c948519b798f5ad6f23832203905c47460839eecac4049b2626ae8a0886a8b7a

Analysis

max time kernel
899s
max time network
900s
platform
windows10-2004_x64
resource
win10v2004-20250313-en
resource tags

arch:x64arch:x86image:win10v2004-20250313-enlocale:en-usos:windows10-2004-x64system
submitted
02/04/2025, 00:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

dreamypixel.jpg
Size

1.3MB
MD5

c577ddde61b2765d32e9025987a97adc
SHA1

c5f7ae9797ff4b719ed9f594163dab44717219b2
SHA256

c948519b798f5ad6f23832203905c47460839eecac4049b2626ae8a0886a8b7a
SHA512

25c041bdab1a65481007370e26fbdfbfe556a38fa7f44d03bbeea0bfd3d3a3b7665b8b55067c93e8b24abdcd0c1d8bfc675999c26d946c5c3cf56dd2f2db31aa
SSDEEP

24576:YpDVxC8RWHVSkUltRyImf5v8HSh8fx9vCohMKeeI0dV0cv6Go8+Ho:spEh+Rpq5ASC9vTWez9v6Y+Ho

Score

5^/10

steam discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand STEAM. 2 IoCs

phishing steam

flow	pid	Process
176	5216	chrome.exe
229	5216	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133880284227300812"	chrome.exe

Modifies registry class 4 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1279544337-3716153908-718418795-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1279544337-3716153908-718418795-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428\DisplayName = "Chrome Sandbox"	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1279544337-3716153908-718418795-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428\Moniker = "cr.sb.odm3E4D1A088C1F6D498C84F3C86DE73CE49F82A104"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-1279544337-3716153908-718418795-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428\Children	chrome.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
5676	mspaint.exe
5676	mspaint.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
4316	chrome.exe
4316	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe
Token: SeShutdownPrivilege	5856	chrome.exe
Token: SeCreatePagefilePrivilege	5856	chrome.exe

Suspicious use of FindShellTrayWindow 56 IoCs

pid	Process
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe

Suspicious use of SendNotifyMessage 50 IoCs

pid	Process
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe
5856	chrome.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
5676	mspaint.exe
5676	mspaint.exe
5676	mspaint.exe
5676	mspaint.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5856 wrote to memory of 6064	5856	chrome.exe	95
PID 5856 wrote to memory of 6064	5856	chrome.exe	95
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5600	5856	chrome.exe	96
PID 5856 wrote to memory of 5216	5856	chrome.exe	97
PID 5856 wrote to memory of 5216	5856	chrome.exe	97
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1548	5856	chrome.exe	101
PID 5856 wrote to memory of 1548	5856	chrome.exe	101
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100
PID 5856 wrote to memory of 1820	5856	chrome.exe	100

C:\Windows\system32\mspaint.exe
"C:\Windows\system32\mspaint.exe" "C:\Users\Admin\AppData\Local\Temp\dreamypixel.jpg"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:5676

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
1⤵
PID:4208

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff9f118dcf8,0x7ff9f118dd04,0x7ff9f118dd10
  2⤵
  PID:6064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1984,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=1980 /prefetch:2
  2⤵
  PID:5600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=1560,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=2280 /prefetch:3
  2⤵
  - Detected potential entity reuse from brand STEAM.
  PID:5216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2384,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=2544 /prefetch:8
  2⤵
  PID:2804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3016,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=3056 /prefetch:1
  2⤵
  PID:1820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3008,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=3040 /prefetch:1
  2⤵
  PID:1548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4272,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=4288 /prefetch:2
  2⤵
  PID:4000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4680,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=4708 /prefetch:1
  2⤵
  PID:1540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5388,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5396 /prefetch:8
  2⤵
  PID:920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5480,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5492 /prefetch:8
  2⤵
  PID:2836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5704,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5428 /prefetch:8
  2⤵
  PID:5116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5504,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5700 /prefetch:8
  2⤵
  PID:5420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5396,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5608 /prefetch:8
  2⤵
  PID:4408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5424,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5776 /prefetch:8
  2⤵
  PID:4816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5432,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5832 /prefetch:1
  2⤵
  PID:4104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5564,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5536 /prefetch:1
  2⤵
  PID:4028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5312,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5700 /prefetch:1
  2⤵
  PID:2988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=208,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=6176 /prefetch:8
  2⤵
  PID:1124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5952,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5600 /prefetch:8
  2⤵
  PID:3432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5412,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=6152 /prefetch:8
  2⤵
  PID:2060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=4264,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5552 /prefetch:2
  2⤵
  PID:5328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5572,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=6300 /prefetch:1
  2⤵
  PID:5792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6428,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=6420 /prefetch:1
  2⤵
  PID:3744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5536,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5320 /prefetch:1
  2⤵
  PID:5256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --disable-databases --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6384,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=6352 /prefetch:1
  2⤵
  PID:4988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1080,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5420 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=on_device_model.mojom.OnDeviceModelService --lang=en-US --service-sandbox-type=on_device_model_execution --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=4604,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=6788 /prefetch:8
  2⤵
  PID:2508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6840,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=6260 /prefetch:1
  2⤵
  PID:900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6388,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=6440 /prefetch:1
  2⤵
  PID:760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=3352,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=6312 /prefetch:1
  2⤵
  PID:2200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=7124,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=7116 /prefetch:8
  2⤵
  PID:3232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=4708,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=4844 /prefetch:1
  2⤵
  PID:5440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=4828,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=6944 /prefetch:1
  2⤵
  PID:5532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=6960,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=4720 /prefetch:1
  2⤵
  PID:4016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=4732,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=4800 /prefetch:1
  2⤵
  PID:1100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=3204,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=3356 /prefetch:1
  2⤵
  PID:4468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=3212,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=6200 /prefetch:1
  2⤵
  PID:1844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=4820,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=4704 /prefetch:1
  2⤵
  PID:3048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=6944,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=6916 /prefetch:1
  2⤵
  PID:3168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=3172,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=4764 /prefetch:1
  2⤵
  PID:5052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=7148,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=1232 /prefetch:1
  2⤵
  PID:2856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=3224,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=4712 /prefetch:1
  2⤵
  PID:3696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=6696,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=6684 /prefetch:1
  2⤵
  PID:4916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=7252,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=7212 /prefetch:1
  2⤵
  PID:2304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=4672,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=7360 /prefetch:1
  2⤵
  PID:6008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=7548,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=7572 /prefetch:1
  2⤵
  PID:6040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=3192,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=4744 /prefetch:1
  2⤵
  PID:2592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=7680,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:5496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=7668,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=7740 /prefetch:1
  2⤵
  PID:4900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=7868,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=7880 /prefetch:1
  2⤵
  PID:3760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=8096,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=8072 /prefetch:1
  2⤵
  PID:2432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=8100,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=8232 /prefetch:1
  2⤵
  PID:5556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=8348,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=8404 /prefetch:1
  2⤵
  PID:3448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=8384,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=8552 /prefetch:1
  2⤵
  PID:3288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=8668,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=8684 /prefetch:1
  2⤵
  PID:4624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=8716,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=8732 /prefetch:1
  2⤵
  PID:3864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=8864,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=8888 /prefetch:1
  2⤵
  PID:2680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=9016,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=9032 /prefetch:1
  2⤵
  PID:3360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=9180,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=9192 /prefetch:1
  2⤵
  PID:2860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=9332,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=9348 /prefetch:1
  2⤵
  PID:2232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=9476,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=9500 /prefetch:1
  2⤵
  PID:520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=9520,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=9540 /prefetch:1
  2⤵
  PID:3336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=9892,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=9912 /prefetch:1
  2⤵
  PID:1852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=10188,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=10216 /prefetch:1
  2⤵
  PID:4732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=10352,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=10372 /prefetch:1
  2⤵
  PID:1064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=9184,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=10556 /prefetch:1
  2⤵
  PID:5092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=10124,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=10736 /prefetch:1
  2⤵
  PID:4688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=10700,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=9072 /prefetch:1
  2⤵
  PID:6028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=10864,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=9524 /prefetch:1
  2⤵
  PID:4528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=10064,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=10972 /prefetch:1
  2⤵
  PID:1832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=11144,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=11172 /prefetch:1
  2⤵
  PID:5864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=11128,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=11136 /prefetch:1
  2⤵
  PID:5536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=11432,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=11476 /prefetch:1
  2⤵
  PID:2800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=11460,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=11676 /prefetch:1
  2⤵
  PID:1592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=11748,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=11788 /prefetch:1
  2⤵
  PID:4936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=11916,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=11924 /prefetch:1
  2⤵
  PID:5188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --field-trial-handle=11484,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=12124 /prefetch:1
  2⤵
  PID:1936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --field-trial-handle=12220,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=12248 /prefetch:1
  2⤵
  PID:1332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --field-trial-handle=12240,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=12384 /prefetch:1
  2⤵
  PID:2616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --field-trial-handle=7848,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=12224 /prefetch:1
  2⤵
  PID:6288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --field-trial-handle=7988,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=7952 /prefetch:1
  2⤵
  PID:6344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --field-trial-handle=6980,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=11204 /prefetch:1
  2⤵
  PID:6492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --field-trial-handle=11232,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=11280 /prefetch:1
  2⤵
  PID:6496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --field-trial-handle=9936,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=8080 /prefetch:1
  2⤵
  PID:2368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --field-trial-handle=4816,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=12452 /prefetch:1
  2⤵
  PID:6932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --field-trial-handle=7992,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=8852 /prefetch:1
  2⤵
  PID:6968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --field-trial-handle=7368,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=8412 /prefetch:1
  2⤵
  PID:6992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --field-trial-handle=10904,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=12572 /prefetch:1
  2⤵
  PID:7044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --field-trial-handle=10748,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=8440 /prefetch:1
  2⤵
  PID:3124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --field-trial-handle=7472,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=8940 /prefetch:1
  2⤵
  PID:5420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --field-trial-handle=8956,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=12508 /prefetch:1
  2⤵
  PID:4376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --field-trial-handle=12476,i,715259611466445841,4965324739710066492,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=4728 /prefetch:1
  2⤵
  PID:6036

C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
1⤵
PID:3696

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3984

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x500 0x464
1⤵
PID:1672

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
320e3b4a49bf8c173fcf94e238deb883

SHA1
95a69a484c7c40cd229bd46c1dc37ffbb9c9200a

SHA256
b49d96b478eaf654c34196d63c85d81ebbb6058169822cda782370c83b61e1aa

SHA512
29d8956a3eff7eee563e9556b0d312fba810b56bc325348088a400bfeb6c88bf438610bf86ae35325fbada1c854850a192dd3c793410660769d3d69a667662b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
38KB

MD5
9436affc97843765a966b3568fa7e5ec

SHA1
7bfda74bb30589c75d718fbc997f18c6d5cc4a0b

SHA256
7165713d3e1a610399471a5e93d5677508f62ef072c1151e72273bf4bd54f916

SHA512
473ec3a843c33e18d6d194651fe11353fcd03a7959225faeabf8c77484155ea6a7bccb72dbaf2093ed53c408faa3be9f6fc907f7a5ddf8223375f9d09b504456

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
72KB

MD5
7b85ce6d64312e6f0d8f712897a45a66

SHA1
431224de66f74e70ae5b37a67260b795352861eb

SHA256
03a79fc56e2b58121ca2fe5938be882582ca7c26cc4208ebf777de6220f59fe1

SHA512
b22d7680c82a5a45d0094dc16b0983ff59c5e3e0567d2854be14cde6a56af63729a1c4e041223fe26569e92961c49a80d603136e88d60f8f7b78ca1999b4fb3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
228KB

MD5
0ec664a4ef7ea0623172ed9c15529075

SHA1
81455a07c87cb3d11fcd5755fbb19ad759a725fb

SHA256
602b6b03122caa542723001de6f3ad3b999cc44321719b64ab89dd110cb0971c

SHA512
e86fd98edb37c811a13ea3a4af519a7f8b9638961e61dac99c61facdbe415eb40b0017412320bce0858ddd47e642c78317f4382652a740598ef33b678d44d740

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
197KB

MD5
c8535e48efcced3cc1fe1ff78d28251a

SHA1
962e4d7ff0d8f68e5d8caced19eb636203567784

SHA256
e50247b6afbba4694d5f9e304595922ecff494b237b9a6eac37c2bede5efd964

SHA512
5e4b3ffa9058f3ce4dc4e8c10815f56c221cd8703905c641d6efaeb2a3341478e96bf99b6495759033ce0812d1bfe8cec5a306055fcb0b7b897bb2e1f2319372

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
326KB

MD5
501a6d4f08de9267914c24b1a309f087

SHA1
0c289eeccd8e7d979654393e16fbaa7535b373aa

SHA256
5b49d494ba814ba2ab40100d6585cb92c5a7cef6c6bc0e982e2703042e9aa43f

SHA512
ade166ae87a97fd3deb2d995530f5b187a788456d52e5751a381c25dd0ec27d8ad04e9d8f3991a5db1e72df2996e4cbb214597baf7dad943beaf193aa5ef5625

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006d

Filesize
312KB

MD5
90a76b67c591ec5ec9a28a3acad5ad1f

SHA1
f40190bde3b7175e0be793d97a9d84a0914c0401

SHA256
9a8fd963aaeea33247b430810f36588b24cd40b79173a29bd17110ef71199eb6

SHA512
eeacb946d10b5ddec6a80dbe000444940e281e9f92a73dbc203ff55837cc3996fa127ff02f239e0a8348087d6cfaea298af7420fb9481b17093ff8b36a665917

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006e

Filesize
1024KB

MD5
e8149e2d463ecc5ce8751aa056fa3744

SHA1
047b30a0fb50dc24c33cfde482fb14a54fb33997

SHA256
345baec7b414ab1ebd19d3658d93f8228c72e8742d547c7d176f8b8858263775

SHA512
a8c9f7f430c87a6cd00d53a65005edce511df4e047e167aa8fa8d64476026f2dfeb5063e3589fa121598683ed32b94bda4055156c940334119469653f8ba3a1a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000070

Filesize
1024KB

MD5
ea0bbcdc673c701382222382ccb15bae

SHA1
8c9a5de416b3d5691e741c2ece497ffb01f8f7f6

SHA256
bb15d1abe43dc8f19f90c7e8e89af17b0a0c2c08c3126cf6279344876bdb9655

SHA512
a976ea81d5ab3a5517bc8f19a0efb2af84a4fc2fe91d4498fbcf4a6ca597fb45b58254d49381d792946c1832f6aaf3c69b89d4ec212c776f2bf4b5b0aa7d5fe4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000071

Filesize
1024KB

MD5
329dfa9174899894b5e1deddcd93c5fb

SHA1
df2499debe27c0ba9502d57173d8a1e0e5690454

SHA256
8e553599e619b87f1a9fe57f67b64400173a699ac9a82e5640771a199c7bb197

SHA512
b2fd640c719ac6c39c96b905652380eb80a50cd78bd8b363fb1fa0fab3c3bc5cfa7118251020222e506627e0b65e2b74b82f60dde5c0be573e26356805504023

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000079

Filesize
64KB

MD5
394131d560e82f077c4137c1462eb478

SHA1
fc6be4c38d8dce83a9f7be411ad74c45a01fd88c

SHA256
017d4a2b40593e6cd94c660a892cd71b2723ab4ede2c2ca63a1b54b3acec6b75

SHA512
b34756aafc120bbc100a03d3f84e3cd1629f9e3f199cb722d87c98af3f55bcc1fd5e8b9fdeb5d8377b4e80913bd26b16c3b7601fc21ab3e20ae17cc30e1d40fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008d

Filesize
114KB

MD5
d0d60dbfcf763be2272cd79be092bf2c

SHA1
ffe206b000a18327c1a9a526b018d553a11ff1df

SHA256
61c71c3973406c7268f934d462a844fc162d04c1e458d552402595bd057a1ae1

SHA512
ae598598bbc78afc87d812e4efeff517c105f9459453b1bb41b5c7d5abc0629df2b79b4b64ef687f4cab8df33b0b0e9a8bf7fe2a9d439ef99edcb3524af60af9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d0

Filesize
78KB

MD5
8d6574a1cdfbfea1e1697692f161e8be

SHA1
5618769b55673ee13ccfbe7bd17df56ee4889597

SHA256
94394da062b72c7d8fcb0f37058487cec9c80ee694104c981dc4f332ad961bef

SHA512
da8ddf8d2d9aaae6104cf4cc77ad287bae467a7df944afe9d911b4af0fd132f45bbd1c266b5ae23fa887d72addfa0c80943a0c17a0182ecb91f45a8cb65d487a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fa

Filesize
27KB

MD5
bb46b77a6fd55425d817fe96a01b87b7

SHA1
287aa6b764fb0eb4367309e15c321b40c06722e4

SHA256
2e7dadaa3f5e8cd8f709a2255b14fd6756e18e21b059388d0dcd0a5931adf103

SHA512
88641d0475744e6adf7b602fc92391372b32431a256e8040d354b29d511f76c64d9c1fc809b86201a7c6801b8f5839c931dbceb684869da272fced86174b68aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fc

Filesize
16KB

MD5
9c6b5ce6b3452e98573e6409c34dd73c

SHA1
de607fadef62e36945a409a838eb8fc36d819b42

SHA256
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc

SHA512
4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000130

Filesize
121KB

MD5
2d64caa5ecbf5e42cbb766ca4d85e90e

SHA1
147420abceb4a7fd7e486dddcfe68cda7ebb3a18

SHA256
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

SHA512
c96556ec57dac504919e806c7df536c4f86892b8525739289b2f2dbbf475de883a4824069dbdd4bb1770dd484f321563a00892e6c79d48818a4b95406bf1af96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000131

Filesize
119KB

MD5
57613e143ff3dae10f282e84a066de28

SHA1
88756cc8c6db645b5f20aa17b14feefb4411c25f

SHA256
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

SHA512
94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
7KB

MD5
954ca2559396a00b82eeead2ce26728e

SHA1
237de9b9eed161f3343b3af9d1f020a274d8d14e

SHA256
5b29298c08f5228f21822a71372596ea4426a06dde1d594234194af3114395b5

SHA512
534c3a936760638cf1d8102e0a921e5d4b5f92baa6b2288b57145c8796989e15cb11b47be55f74ff4e1b54e049f88b7dd2b1739cacb171c67b23d5a451f84b4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
264B

MD5
9dd1d27e49c4592bf608dc34fc1e6b68

SHA1
b8c43d434c211cbbdded87f512c6b59c00c700b4

SHA256
edc04852424ff4dff0a2d39bcd34c3ac3b48dde264fd4cf2c515ffaa71349ac6

SHA512
99d402285c3fa7827401e8c3aad2ef1dc66641326d0f0f9d814eb83ea99b5001df3e7df6c0992b862feb85d848e81eef333ded8cbcd8b64d8d1fd168a50dd1c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
6KB

MD5
f80c8126463ebf450e4e5957819c6336

SHA1
fb8dd9ea3a8181734c55d58b2e61e14af8166e87

SHA256
cb8f1d9b75df0066407580e51326993974b63716a0ae6a4e855576a33967f60e

SHA512
30fc9b5bc7616693e522903c58cd0b438e6c864edcddd2c7d798580b49fa2e017b40cb62e46106f2e3d0e037a647822f3e7e8fd7fb90bd0d855f9daa9adca03c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
95ff2c1170c255180db27bd7c3ba81c8

SHA1
1e417f68f756bed8adfa32cb38839e5b32b33bcf

SHA256
10cf4dc6a5b6eb972bc22722de0edf5d98774ce62685a78985e4e9d1af71ddb8

SHA512
456a6621c66529ce1846301571fcbe777ea0786119da5fc90c5e4f8ce021419dbcc83d3da12c81bab39dcb901826675ce6de89aae74ebeee3746bbcc156babe2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
29a3202b66983b7b4a93543e130968da

SHA1
e799579392e99a0712ada880e2488572a1c01611

SHA256
1e143a0753db99369a7c68cbf72643a43453f938b7acfb5d68e592b132239426

SHA512
ad9c69fd43bc757009a15a416a0adf9b5e9277f00c191015c13c454961262c74b52694f31c137c6f0c374ec6a48d1642d186741fb6eedfae41e8bc5720208da1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
6ef046878a24c637c13085f2e540c043

SHA1
31ebb48ae73e0b551b5f2ee799840ec2fa441bbc

SHA256
490d6cef28511a1c0c901b8564d7bb425b5ca37342e07ce6ceeca31fa31340aa

SHA512
a3e55ff2395170ac82bd345ff07e68b5d354835a10b3806609d0a0848875d13f0da0d8ca096531a4daf3a85ede54bd8d921c765f07dd37b1a7c49516020aa706

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.90.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_tinyurl-checker.web.app_0.indexeddb.leveldb\000001.dbtmp

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_tinyurl-checker.web.app_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
c5db838bec7072f3385fb2b90e3de52c

SHA1
c8037d13d519d3b5204dff08c415ec715e17afd6

SHA256
58402c3e4f150531b14be7e240b8272394237a38b5d439aea21928841261aa8f

SHA512
6e178ab28d0e32fd40a0f89ddcd6919ca3cbe931edff0585cdcca3438bead4b4461d0115c6163790c2c2fe76d6044f1f2675c8130a79dd31ecd7617aebf685f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
6f78d30b11efee168cd7078b5d6dd767

SHA1
7678b05757f971cc4aeb80389b3885777d82a295

SHA256
f09663055646db351404b42d4216998ace76b21c03a648e31a75b3ecbb2aaaa3

SHA512
7f36da2ef6afaf33b13c98481ca9a69eb6c2b43490d92f45f71f4b56a1c624178430c77c480a88c0b64e844e8737ce5d5a92731effbbbe86aadd1b452abdd5e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
34KB

MD5
4105b9d1fb04872ac09b817654f64c97

SHA1
b9a1af8b23e920a330b06da11da692f3e6331a83

SHA256
8e6c587650322690bd730fda5878840f445426426801b9ddb1b4e7e11b9377d3

SHA512
b931bed89668705ca063faac727114d12733a186f65fa9ba1b1b816a33cc03a2d7d2b68f327c305deed3a93cca9b9a58e3c09a63bfffefc8c8943856cbeb0b2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
9KB

MD5
4d6a7aa58c37d7d9352a6fea3fa6aa53

SHA1
4cfc282b30c060f35ec0edb7c88c604413923e2a

SHA256
4600eb8ee1d810a37bb999943f95cf150cd36b95511bdb914931f73065b76a20

SHA512
4736b8c716ee568d4b0fc86e9be9b43cbca2c01a20bbe3f2f4d73285276fddf52911f15af69de6976f7a7cab91e30a564f4f125037fc28475e1e85a2c696f723

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
d2ab4d834898c244b31096fab181a03e

SHA1
a8166cef4b95cd22977397af673e2d0e89bb7910

SHA256
fed8bf4874e537b5c2d50666d8184902afe294679ae95d1cbc76fb5c94378867

SHA512
61006cbbc294c5c7c94bced89500c61c58aa86d4a01d246f32387999d0ef8fce3252c88d457fbf0429c6e88f41bbc7846b873c0802a46663cac1c16265fd757d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
44KB

MD5
e00c9a5ffe135d2721daf3b2c2655ddc

SHA1
fdd5f11949a7976d70434f80d97fca269106b161

SHA256
481e78f9927503757ad558b9559cb24f155eae695e4611fd4b2e96d099f67c51

SHA512
47da1bb806d475fccb1f938a6bbba0f2df831525f44cb1f45359520e12ffc5f20fbd321a07ad58202170a80c6a3fea9f318d1404cce1a9697c16936348cadf4d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
8KB

MD5
2dbe240b7e1b227b26075fc5d97f00c7

SHA1
ae08e94543219f68e6af4792f7fa4a5a5b33c4c3

SHA256
43787a75e37c304ba15a5e36411fe9cf2497c154b585e5b0327e5333707f84a7

SHA512
5772c055545e05affecc9db0c98348464cc207d397707fb315b9f16de779fbb06e42715b6281ef0bbf9602fd6043d562e41d8441d18047400fad1eefbd1637f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
8f7cf778126fa6148919fca7b3df36d2

SHA1
63374b3d83d22fcf90510e89c17cd63cb83eb8df

SHA256
70908730201e868cd54ee1ff076a07b349d0f931b3f6211c015a239b36aae579

SHA512
b0d8ef39aa7e7914e9d48c42f9704ae6e1bcb77384b1652bf80cde009ee714cd0b99a0c931604e2c9d44b5231930108acfaa66d93b59a1fa5c154023b6508312

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
311ddf2b4cb0c970d8e42d8d290f96ac

SHA1
f2146a0fb88cfc5659ae32dc12a20c17a0563684

SHA256
f3022fe6418a6c84c318697003b5d544b962da3d8e59c9209e2d24c6c5b53fdc

SHA512
479bdffc52f6fad4974f596be5a83d434c0cd61e46dd6145fbb26ca1cf5f0a85764be62125d2e7f1388b78117610ab31e58b653f748514ae72c5db251577a834

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
e46b67ae6521d04b23b15e675a576034

SHA1
f8145a98e397c611ec2b780a9a1726044760c893

SHA256
47c1defbb935f36f2c47cd542b7263b73af9a93ff0684b19d0c1c3afb14b5429

SHA512
be566eca84dd56a091c73011ad929737326f66e083cde9c737fc55660f1257326e76bb53101ad686bce0d0187ad108efdb8ac0fa8f9d4087b20d781b1824c23c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
601f731bb3cbad8c11b6c8d037e4460b

SHA1
ecad7b7191138491d2e3c067d694fcbe07a5e313

SHA256
6aa9c8b6bd4f19a420451317d5a10c44a66d15d72f677f52bba945e018f8f965

SHA512
43dfeda977fa1c724c98bc78d1b3cc536494ac13cb7f0a8301b10db9dc1ac211685a39e85a60fcf840055d49005d55e981f3ba7edb00d34081324c733e8c62d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
30a48d87899a1726134631cc042296b3

SHA1
f220b9160474d02be18323e1399d755845783306

SHA256
2b3a3b10fbcdce92cdbdc7584a3eedf20ffe354f1a90c9be7a90ecdcf10dfa60

SHA512
f5f4e285d0f71e14fd20cdc89e5343dff60a064795ae0b5987b3edfd9938be7abaf9ff109a5bfc77cef7d4f7a4685f69bf5f085090fbe4a67b4dfdcc4fb3c3b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
10ea88e637239e903f0783f2983ec07e

SHA1
f34bb0c518f51440ec05e03dd64d270f2e903752

SHA256
534648adefa19b4c085c9bb6e62037adb35eff609a02aacd3663b1dabde62261

SHA512
159fef1d47a5c5e924e59789e3fb96be8d5a73d9f06097325bc6975bb45968a800bd5d3c7fb4daf485577179308ccdcc77fcb79d6d87d5914dc85edc67242e0a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
fbb7553cc5dd8eaff2d2fd5e33eaeedf

SHA1
5e79b3b9ffc9e6cd8d83003edd3ee64e9b2f4a38

SHA256
9e530383a98ae0c54a259dcacbd9c47c0c60e7a683c96723126988e1357d3a98

SHA512
40de5cb25ebf0e4919fb8788f3d0aea9234b94599d1bb40bab8cac4121ed5d9d479a79eddf31920f8ebac5af6319c427dbcb271a6f082b3d2151911627c40b7c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
433ddc6ab2524174cf5de9d6774a547b

SHA1
03937b5bb741cae6678f94366848f800384bb708

SHA256
2d4eba76703644f715caa4158329363b2c31712b20f64ab7604723b933ba8751

SHA512
7b427ae1ab834dab877d520f3e0727bf1c7a3e19b57811537d7a6b1425a6b9e55797d43dad2b8c915688e2950da9040ea8ecea2ed8d083b2b0d1c9d3c7f5aead

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
14KB

MD5
94d0d0f1c8772738afb4639aa408c6aa

SHA1
f3ebe56914ac37109f3ad9e33b08df94c4d64e6c

SHA256
18175fb8044849948f740b2ede646bd6a8014027f86265db3dfb5b19b586971f

SHA512
7e94dda00a9cd0dce2fe3385ef117a6a1c79123669e1559298aec46ea27f308d5c2bfcd03c5be9f0952737b35608fdc8bb3632615e39f0917a0a6be8b541bc38

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
14KB

MD5
b598599f66e594487bd134a890dfac51

SHA1
d89f713a21c34768f71e351625b8f358cf94f0c6

SHA256
7e5e108ba0fe46255d366a98aacaf7ef28ebd5fe4ec418d968e4843bf141429f

SHA512
a002028ecf87db6b829de80f9b216194b8aabd08b743b69d86227c21c3b9ccccba3ae58a1e2354f82ce5d3e96f68cf4ffb247db7bb6d3a66a3104ffe12f7bbc8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
7855adca80b7ec020ffff5c9b32f81e9

SHA1
f563c8f17955fbeecccc0e6dceafcbc0821ad380

SHA256
e1cf58582911883a055fef48c7012505c6c0e1d37470a52f451ad56ce6bf89dc

SHA512
9667ce06f608b43a5a6edf5026e4fdb4063b58a1fdaa9f3c971978de60ed502fa0ec1617a42bba998eb95f7c492eb59df2cfa359ee0c3fd7ce3f44aa836def77

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
45fd9ba0b9879c78aa506ee443fa171b

SHA1
3c2c88c55d90cefc83785175d09d2bad3d763147

SHA256
beb69698346c29f96d7da8561a46953ad1c9fc470a51c73021fd51ecda6a2df3

SHA512
4230036f22065288bb56507eb27482157da3c253aed1272c22e7a33db83499aee0fb6501bba17612196cdf2fb6f9c67b646a3ca5926f9a137f33d7d8b1b06dbb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
66e70a81dbaedd4aa6e189219a9b755d

SHA1
f925602006770c1f93e83e18fea9942988b15cfc

SHA256
8e6b8c3e0f03697afb9878789df777841392e87ee19b74e30cd50b4a4b3c7f9e

SHA512
3fb17894f642a6c19734bfd511ffa181c9dd1436868a574eaffd2e7239e52657edb1c2e9c0226482dcf85e0a44d7dce91e0ec47bd6468b2478cac1c13124746e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
cb4310ad53e0a76659b5629e1086a6f7

SHA1
232212ebfc9792f32958135bcc028bba6df2d3e1

SHA256
9cbde14f5307034a8bf1760fc65dc69eb1ce26391a93ce7363dc44dc965139eb

SHA512
906ae66d31f1d67fbfbc629964558587a6f01c0435e9b934db35803fb116e9cdd1bbb9a5422ab1a8c7c0c6b4efdf472e520395a9424ac986c3821a7a215faebf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
b43de47dcd763061f714131435d1ed95

SHA1
ed1a86e1216a3092fb385ac5d9c64ee90919ebca

SHA256
c6b12e4ad9b91801a2537f9735a3a8e445ddc72fd557fceb0bcb34b5317318ec

SHA512
e599c637e543c611e508f3928d7df081869a1f5e35aca3f52375e13f62a560405b12ad3d6d437b9ffd790accfd2a8b1761d7f9ac21efb2371d10349773c92d12

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
386a984f22e6e52d4e59fb3ebdc1a98b

SHA1
98a65816f837756ba6524b8098cfa88b341aade1

SHA256
469786d0f561f37500d6db5e38d5a5bab42bb956d11aebc9b80e570afc52d716

SHA512
a5a4e011894a17d64417eb00713096140aaf2f906023e077f54a7e34d2689e311ee71cbd2f3827441a06855b71da62821d49159495673bbfae65412a837c6c81

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
14KB

MD5
d04699b6b7cfc367d9ca2a5b576ddea4

SHA1
d4b837d21bbd9a7de651f9bf7f4553b9daa37d6c

SHA256
be2c096d7d30532f971bb990358f5ab500e7f7f96cb5e15fa2311eb1eb6beaf5

SHA512
fb719bbd8d2568e7397d969b6a40b68895e1d089a8829eb539c9039c028282d79213aa7f13df5bfc3d55a470138d65cd4ee26362a212c42d277060c0e91921f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
2f1362275e8fce1bed3683f67a47c2c5

SHA1
f5a505ebc70e5261d780971b320d463c4185082a

SHA256
8306b376cf56401289fc2a89f5a6258b522ae3f9859aaffd7193bda78d4f2c77

SHA512
2cd0f31d0242b1f0db51eee95f47c951c6153a2d7207f5dd32e0f54404cbe265d21949fd2a2366cce749453a7c4e5304f38b8d93ab538b05fa589af2cb68a272

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
421e7ac8d080a966b284cc313cd0d841

SHA1
cadb1ad78b78322eb19479551134619a0196f501

SHA256
1903934ce3ad97ff028febb665cae1df7e46d88d2bdd136c84c3a929cd1d453e

SHA512
a1f789b2c2c4f12295f5b412563ce5c605ec8bf564cf7669bea2226286d3bbf1d049fa720c44f80794e32cce4d5f47ebc871fdbd3b77e83c3b5f14d4f1cb0419

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
fc6b855c452154a57f3f851b55ed4d10

SHA1
bb95fdfab8dd7dbf00f05462b6329029f8fa98af

SHA256
1eaf05c785c1cd780e916f309d0f1ae80e168b385ad006da75f90325c3f73fc9

SHA512
2199792489f49a8e7720354364abe6bffde669e6089ed0f1f2a3ecc7b8726a8ab63a98faaf458cc60208fb0b5dd728d3f84315ae46c34aa14c921afe25035015

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
8debe24ab2781da2f4f4fedc663770b7

SHA1
c930153baa6c5070b5f366c9f3c6620b44907b3f

SHA256
c4945a8cad68d1482a403a4dcf6983c9d2cd27e658b3327351e3dbbbeec35c0d

SHA512
174dec85d9325d3f80f2f2ae0d41e3855c5ab9dfd32d35a7e65eef35c9abba40bcc975375934fcaeb888320e6b426e9c088505fb90eda8e7a3a5fd5b847464ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
0c77025ba8173000d9ac03c3376acd48

SHA1
7656f531d0f2b4d4da3f6ee1383d63c5b52b905f

SHA256
2b4ae7e64168c1d6ecceae9d6696e9f10ff4d44491f1ef2339fdb63ccbfc32d4

SHA512
ff2995b5905d3506c044a03e57c1f4b2dcf4848c5bdfbf6857ff0cc3949b535dac9cb87b41f75cad53ad1182e7eb14efc1219ecedaddd8de372118597e6d3c3d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
14KB

MD5
2f03fea11690d1b79393466a31ed2b9f

SHA1
839c4bb973bc2cf7cf25f5dfd257a3f97ae8071f

SHA256
fcb52b3ecb53dd02f066ec3f4e8d5fd03ff7794439e560be1a5bba1877d74943

SHA512
9d1e29bc7250382856392651db113de99f53a7138cbab36b6ff1992f34345ceac3f8807a0bc2662149bfea0f82bbfc1bae49048d62f7e7147bd77530fa606a89

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
18KB

MD5
414a12378e422fa8b8720574d577b5a9

SHA1
95490f68a3b351838d34f0c9a6d557683812ffcc

SHA256
da71738d5c2b4e8a9f1e7c58c1d5836638156eb708d9cf9cc587aee5f8b695a3

SHA512
1843e42f6a2506fb9f2222e214bef0bf964243fb483e45f92ff58dcdbbc0ea649c86f30d08caf82594052a47d09f7633c2fdeaa46cd448dc15a164f307ddaa6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
b1cf46d7bf1bf39c484d897c7c2394a8

SHA1
5509317a0719e88b506a9eee8885bcb8fb68a2d1

SHA256
f4d1f6b8317b9cb5adf1cd6702f74cd9d10bbd04743364031008bb255fcbc9e2

SHA512
c6ab9ea33e40fce97cbde6cfcf0eae4c363475f7afd8a619809b8a4748ee2f3369486de044dfd307c3b83cfee06e8b3cb44ada209682db4d618f0722e9d17f79

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
131f749eceb5a29f70ed4277f2902529

SHA1
d63a7cefc83279936c0ce6bed4a8d209edd80d45

SHA256
9e1220a66eb608736ee7dfe0500e91b39b31575599b9ee39e13afbd0f9071a21

SHA512
75f34f5018ed4f3af4a1f45677133504cec9f6dd551d1071fd12622c295ab86fac6db8ce50e3773d9b338e9bc47f45c0dcd6a319b6f9893b08069b4adc139d42

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
e796f402fa46756561d8033a59fe4e88

SHA1
3854b50035a3ece98847e43779375bb5727d145c

SHA256
be6615e4d4d91173a6b8d992871fa048642f919e0f3ec6a51ddd86c271f13e87

SHA512
392c14c4c46778375c60bc32e9593a7b85ad8ea03c396402d79ff481abd3c73e1c1062c0fdb172af5aa96fb6faa809cdd7a6550fb2f16ba73af3ead2098b062e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57b67f.TMP

Filesize
48B

MD5
30096b6da83a4e3b10a38094ef760f15

SHA1
d5c787d0f8ea50a504e18b2ccf6aa2b7076756af

SHA256
97d0a4f6c5dd4ee4b385cb514b85c897f12f73b70b05788b312cee72fa6fac62

SHA512
9c6abe3f51e0faa9c7eb72675fd77432bb169f8ce53778902aa50b656174e4e05de8d8fa9b8d58195a1964d2d29a1d319be1bee487357ec7fa023dba28d3575d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\index-dir\the-real-index

Filesize
72B

MD5
88485a1bc9a61f2f5f9c44e8ad7c17b2

SHA1
fa651d536c3beeaabf8ef35f814a565c33b6f874

SHA256
85f4a3e1dc0f111ea7ac3713e5d265248fc5154076cc5cbde95616614d1a7883

SHA512
13b67f150ae6f4e756351f188e5f29b08463b36114a0e60cb162bf331b9e263dd20cb4d6ff0f4df0c3c847c9d951906aa1c9e325ca79f32b88c298ad6396f5a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt

Filesize
76B

MD5
a7a2f6dbe4e14a9267f786d0d5e06097

SHA1
5513aebb0bda58551acacbfc338d903316851a7b

SHA256
dd9045ea2f3beaf0282320db70fdf395854071bf212ad747e8765837ec390cbc

SHA512
aa5d81e7ee3a646afec55aee5435dc84fe06d84d3e7e1c45c934f258292c0c4dc2f2853a13d2f2b37a98fe2f1dcc7639eacf51b09e7dcccb2e29c2cbd3ba1835

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt

Filesize
140B

MD5
196cb7de08119af841f1eac726f280d3

SHA1
d536cd1d549a8664d728778296ad4d27745d22fc

SHA256
e620b71d382f7d55c7b52cc136bfc42690e9de4b2d4dcc4cfc9625f49e5ef173

SHA512
095778791415de79b13aeb09854cfeb836885435dcf37a871fb63efeff2b60e469ac67cf8cc07ce6c346898ae2b122e99becfd6e5baf2ea1c3cbedbcc6500231

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt~RFe5fd9cf.TMP

Filesize
140B

MD5
3b1919c192167648e88081cec9efd477

SHA1
c348d2d43c9b202469b8d520d169ffc3479e12a9

SHA256
31a64b141578b2e85856ebbc20c5f05dabe7fae27b514a85a9714874e8ac002d

SHA512
2fe40b440fd19e10aaa102e4cab5a266ced8d55aee6fa6f5e3be08c157baf4becb301f2627d68ccea25a0e02682d50e99d6eea56158baadbea0cef13ac4ac05c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
79KB

MD5
d89f95c9e3f66ca6a5686066bfc42d0a

SHA1
39bf444ad701cdf7a70148765e1d4818ee3cd942

SHA256
eb4b20a55458fa26e53acd5014ac271c4d08757d097cd13e7e193e62573645c4

SHA512
6a6588f75415f945562cc7fa5a825831d4517c94db6fe181ddcc757a99b89c4e65eb3afea3d21eef47078e9a5b67893eecd64c4579abb1c3d3551f55210f3cad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
152KB

MD5
eda5a0a03834cb5560146af711a9117e

SHA1
a3a6fb20e900481de3e4db37944fc089dea8faca

SHA256
541452a260f3707c06f61e49f923a40d4dcd1d75a1be19e804b3b71171b9bb96

SHA512
003d457e879000a6763f4d27ad846099b1248216644bc058c3c0b88eb8c88e634fa1b9bbad6c57f30d3783d5933faf41cb7c2336962533e6fd165f8574a6e16d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
152KB

MD5
2d4eadd219e530dc52a035941e4d3d5f

SHA1
77080d262baf6a69bf80221527261bfbcb49ae87

SHA256
95866b10c2486463c1373a4b1c9b6056d2f76305c6827a612e872b81722eb20b

SHA512
f6c26caa86d165f6247eee0ff74acc7a03e338cf4e6b241962878cb4b0615229e3351d048056bde1514ac62263766edb6d01f67020f050b80f5f543722449a15

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
153KB

MD5
6eac007423caefe178e0f54126de30a4

SHA1
ebfe0d8f03d8ad40f2cad8759b6fe23f959a9c4e

SHA256
8b032b6b6f17247ed0d9b898ff96a6d017949a2ca86f5117693654ef4f937146

SHA512
435d4767a498a0282cd2b22f8c1f3d15fd571a5f909b09987b173ceb54ab96dbbd9dfc5d7a33388482bd6007d2ad9e9d9fd8f35a004013d14983d75c2096f1f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
152KB

MD5
a72012d4338b182fafe893f980a8538b

SHA1
6685657d9214df61d246d050d3f7a4a5fb561fb5

SHA256
60238d2c664b28dc939bfe346fa87f3f8c8396e000bcd0610f4f47860e5ce313

SHA512
ea264739e6db4365935a4c8f3608188c058f58bb959ec74aa3122d31a8d161654573447d605412bf037e4d7ce6ff2f9e256c1c3e8f781d3ba88465912154fe51

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir5856_1485738372\a951de5d-5802-4cb0-b252-668245cf9d01.tmp

Filesize
152KB

MD5
dd9bf8448d3ddcfd067967f01e8bf6d7

SHA1
d7829475b2bd6a3baa8fabfaf39af57c6439b35e

SHA256
fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

SHA512
65347df34378c2bbb34417e2cccfb3251a0b2412422cc190eed9df525b6e0a9948e0295ea3c33b3ad873ce81e369e89a138ac41d6eb7229546c3269107e661de

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit