230f2f73207697e6123c

SHA256
f606f13fc5a843bb219388547ef528b0f5bb7be6f0dcb255f1b008d709223404

SHA512
01c0c2de5d4001675476b5b9fb3e63fd63ea30f9232dbc23706fe388abaab4c26c3b38cfc7cb6cc22acadf92fb8e2b23d54e4a9dbdefd7d0398a5b2fc443de23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
9f6588d9b176395c2e1077a2d0f8a56f

SHA1
0540fe31cad4e392452fa153a6a5d2b52896bc41

SHA256
7fb5b2564c4a885582d95f9f17e8004d4f3414ab797acf3a6fc4408d752367df

SHA512
78f4a628e51d9aa4502cdcd9c53012c31274a258ba0a11b5a3be651ed1e9b3e142b820ed18ced203a8f62a70bc036bddcf6f90c8b61ea52b71285f705816dba6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
57f8b84e46a170e8483c610c05487b28

SHA1
d5be429a5cb930e830a690efeb5be0f0a05f873d

SHA256
ac0bd218c2c09cb1494c185727370e67ff9fba183a15c7ad2cfa0200905a6b1d

SHA512
b371a00c667dba17e36b75ba0b7c962d7b2b1a8bcdd15dbaaf28229766b127eae4a3576e95a4b7925bdcf7cac3cbe51fb173df524e5251d627e469c469139e1a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
828f57e038b0390a389cdcbd850d67f5

SHA1
51aac8da9a47fa2cf7de512945d6b5a7aa5817da

SHA256
b87a7658d9ddfb52fdcde2ed11b3467578fccaa0b05ddf96c5fb994c17d2fdb0

SHA512
0bac36e1ea90a7280c14f9754b9366d5005bc40f0a6965bdee935a9d469958344234cd73b5253bd3450fc94d4d19556bc11555280b8bc21a021c4c4d0b005e88

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
b5fb7186598a6a6c0bcb15087e7da76c

SHA1
e1e9bf8bfa66bb41364b8720ed97ca8111871819

SHA256
ecab4cddde4cde510ba0823ed08f2676dd1be05be8246c0c12d686b20c54223a

SHA512
d8f1e86382621a3ade319394760d75d8fd377e56255c93e48539aeec283bcc4764f0998557b058d88c4ed532a8ef4cea0bd861c07d022669ef5cac0a3c585c82

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
889889fb7f7d9d2afa06ab8d477c895e

SHA1
35972f25196937c3400d695c0c11ac2a9ca4f356

SHA256
0ec1397b68947aea74c699e53374ef4162751982ace1ee9ad399805b069c6309

SHA512
3f9eb91d825234fa5356d5f3b350534c69796627f189b7edd798aa92d2728d2a9bf36cc335d79cbef78e576e3e0cf9288eb50ca5057a8ccca5d3c93aac2f5992

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
672b0938801b4433f278d6f1edd22fce

SHA1
7f3dbe7e1d1b527a1967bd71d9d4dd7d3bffb629

SHA256
0fceb01b8bdb76e024720ce8c3e361dafbd60f4cc50a0352fbe892652b376402

SHA512
f27cf1bd38673be8c553f30f32def25692f4e7f528ac4e2be7737b7a95941cd3f7d16def7ba5656ff2288ac92ff950b7e737f9161d0c42d364872a6aa8e11a65

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
cd68bfcec2f298f7382b5df731d57006

SHA1
7fbd11c063ad2f10453e28c36cc34ed608fb2140

SHA256
83731e1adb0850fac0f9c32cf99b41669e27e936b7d943d39070a387d91e4d3a

SHA512
44dc8267f1e8b3268ebbac8be43920087e41f4eee8888a224d484447ff2e5baf7cda3087f7eb82eca192bc8c662e93612639ecd26034d2f4d2dfe59dfa0f326e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
1be54934256a471dd35907506e8752be

SHA1
f7028dbebeb11b3d698279789e1dba6a1c571aeb

SHA256
4374e627b1583f34814876da44910ce8701012d6590c796f71d47b1c2aa2317d

SHA512
c7e5f5afa7cad782421393d2ef0e632d9d50cb3c2a046c3129b981641e48857076510696fe0cdddec21ab3918642cc57c091c9573179c27a5fc167fe0108d345

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
f7d1473c0b0e238c02f4db2636864fde

SHA1
f0352fe04cade11cb30448884c8a39370edad671

SHA256
58c6bca289cb57d9372c3bdaad5b6aa9fca1a05c7c96c19c1e3e8e4d38dd2b77

SHA512
5e3e83d73ce13edf25efee521e193813cafe11c32d2407f7b2aaded94426729ad0c7feb2ee51f43aa9649ba5a596a957bd281e395a077e9c01be84e5e843c5ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
78e3e3fffea707ce067ab4c99b9098fb

SHA1
d9759ebd8463655f8c2a1cac266bf0f9e9657133

SHA256
b60aa3c5cc614812a497f11b6f198f69b4201f515312458fac2ef2b0e9439af7

SHA512
18de4290ab42e76a5181cd7349b4a5f494205922b8991d3a44609ed30a20cf06814fb068262cec91604e2560d3eb998530125b7730dad40dee2e832ecfaaf0df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
e010a6608cdd1344fa2ddd8441e9798a

SHA1
bbc69f47963a3c5815e3eb6482403efb5c3bdb62

SHA256
458c951af26be7c2f69df8f62740bccc979d04a93cd9cab44dbffe2fb2cbe031

SHA512
f78c9b4fb833682504604c1a5a7a6d5d9c5be80983533a7a8bc6e6a4799bd3238526e29518fe7fdf3f96f2156c66cd7a95269fc58720b19a6ba2969586285d8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
76a746fc91cd677fa75543d092ae6a98

SHA1
dc66224df9768f1fc7661dc780103d6cf20b2bc4

SHA256
fe9aa62dce3c1fb7a64586e6dc99f4c233c0bab781d529bdc80231b6fa64d100

SHA512
b686fee0c79330de35ff548d4c6eca4d9d1ada243c238dda38428842748e24e1efca9c39a6d162a05a7f6e2460b9aebff769445614cf5d8d2c9c22733d6bb960

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
ac9442d5381f8b24831520f71d3cc12a

SHA1
a8b514fb7e318904ffd2d87c4b0ded5cca0b11a9

SHA256
b2860c1c3324785b02871e63ffe1d19eb7b1f6fa8aaf40c8b3f730cb77c488ea

SHA512
dc5afcadaac076c5f7c058088ce9fa7f8f45cecb51d8da6d5926cce3469a97ee7f8b20738435ae9bc37e8e3243eaf11b395738368b353748e2fe5e2168fba510

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
681ef6fdfaeb4842c4239eefdba4d82f

SHA1
9533803b427cf05a22b483144b38b2d4a0f293e5

SHA256
aa1e69065dfdb8212ee6dd7df9ca4e1ad30b2cf629baac5af00abdf6d009bdba

SHA512
8125756dcf50ad5cb4ed2fa4e0a3546fe52c36b13f989ff20fe5a8ffc0ed442699be75a4d96e3c5dfd32cde1bc08b8f9a3ce88b077eaeb11bca1d27c53d4d5ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
d5eae658cdd5ec5501a681f62311382e

SHA1
f566ae1869190f8e9b141e0ca1189c20bb1268c0

SHA256
76eee302424f61135bd9fc65665cfc90e66fff3a6a2f2922c615f167797e0633

SHA512
d34404f8383fb0e7b3dd72cb49e8bc4c7ee078b9f12ea27f158b08c18e56207562d07305844cf8556a9b395615ce98334f1f85bad5d032d0f319688df755a806

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57a46e.TMP

Filesize
48B

MD5
7ee19033774321a5742c84d79bd4477e

SHA1
36c44ac7f49181a6a810ce046c3ec39d58b27c49

SHA256
c35527a72877f5397fcaefe7fd29714f6c2fb6e72905bbe850304ffedf4b425b

SHA512
7bda85064a2adfa3fa3930f6354c25edff90ab0c85c953ef17d5ae634f3c49b38a40b51492b4eca4b2352ab820215c2527c7e8c73136114be5579a74ba7cc5f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\7d652d9daa7cea25_0

Filesize
64KB

MD5
cb9622cc57c712922a0255acae8e4b3e

SHA1
c1805afe8a630ee09eb800321c9a15cd15ff9865

SHA256
e6625f2310e4fe255ceff302cfba4a940d0bacac7439cb19b4c22511bcf78b61

SHA512
e81cd809d31b533fe60ebb1af7f3800814ac6455c67eb09c06ea90240d8fc3b2e87cbc54899d93e890aaecb48b018194a71429e2be0726508f279f8dc509cd7c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\index-dir\the-real-index

Filesize
72B

MD5
c89833ef8a46e999d002acc22e240a26

SHA1
388e532970e043a9e097a8a6b919c56e86e4f647

SHA256
1425723aec6b96f5036667b02cca7e62b17a229e89ffb074bfe1a3b55f901619

SHA512
4d1856c36fd7bbe6aa4e2f299c9752b54ce40d2eb75ad3976b1f79e5420e2d877e0d93d15fe45b41858bf0510247c5ad5830f23effe7f5f5c262883360a7c766

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
81KB

MD5
868c8095ee0176af7991670c7affbb0b

SHA1
52406de0bab41ad4955059e28f57815d671a32a3

SHA256
b32d060b2c2dba2b6b41cf3a7d51f64e918326a5356a2d6f631775fc5e1543b7

SHA512
e18e4d9a1df2339f5a3cee5905bcacabaf74ade799d2fba95e57c7b25ba5f7e7cc0edeba9ce6fe8ccbc33441f4f1ca61bc18980a58d7bf5648c73d635b5123e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
82KB

MD5
e7bbf6c03f34b59dcaaeca645b6c47c3

SHA1
ac1fd12063ece5f0028c23731819b1e87c1d0991

SHA256
03d5637ef9865ce6187f482cc659b98d1ca7e67a3ef341f747a4098a03ee4afb

SHA512
ca350a18967d009c6452eb4c66e2e5f6d39c24f45481ee46adf990b7dde3dc1bea37588533b8f426ae4d8c4c32ce97856985ce71905c94982655df3f281fe4ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
81KB

MD5
ba37f96121735525829b0d1c011be7a5

SHA1
98d2a631699187b6f22f09df1f8a0096f60899f9

SHA256
b7e2ae208f022de0f3844d250dbd1ee1d023cdead7c5f0d1a19ad57e61ff07b5

SHA512
8059ef454c2c681f2243f340093e213980471ed523b563fc4d8426d87280ccb042bc4a456a8f72d0b56b569cf868841cba016177d4fbfc62b3d0096444048a86

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
81KB

MD5
c33019eea102a82f6b437b3cb2a092f0

SHA1
638e86fff90fc11fdd8f3483a0badc9893d613db

SHA256
2b65ea421b72eb246fa1dbb116ea4e515448826a600f6e71334aabf6f2b1e351

SHA512
ef7161f5033f90386e738585ffcff2fbc01b86595ce76cbb020753e39a797451024146a6cc0e2837e553f1cad56ed170b1892a68172d0c0ab82492248a628211

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
81KB

MD5
d4c6948e7f2b2bf0c1286d7a172ba194

SHA1
2e8630b8f908fa9d13fb27416be1aa6328585789

SHA256
0cd821c59cd8477562bbb96181f2124f1fe17672b7eb5a3266d71a09bd81d2ac

SHA512
1edbec814fbcab1e2ee2ee979dfcf4727b5b486881d91162f5cac360f31890a6f5ea5797f4f43f195378744177079ce45af52d1052bff9976900bb47919b2158

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
80KB

MD5
0bec2c5e983f3b8c85be9b2ad128dd7f

SHA1
8026216344dc688b512f4b04e016a5f67b48e670

SHA256
e213ee4f1f23610186e56daa5726ec523e5fa6941e3f069a9c0f01988f20143f

SHA512
b320693aa93c7cfc798e237b887321fa64c3826726cde82bcee69c9fe97df9f05310eb8875ea27b82dd9fd59c10902092c1981f3842b810c7526400f8feee32d

Download Submit