hxxps://learn[.]microsoft[.]com/en-us/windows/win32/inputdev/virtual-key-codes

max time kernel
432s
max time network
436s
platform
windows11-21h2_x64
resource
win11-20250313-en
resource tags

arch:x64arch:x86image:win11-20250313-enlocale:en-usos:windows11-21h2-x64system
submitted
06/04/2025, 14:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://learn.microsoft.com/en-us/windows/win32/inputdev/virtual-key-codes

Score

8^/10

defense_evasion discovery motw persistence phishing

Malware Config

Signatures

Downloads MZ/PE file 1 IoCs

flow	pid	Process
99	2164	chrome.exe

Executes dropped EXE 8 IoCs

pid	Process
5256	dotnet-sdk-8.0.407-win-x64.exe
2308	dotnet-sdk-8.0.407-win-x64.exe
5432	dotnet-sdk-8.0.407-win-x64.exe
6936	dotnet-sdk-8.0.407-win-x64.exe
6516	dotnet-sdk-8.0.407-win-x64.exe
6536	dotnet-sdk-8.0.407-win-x64.exe
6848	dotnet.exe
5832	dotnet.exe

Loads dropped DLL 64 IoCs

pid	Process
2308	dotnet-sdk-8.0.407-win-x64.exe
6948	MsiExec.exe
6948	MsiExec.exe
5244	MsiExec.exe
5244	MsiExec.exe
5156	MsiExec.exe
5156	MsiExec.exe
5156	MsiExec.exe
5156	MsiExec.exe
6536	dotnet-sdk-8.0.407-win-x64.exe
5460	MsiExec.exe
5460	MsiExec.exe
5732	MsiExec.exe
5732	MsiExec.exe
1524	MsiExec.exe
1524	MsiExec.exe
2128	MsiExec.exe
2128	MsiExec.exe
6116	MsiExec.exe
2900	MsiExec.exe
2900	MsiExec.exe
2880	MsiExec.exe
2880	MsiExec.exe
1308	MsiExec.exe
5336	MsiExec.exe
1884	MsiExec.exe
6580	MsiExec.exe
6772	MsiExec.exe
3552	MsiExec.exe
4388	MsiExec.exe
6372	MsiExec.exe
2524	MsiExec.exe
2836	MsiExec.exe
6856	MsiExec.exe
5792	MsiExec.exe
2472	MsiExec.exe
5276	MsiExec.exe
776	MsiExec.exe
5804	MsiExec.exe
6520	MsiExec.exe
6848	dotnet.exe
6848	dotnet.exe
6848	dotnet.exe
6848	dotnet.exe
6848	dotnet.exe
6848	dotnet.exe
6848	dotnet.exe
6848	dotnet.exe
6848	dotnet.exe
6848	dotnet.exe
6848	dotnet.exe
6848	dotnet.exe
6848	dotnet.exe
6848	dotnet.exe
6848	dotnet.exe
6848	dotnet.exe
6848	dotnet.exe
6848	dotnet.exe
6848	dotnet.exe
6848	dotnet.exe
6848	dotnet.exe
6848	dotnet.exe
6848	dotnet.exe
6848	dotnet.exe

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\{ba474f93-a4b9-4941-8327-c6d488742031} = "\"C:\\ProgramData\\Package Cache\\{ba474f93-a4b9-4941-8327-c6d488742031}\\dotnet-sdk-8.0.407-win-x64.exe\" /burn.runonce"	dotnet-sdk-8.0.407-win-x64.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\E:	msiexec.exe
File opened (read-only)	\??\G:	msiexec.exe
File opened (read-only)	\??\Q:	msiexec.exe
File opened (read-only)	\??\H:	msiexec.exe
File opened (read-only)	\??\J:	msiexec.exe
File opened (read-only)	\??\K:	msiexec.exe
File opened (read-only)	\??\L:	msiexec.exe
File opened (read-only)	\??\M:	msiexec.exe
File opened (read-only)	\??\O:	msiexec.exe
File opened (read-only)	\??\T:	msiexec.exe
File opened (read-only)	\??\A:	msiexec.exe
File opened (read-only)	\??\I:	msiexec.exe
File opened (read-only)	\??\P:	msiexec.exe
File opened (read-only)	\??\R:	msiexec.exe
File opened (read-only)	\??\S:	msiexec.exe
File opened (read-only)	\??\U:	msiexec.exe
File opened (read-only)	\??\B:	msiexec.exe
File opened (read-only)	\??\N:	msiexec.exe
File opened (read-only)	\??\V:	msiexec.exe
File opened (read-only)	\??\W:	msiexec.exe
File opened (read-only)	\??\X:	msiexec.exe
File opened (read-only)	\??\Y:	msiexec.exe
File opened (read-only)	\??\Z:	msiexec.exe

Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs

phishing motw

flow	ioc	pid	Process
337	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html	2164	chrome.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk\analyzers\build\config\analysislevelsecurity_9_minimum_warnaserror.globalconfig	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.Build.Tasks.Git\tools\net472\pl\Microsoft.Build.Tasks.Git.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.WindowsDesktop.App.Ref\8.0.14\ref\net8.0\Microsoft.Win32.Registry.AccessControl.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk\analyzers\build\config\analysislevelperformance_8_default.globalconfig	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\TestHostNetFramework\testhost.net472.exe.config	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk\analyzers\build\config\analysislevelnaming_9_default_warnaserror.globalconfig	msiexec.exe
File created	C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App\8.0.14\Microsoft.Extensions.Caching.Memory.dll	msiexec.exe
File created	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.14\tr\ReachFramework.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.WindowsDesktop.App.Ref\8.0.14\analyzers\dotnet\fr\System.Windows.Forms.Analyzers.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.AspNetCore.App.Ref\8.0.14\ref\net8.0\Microsoft.Extensions.FileProviders.Composite.xml	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\FSharp\cs\FSharp.Build.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.SourceLink.GitHub\tools\core\fr\Microsoft.SourceLink.GitHub.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk\analyzers\build\config\analysislevelglobalization_5_recommended.globalconfig	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Containers\tasks\net8.0\tr\Microsoft.NET.Build.Containers.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.NETCore.App.Ref\8.0.14\ref\net8.0\System.Xml.XmlSerializer.xml	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk\analyzers\build\config\analysislevelsecurity_9_all.globalconfig	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.SourceLink.GitLab\tools\net472\ko\Microsoft.SourceLink.GitLab.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\shared\Microsoft.NETCore.App\8.0.14\System.IO.FileSystem.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk.Publish\tools\net472\Microsoft.Web.Delegation.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Containers\tasks\net8.0\de\Microsoft.DotNet.Cli.Utils.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\ko\Microsoft.TestPlatform.Build.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk\tools\net8.0\ko\Microsoft.Deployment.DotNet.Releases.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\pl\Microsoft.TemplateSearch.Common.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.AspNetCore.App.Ref\8.0.14\ref\net8.0\Microsoft.AspNetCore.Cors.xml	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.Build.Tasks.Git\tools\core\tr\Microsoft.Build.Tasks.Git.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Microsoft\Microsoft.NET.Build.Extensions\tools\net8.0\ru\Microsoft.NET.Build.Extensions.Tasks.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Microsoft\Microsoft.NET.Build.Extensions\Microsoft.NET.Build.Extensions.ConflictResolution.targets	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk.Web.ProjectSystem\targets\Microsoft.NET.Sdk.Web.ProjectSystem.props	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Containers\tasks\net472\pl\Microsoft.DotNet.Cli.Utils.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Extensions\dump\DumpMinitool.x86.exe	msiexec.exe
File created	C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App\8.0.14\Microsoft.AspNetCore.Cors.dll	msiexec.exe
File created	C:\Program Files\dotnet\shared\Microsoft.NETCore.App\8.0.14\System.IO.Compression.Native.dll	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.AspNetCore.App.Ref\8.0.14\analyzers\dotnet\cs\es\Microsoft.Extensions.Configuration.Binder.SourceGeneration.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.SourceLink.Bitbucket.Git\tools\net472\es\Microsoft.SourceLink.Bitbucket.Git.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\TestHostNetFramework\System.ComponentModel.Primitives.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\DotnetTools\dotnet-watch\8.0.407-servicing.25113.23\tools\net8.0\any\BuildHost-net472\System.Numerics.Vectors.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk\analyzers\build\config\analysislevelreliability_6_all.globalconfig	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk.Web\Sdk\Sdk.targets	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk\tools\net472\de\Microsoft.DotNet.PackageValidation.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\de\Microsoft.TemplateEngine.Edge.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\it\Microsoft.TestPlatform.Utilities.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\packs\NETStandard.Library.Ref\2.1.0\ref\netstandard2.1\System.Threading.dll	msiexec.exe
File created	C:\Program Files\dotnet\packs\NETStandard.Library.Ref\2.1.0\ref\netstandard2.1\System.IO.FileSystem.dll	msiexec.exe
File created	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.14\ru\PresentationUI.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\datacollector.runtimeconfig.json	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\DotnetTools\dotnet-watch\8.0.407-servicing.25113.23\tools\net8.0\any\BuildHost-net472\Microsoft.Build.Locator.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk\tools\net472\Microsoft.DotNet.ApiSymbolExtensions.dll	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.AspNetCore.App.Ref\8.0.14\ref\net8.0\Microsoft.Extensions.ObjectPool.dll	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.AspNetCore.App.Ref\8.0.14\analyzers\dotnet\roslyn4.4\cs\Microsoft.Extensions.Options.SourceGeneration.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk\analyzers\build\config\analysisleveldocumentation_6_default_warnaserror.globalconfig	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk\analyzers\build\config\analysislevelnaming_6_none_warnaserror.globalconfig	msiexec.exe
File created	C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App\8.0.14\Microsoft.Extensions.Localization.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\zh-Hant\Microsoft.TemplateEngine.Core.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\DotnetTools\dotnet-watch\8.0.407-servicing.25113.23\tools\net8.0\any\BuildHost-netcore\ru\System.CommandLine.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Microsoft\Microsoft.NET.Build.Extensions\net461\lib\Microsoft.Win32.Primitives.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\ko\Microsoft.TestPlatform.CommunicationUtilities.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\DotnetTools\dotnet-watch\8.0.407-servicing.25113.23\tools\net8.0\any\tr\Microsoft.CodeAnalysis.CSharp.Workspaces.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk\tools\net472\es\Microsoft.DotNet.ApiCompat.Task.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk\codestyle\vb\zh-Hans\Microsoft.CodeAnalysis.CodeStyle.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.14\ru\System.Windows.Forms.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Containers\tasks\net8.0\Microsoft.NET.Build.Containers.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\Microsoft.VisualStudioVersion.v12.Common.props	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\FSharp\runtimes\win\lib\net8.0\System.Security.Cryptography.Pkcs.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\8.0.407\DotnetTools\dotnet-format\es\Microsoft.CodeAnalysis.VisualBasic.Features.resources.dll	msiexec.exe

Drops file in Windows directory 64 IoCs

description	ioc	Process
File created	C:\Windows\SystemTemp\~DF8066BEDE053BDAB6.TMP	msiexec.exe
File opened for modification	C:\Windows\Installer\e5ca63d.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\e5ca647.msi	msiexec.exe
File created	C:\Windows\Installer\e5ca655.msi	msiexec.exe
File created	C:\Windows\SystemTemp\~DF7B550991326D7F51.TMP	msiexec.exe
File opened for modification	C:\Windows\Installer\MSI14C7.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\$PatchCache$\Managed\63337BB296F4141479799EDBF63E89A0\64.8.8795\fileCoreHostExe	msiexec.exe
File opened for modification	C:\Windows\Installer\e5ca615.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\e5ca61a.msi	msiexec.exe
File created	C:\Windows\Installer\e5ca632.msi	msiexec.exe
File created	C:\Windows\SystemTemp\~DF972AB9866035E446.TMP	msiexec.exe
File created	C:\Windows\SystemTemp\~DF3800284FDE8CB732.TMP	msiexec.exe
File created	C:\Windows\Installer\SourceHash{E2F77054-5321-459D-864F-5982A8E16910}	msiexec.exe
File created	C:\Windows\Installer\e5ca60f.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\MSIDA74.tmp	msiexec.exe
File created	C:\Windows\SystemTemp\~DF95E98F93200EABC5.TMP	msiexec.exe
File created	C:\Windows\Installer\e5ca646.msi	msiexec.exe
File created	C:\Windows\SystemTemp\~DF7F5AC9DF62E72E31.TMP	msiexec.exe
File created	C:\Windows\SystemTemp\~DF1DA10A36D41E1E66.TMP	msiexec.exe
File opened for modification	C:\Windows\Installer\MSIBA2C.tmp	msiexec.exe
File created	C:\Windows\Installer\SourceHash{60793768-C1CB-4D7B-AA15-2DCE5B63E70E}	msiexec.exe
File opened for modification	C:\Windows\Installer\MSICCE0.tmp	msiexec.exe
File created	C:\Windows\SystemTemp\~DF4584681315B66A60.TMP	msiexec.exe
File created	C:\Windows\SystemTemp\~DFDCC08E1209F705E6.TMP	msiexec.exe
File created	C:\Windows\Installer\e5ca637.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\MSI14E.tmp	msiexec.exe
File created	C:\Windows\SystemTemp\~DF149F919D66EDFDA9.TMP	msiexec.exe
File created	C:\Windows\SystemTemp\~DF6A0FEFC0B38442E7.TMP	msiexec.exe
File created	C:\Windows\Installer\e5ca664.msi	msiexec.exe
File created	C:\Windows\SystemTemp\~DF6205A7925EEC5FF9.TMP	msiexec.exe
File opened for modification	C:\Windows\Installer\MSIF93.tmp	msiexec.exe
File opened for modification	C:\Windows\SystemTemp	msedge.exe
File created	C:\Windows\Installer\e5ca628.msi	msiexec.exe
File created	C:\Windows\Installer\SourceHash{281DAB6D-5B68-4F67-AD9D-A3BBB2F8D491}	msiexec.exe
File opened for modification	C:\Windows\Installer\MSI13FB.tmp	msiexec.exe
File created	C:\Windows\Installer\$PatchCache$\Managed\63337BB296F4141479799EDBF63E89A0\64.8.8795\fileCoreHostExe	msiexec.exe
File created	C:\Windows\Installer\e5ca5fb.msi	msiexec.exe
File created	C:\Windows\Installer\SourceHash{B5A57BF9-FC7A-4FA6-BAEB-46E173986DF3}	msiexec.exe
File created	C:\Windows\SystemTemp\~DF62ACFED7ABD557ED.TMP	msiexec.exe
File created	C:\Windows\Installer\e5ca65b.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\MSIB4F5.tmp	msiexec.exe
File created	C:\Windows\SystemTemp\~DFDD1615E1AB02A9B1.TMP	msiexec.exe
File created	C:\Windows\SystemTemp\~DFBD85345905541826.TMP	msiexec.exe
File created	C:\Windows\SystemTemp\~DF0AD882BB983FDE0B.TMP	msiexec.exe
File created	C:\Windows\SystemTemp\~DF18D21804EDAA3862.TMP	msiexec.exe
File created	C:\Windows\SystemTemp\~DF099C233371F84C2A.TMP	msiexec.exe
File opened for modification	C:\Windows\SystemTemp	chrome.exe
File created	C:\Windows\SystemTemp\~DF5413F771C1E34429.TMP	msiexec.exe
File created	C:\Windows\SystemTemp\~DF0637290D7AAA4118.TMP	msiexec.exe
File opened for modification	C:\Windows\Installer\MSI194F.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\MSI1D5A.tmp	msiexec.exe
File created	C:\Windows\SystemTemp\~DF5C717D5C33AA1A30.TMP	msiexec.exe
File created	C:\Windows\SystemTemp\~DF01EF111258127A29.TMP	msiexec.exe
File opened for modification	C:\Windows\Installer\MSICE1.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\MSI1225.tmp	msiexec.exe
File created	C:\Windows\Installer\e5ca674.msi	msiexec.exe
File created	C:\Windows\Installer\SourceHash{6BF59E75-BE05-4C69-9C48-3532B6DE0EC5}	msiexec.exe
File created	C:\Windows\Installer\SourceHash{8B5384CA-D189-4CFE-8DF0-2D05B4EA8499}	msiexec.exe
File created	C:\Windows\SystemTemp\~DFCDFB5F14FEA09C78.TMP	msiexec.exe
File opened for modification	C:\Windows\Installer\MSI254D.tmp	msiexec.exe
File created	C:\Windows\SystemTemp\~DF88AE0FC5D04558A2.TMP	msiexec.exe
File opened for modification	C:\Windows\Installer\MSID38C.tmp	msiexec.exe
File created	C:\Windows\Installer\SourceHash{81FE5A7E-2D35-497A-9710-82E721FAA459}	msiexec.exe
File created	C:\Windows\SystemTemp\~DF2DC058C5CCCA7B1C.TMP	msiexec.exe

Subvert Trust Controls: Mark-of-the-Web Bypass 1 TTPs 1 IoCs

When files are downloaded from the Internet, they are tagged with a hidden NTFS Alternate Data Stream (ADS) named Zone.Identifier with a specific value known as the MOTW.

defense_evasion

SIP and Trust Provider Hijacking

T1553.003

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\dotnet-sdk-8.0.407-win-x64.exe:Zone.Identifier	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 34 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	dotnet-sdk-8.0.407-win-x64.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	dotnet-sdk-8.0.407-win-x64.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	dotnet-sdk-8.0.407-win-x64.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	dotnet-sdk-8.0.407-win-x64.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	dotnet-sdk-8.0.407-win-x64.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	dotnet-sdk-8.0.407-win-x64.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 62 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2c	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\3a	msiexec.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\DeveloperTools\deviceid = "5208ba9c-cfb6-4f10-ad67-59d5682e36d7"	dotnet.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\40	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\2D	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\37	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\39	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\28	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\30	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\30	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\3C	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\3f	msiexec.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133884250306714211"	chrome.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\28	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\2C	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\35	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\41	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\2A	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\36	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\3c	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\27\52C64B7E	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\32	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\33	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\3A	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\3e	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\31	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2d	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2f	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\36	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\3b	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\3E\52C64B7E	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\41	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\42	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2b	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\34	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\43	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\29	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\38	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2a	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\2E	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\32	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\38	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\3F	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\40	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\31	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\2B	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\2F	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2e	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\33	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\37	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\39	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\3d	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\3B	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\3D	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\DeveloperTools	dotnet.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\34	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\35	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\3e	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\42	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\29	msiexec.exe

Modifies registry class 64 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\15D065009A8ECCB4FAACD02F083CA8A1\InstanceType = "0"	msiexec.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Installer\Dependencies\dotnet_targeting_pack_64.56.29490_x64	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96140E16B03D3A44CBE564A5AFD1C114\SourceList\LastUsedSource = "n;1;C:\\ProgramData\\Package Cache\\{61E04169-D30B-44A3-BC5E-465AFA1D1C41}v64.56.29490\\"	msiexec.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\45077F2E1235D95468F495288A1E9601\Clients = 3a0000000000	msiexec.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\CFEB65CB7B9DF674B9C7C24D4975C272\Assignment = "1"	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96140E16B03D3A44CBE564A5AFD1C114\PackageCode = "8E0F5AD91FE9C354D907D5C733C39D05"	msiexec.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\28D975F216AAC104E8F559E9B6C29C40\Clients = 3a0000000000	msiexec.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\3EC718C6CB23B6C4B8A16E7FE1ADFFCC\Assignment = "1"	msiexec.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8C2F7E2BDC3796247BCB117B8DBBA773\AuthorizedLUAApp = "0"	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\0D6FE611E8EAD6E40B8DFE1F54DC54AD\SourceList	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.NET.Sdk.tvOS,8.0.100,17.0.8478,x64\Dependents	dotnet-sdk-8.0.407-win-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\26740940011A64E47A82E78FD8CC1A1F\Provider	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\BFC6307A304B895458FF3D79BA8B1837\SourceList\Media	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\CFEB65CB7B9DF674B9C7C24D4975C272\SourceList\PackageName = "windowsdesktop-runtime-8.0.14-win-x64.msi"	msiexec.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\E7A5EF1853D2A7947901287E12AF4A95\DeploymentFlags = "3"	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\E7A5EF1853D2A7947901287E12AF4A95\SourceList\Net	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\9FB75A5BA7CF6AF4ABBE641E3789D63F\SourceList\Media	msiexec.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\AC4835B8981DEFC4D80FD2504BAE4899\InstanceType = "0"	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.NET.Sdk.tvOS,8.0.100,17.0.8478,x64\Dependents\{ba474f93-a4b9-4941-8327-c6d488742031}	dotnet-sdk-8.0.407-win-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\26740940011A64E47A82E78FD8CC1A1F\SourceList	msiexec.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\63337BB296F4141479799EDBF63E89A0\SourceList\Net	msiexec.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\BFC6307A304B895458FF3D79BA8B1837\Assignment = "1"	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.AspNetCore.TargetingPack_x64_en_US.UTF-8,v8.0.14-servicing.25112.21\Dependents	dotnet-sdk-8.0.407-win-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\7D165E57B1AA73236A3F1393DE608D9B	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\063B39F100BCB144F85CBF873DF1A6F6\SourceList\PackageName = "32277fb0046810f330dde95ddb258712-x64.msi"	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\063B39F100BCB144F85CBF873DF1A6F6\SourceList\Net\1 = "C:\\ProgramData\\Package Cache\\{1F93B360-CB00-441B-8FC5-FB78D31F6A6F}v64.56.29393\\"	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\15D065009A8ECCB4FAACD02F083CA8A1\SourceList\LastUsedSource = "n;1;C:\\ProgramData\\Package Cache\\{00560D51-E8A9-4BCC-AFCA-0DF280C38A1A}v64.56.29393\\"	msiexec.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\63337BB296F4141479799EDBF63E89A0	msiexec.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\57E95FB650EB96C4C98453236BEDE05C\AuthorizedLUAApp = "0"	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\FFF2757F4DA9B744AB37ABDAFE7E4713\F_DependencyProvider	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\710B8D73525E0E54BA5E0B3DF75C60B0	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\39FE56D1ABAF49642B84C568BB22D00C	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\630BEA3FA8B452C44B2D5890449E904C\SourceList\LastUsedSource = "n;1;C:\\ProgramData\\Package Cache\\{F3AEB036-4B8A-4C25-B4D2-850944E909C4}v64.0.5426\\"	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\1FB5C72EA3BAE1542AB318D799C9AB27\SourceList\Net	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8265A81081349CF47B219B92F2141762\PackageCode = "CDC020C645590B04DA49A7747967931B"	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\CFEB65CB7B9DF674B9C7C24D4975C272\ProductName = "Microsoft Windows Desktop Runtime - 8.0.14 (x64)"	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\8E99F865D2F97D840AD56DC415B2A3DF	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\FFF2757F4DA9B744AB37ABDAFE7E4713\ProductName = "Microsoft.NET.Workload.Mono.Toolchain.Current.Manifest (x64)"	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\063B39F100BCB144F85CBF873DF1A6F6\F_RegistryKeys	msiexec.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\063B39F100BCB144F85CBF873DF1A6F6\AuthorizedLUAApp = "0"	msiexec.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1136229799-3442283115-138161576-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428\Moniker = "cr.sb.odm3E4D1A088C1F6D498C84F3C86DE73CE49F82A104"	chrome.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96140E16B03D3A44CBE564A5AFD1C114\AdvertiseFlags = "388"	msiexec.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\28D975F216AAC104E8F559E9B6C29C40\Version = "1077441330"	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\CFEB65CB7B9DF674B9C7C24D4975C272\SourceList\Media\1 = ";"	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\9A58070B57F3C47348CCF3C9CD20783F\4F6EE11251606B33A826AD3AF811556D	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.NET.Sdk.Maui,8.0.100,8.0.3,x64\Version = "8.0.3"	msiexec.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\0D6FE611E8EAD6E40B8DFE1F54DC54AD\AuthorizedLUAApp = "0"	msiexec.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Installer\Dependencies\Microsoft.NET.Workload.Emscripten.Current,8.0.100,8.0.14,x64	msiexec.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\26740940011A64E47A82E78FD8CC1A1F\DeploymentFlags = "3"	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\96140E16B03D3A44CBE564A5AFD1C114	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\710B8D73525E0E54BA5E0B3DF75C60B0\F_PackageContents	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\7AAA19D1DBD6DC93BAE6418987BA70AA	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\3EC718C6CB23B6C4B8A16E7FE1ADFFCC	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96140E16B03D3A44CBE564A5AFD1C114\SourceList\Media	msiexec.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4F6EE11251606B33A826AD3AF811556D\Clients = 3a0000000000	msiexec.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Installer\Dependencies\Microsoft.NET.Sdk.macOS,8.0.100,14.0.8478,x64	dotnet-sdk-8.0.407-win-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\45077F2E1235D95468F495288A1E9601\SourceList\Net	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\063B39F100BCB144F85CBF873DF1A6F6\PackageCode = "6F7A0E4C53A516943B8872B182692967"	msiexec.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\063B39F100BCB144F85CBF873DF1A6F6\Language = "1033"	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.NET.Workload.Mono.ToolChain.net7,8.0.100,8.0.14,x64\Dependents\{ba474f93-a4b9-4941-8327-c6d488742031}	dotnet-sdk-8.0.407-win-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\26740940011A64E47A82E78FD8CC1A1F\SourceList\Media\1 = ";"	msiexec.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\FFF2757F4DA9B744AB37ABDAFE7E4713\AdvertiseFlags = "388"	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\45077F2E1235D95468F495288A1E9601\F_PackageContents	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\45077F2E1235D95468F495288A1E9601\SourceList\Media\1 = ";"	msiexec.exe

NTFS ADS 2 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\SecurityGuardian.zip:Zone.Identifier	chrome.exe
File opened for modification	C:\Users\Admin\Downloads\dotnet-sdk-8.0.407-win-x64.exe:Zone.Identifier	chrome.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
7100	chrome.exe
7100	chrome.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
6804	msiexec.exe
5620	powershell.exe
5620	powershell.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
6204	WindowsTerminal.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2552 wrote to memory of 3568	2552	msedge.exe	81
PID 2552 wrote to memory of 3568	2552	msedge.exe	81
PID 2552 wrote to memory of 4824	2552	msedge.exe	82
PID 2552 wrote to memory of 4824	2552	msedge.exe	82
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 3412	2552	msedge.exe	83
PID 2552 wrote to memory of 1880	2552	msedge.exe	84
PID 2552 wrote to memory of 1880	2552	msedge.exe	84
PID 2552 wrote to memory of 1880	2552	msedge.exe	84
PID 2552 wrote to memory of 1880	2552	msedge.exe	84
PID 2552 wrote to memory of 1880	2552	msedge.exe	84
PID 2552 wrote to memory of 1880	2552	msedge.exe	84
PID 2552 wrote to memory of 1880	2552	msedge.exe	84
PID 2552 wrote to memory of 1880	2552	msedge.exe	84
PID 2552 wrote to memory of 1880	2552	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://learn.microsoft.com/en-us/windows/win32/inputdev/virtual-key-codes
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x240,0x244,0x248,0x23c,0x25c,0x7ffab1e2f208,0x7ffab1e2f214,0x7ffab1e2f220
  2⤵
  PID:3568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1948,i,6173993233322814713,11135208447381185695,262144 --variations-seed-version --mojo-platform-channel-handle=2148 /prefetch:11
  2⤵
  PID:4824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2120,i,6173993233322814713,11135208447381185695,262144 --variations-seed-version --mojo-platform-channel-handle=2116 /prefetch:2
  2⤵
  PID:3412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2484,i,6173993233322814713,11135208447381185695,262144 --variations-seed-version --mojo-platform-channel-handle=2492 /prefetch:13
  2⤵
  PID:1880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3412,i,6173993233322814713,11135208447381185695,262144 --variations-seed-version --mojo-platform-channel-handle=3464 /prefetch:1
  2⤵
  PID:4872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3420,i,6173993233322814713,11135208447381185695,262144 --variations-seed-version --mojo-platform-channel-handle=3472 /prefetch:1
  2⤵
  PID:3564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=2512,i,6173993233322814713,11135208447381185695,262144 --variations-seed-version --mojo-platform-channel-handle=4164 /prefetch:1
  2⤵
  PID:128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --extension-process --renderer-sub-type=extension --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --always-read-main-dll --field-trial-handle=4064,i,6173993233322814713,11135208447381185695,262144 --variations-seed-version --mojo-platform-channel-handle=4220 /prefetch:9
  2⤵
  PID:2168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --always-read-main-dll --field-trial-handle=4156,i,6173993233322814713,11135208447381185695,262144 --variations-seed-version --mojo-platform-channel-handle=4244 /prefetch:1
  2⤵
  PID:2036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --extension-process --renderer-sub-type=extension --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --always-read-main-dll --field-trial-handle=4184,i,6173993233322814713,11135208447381185695,262144 --variations-seed-version --mojo-platform-channel-handle=4252 /prefetch:9
  2⤵
  PID:4236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3608,i,6173993233322814713,11135208447381185695,262144 --variations-seed-version --mojo-platform-channel-handle=3620 /prefetch:14
  2⤵
  PID:2508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4164,i,6173993233322814713,11135208447381185695,262144 --variations-seed-version --mojo-platform-channel-handle=4532 /prefetch:14
  2⤵
  PID:1936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=2488,i,6173993233322814713,11135208447381185695,262144 --variations-seed-version --mojo-platform-channel-handle=4468 /prefetch:14
  2⤵
  PID:6132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6012,i,6173993233322814713,11135208447381185695,262144 --variations-seed-version --mojo-platform-channel-handle=6008 /prefetch:14
  2⤵
  PID:4452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6160,i,6173993233322814713,11135208447381185695,262144 --variations-seed-version --mojo-platform-channel-handle=6168 /prefetch:14
  2⤵
  PID:8
- - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\cookie_exporter.exe
    cookie_exporter.exe --cookie-json=1128
    3⤵
    PID:2480
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6208,i,6173993233322814713,11135208447381185695,262144 --variations-seed-version --mojo-platform-channel-handle=6232 /prefetch:14
  2⤵
  PID:5672
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6208,i,6173993233322814713,11135208447381185695,262144 --variations-seed-version --mojo-platform-channel-handle=6232 /prefetch:14
  2⤵
  PID:3900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --always-read-main-dll --field-trial-handle=6028,i,6173993233322814713,11135208447381185695,262144 --variations-seed-version --mojo-platform-channel-handle=6168 /prefetch:1
  2⤵
  PID:2024

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:1588

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:3192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffac2dfdcf8,0x7ffac2dfdd04,0x7ffac2dfdd10
  2⤵
  PID:432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1952,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=1948 /prefetch:2
  2⤵
  PID:4352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=1452,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=2212 /prefetch:11
  2⤵
  - Downloads MZ/PE file
  - Mark of the Web detected: This indicates that the page was originally saved or cloned.
  PID:2164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2360,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=2368 /prefetch:13
  2⤵
  PID:1564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3172,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:2696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3192,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:2580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3856,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=4272 /prefetch:9
  2⤵
  PID:5592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4656,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=4508 /prefetch:1
  2⤵
  PID:3520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5344,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5364 /prefetch:14
  2⤵
  PID:5316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5400,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5412 /prefetch:14
  2⤵
  PID:2104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5388,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5376 /prefetch:14
  2⤵
  PID:3940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5656,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5664 /prefetch:14
  2⤵
  PID:5552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5448,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5380 /prefetch:14
  2⤵
  PID:2472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5384,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5676 /prefetch:14
  2⤵
  PID:1852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5692,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5668 /prefetch:1
  2⤵
  PID:128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=6092,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=6116 /prefetch:1
  2⤵
  PID:5256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4620,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=4720 /prefetch:1
  2⤵
  PID:5700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5920,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5868 /prefetch:1
  2⤵
  PID:5272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5640,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5560 /prefetch:1
  2⤵
  PID:2216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5764,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5748 /prefetch:1
  2⤵
  PID:4984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=4220,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5668 /prefetch:1
  2⤵
  PID:3080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5672,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5604 /prefetch:1
  2⤵
  PID:5468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6172,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=6076 /prefetch:1
  2⤵
  PID:5740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=4684,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=4708 /prefetch:1
  2⤵
  PID:4000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6504,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=6476 /prefetch:1
  2⤵
  PID:5688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5620,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=6048 /prefetch:14
  2⤵
  PID:5944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6272,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=4744 /prefetch:14
  2⤵
  PID:1556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=4636,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=3440 /prefetch:14
  2⤵
  PID:1116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=3488,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=4744 /prefetch:1
  2⤵
  PID:1552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=6500,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=6216 /prefetch:1
  2⤵
  PID:5328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=4268,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=6748 /prefetch:1
  2⤵
  PID:244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=5980,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5568 /prefetch:1
  2⤵
  PID:1252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=5896,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=3544 /prefetch:1
  2⤵
  PID:4836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=5808,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=4380 /prefetch:1
  2⤵
  PID:4952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=4344,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5880 /prefetch:1
  2⤵
  PID:6028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=6660,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=6592 /prefetch:1
  2⤵
  PID:2592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=6764,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=6784 /prefetch:9
  2⤵
  PID:4876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=4392,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=6908 /prefetch:1
  2⤵
  PID:2088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=6680,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=6924 /prefetch:1
  2⤵
  PID:5684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=7268,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=7092 /prefetch:1
  2⤵
  PID:4056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=7400,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=7444 /prefetch:1
  2⤵
  PID:5308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=7252,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=7572 /prefetch:1
  2⤵
  PID:6004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=7704,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=7740 /prefetch:1
  2⤵
  PID:2884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=7860,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=7884 /prefetch:1
  2⤵
  PID:4084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=8032,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8048 /prefetch:1
  2⤵
  PID:3636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=8172,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8200 /prefetch:1
  2⤵
  PID:2108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=8332,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8356 /prefetch:1
  2⤵
  PID:3260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=8384,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8512 /prefetch:1
  2⤵
  PID:5128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=8660,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8536 /prefetch:1
  2⤵
  PID:5932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=8820,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8832 /prefetch:1
  2⤵
  PID:900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=8852,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8988 /prefetch:1
  2⤵
  PID:5292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=9132,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9144 /prefetch:1
  2⤵
  PID:5460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=9460,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9488 /prefetch:1
  2⤵
  PID:960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=9500,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9524 /prefetch:1
  2⤵
  PID:2380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=9124,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9632 /prefetch:1
  2⤵
  PID:5012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=9756,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9792 /prefetch:1
  2⤵
  PID:1776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=9952,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9936 /prefetch:1
  2⤵
  PID:5188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=9660,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9916 /prefetch:1
  2⤵
  PID:4504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=10100,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10248 /prefetch:1
  2⤵
  PID:2056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=10440,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10380 /prefetch:1
  2⤵
  PID:944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=9648,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9724 /prefetch:1
  2⤵
  PID:2664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=7420,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10564 /prefetch:1
  2⤵
  PID:4076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=9096,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9036 /prefetch:1
  2⤵
  PID:4260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=10668,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10416 /prefetch:1
  2⤵
  PID:5724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=10744,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10724 /prefetch:1
  2⤵
  PID:6036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=10676,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10856 /prefetch:1
  2⤵
  PID:3036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=5700,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=6580 /prefetch:1
  2⤵
  PID:6872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=4320,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5844 /prefetch:1
  2⤵
  PID:6916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=5832,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5660 /prefetch:1
  2⤵
  PID:6912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=8992,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9752 /prefetch:1
  2⤵
  PID:6960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=5892,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5944 /prefetch:1
  2⤵
  PID:1924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=10700,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10948 /prefetch:1
  2⤵
  PID:6172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=9932,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9364 /prefetch:1
  2⤵
  PID:6480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=9572,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9612 /prefetch:1
  2⤵
  PID:6560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=3460,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8348 /prefetch:1
  2⤵
  PID:2404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=9724,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9676 /prefetch:1
  2⤵
  PID:4632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=9372,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5800 /prefetch:14
  2⤵
  - NTFS ADS
  PID:3936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=10600,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10732 /prefetch:10
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:7100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=on_device_model.mojom.OnDeviceModelService --lang=en-US --service-sandbox-type=on_device_model_execution --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=8804,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=4276 /prefetch:14
  2⤵
  PID:2984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5724,i,7406016457691989667,10961733072675117314,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9560 /prefetch:14
  2⤵
  - Subvert Trust Controls: Mark-of-the-Web Bypass
  - NTFS ADS
  PID:1932

C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
1⤵
PID:2416

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:5164

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3412

C:\Users\Admin\Downloads\dotnet-sdk-8.0.407-win-x64.exe
"C:\Users\Admin\Downloads\dotnet-sdk-8.0.407-win-x64.exe"
1⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
PID:5256
- C:\Windows\Temp\{F3A952CA-A1DA-4745-9FC7-0AE5A96FA8A5}\.cr\dotnet-sdk-8.0.407-win-x64.exe
  "C:\Windows\Temp\{F3A952CA-A1DA-4745-9FC7-0AE5A96FA8A5}\.cr\dotnet-sdk-8.0.407-win-x64.exe" -burn.clean.room="C:\Users\Admin\Downloads\dotnet-sdk-8.0.407-win-x64.exe" -burn.filehandle.attached=608 -burn.filehandle.self=756
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:2308
- - C:\Windows\Temp\{B6F65BCE-A412-4BE2-A516-57727F272CB2}\.be\dotnet-sdk-8.0.407-win-x64.exe
    "C:\Windows\Temp\{B6F65BCE-A412-4BE2-A516-57727F272CB2}\.be\dotnet-sdk-8.0.407-win-x64.exe" -q -burn.elevated BurnPipe.{64AD516E-541C-43B9-885C-F77010B077EF} {6F6B7640-80D0-45B1-886E-9E9D740A596C} 2308
    3⤵
    - Executes dropped EXE
    - Adds Run key to start application
    - System Location Discovery: System Language Discovery
    - Modifies registry class
    PID:5432

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Package Cache\{ba474f93-a4b9-4941-8327-c6d488742031}\dotnet-sdk-8.0.407-win-x64.exe" /burn.runonce
1⤵
PID:4952
- C:\ProgramData\Package Cache\{ba474f93-a4b9-4941-8327-c6d488742031}\dotnet-sdk-8.0.407-win-x64.exe
  "C:\ProgramData\Package Cache\{ba474f93-a4b9-4941-8327-c6d488742031}\dotnet-sdk-8.0.407-win-x64.exe" /burn.runonce
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:6936
- - C:\ProgramData\Package Cache\{ba474f93-a4b9-4941-8327-c6d488742031}\dotnet-sdk-8.0.407-win-x64.exe
    "C:\ProgramData\Package Cache\{ba474f93-a4b9-4941-8327-c6d488742031}\dotnet-sdk-8.0.407-win-x64.exe" /burn.log.append "C:\Users\Admin\AppData\Local\Temp\Microsoft_.NET_SDK_8.0.407_(x64)_20250406150232.log"
    3⤵
    - Executes dropped EXE
    - System Location Discovery: System Language Discovery
    PID:6516
  - - C:\ProgramData\Package Cache\{ba474f93-a4b9-4941-8327-c6d488742031}\dotnet-sdk-8.0.407-win-x64.exe
      "C:\ProgramData\Package Cache\{ba474f93-a4b9-4941-8327-c6d488742031}\dotnet-sdk-8.0.407-win-x64.exe" -burn.clean.room="C:\ProgramData\Package Cache\{ba474f93-a4b9-4941-8327-c6d488742031}\dotnet-sdk-8.0.407-win-x64.exe" -burn.filehandle.attached=548 -burn.filehandle.self=564 /burn.log.append "C:\Users\Admin\AppData\Local\Temp\Microsoft_.NET_SDK_8.0.407_(x64)_20250406150232.log"
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      System Location Discovery: System Language Discovery
      PID:6536

C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
1⤵
- Enumerates connected drives
- Drops file in Program Files directory
- Drops file in Windows directory
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
PID:6804
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 8F32EC9925FA4C6C0CB2895E975E20AB
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:6948
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding F44FABD4478823101C4B54E0767343EB
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:5244
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 7DFB887264ADC9802058C00D2BF45355
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:5156
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding CF738CB5CAE266C223A01190C5AD0DEA
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:5460
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 3AF152F9901A4563F373102B43E34D57
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:5732
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding ECCACF5BDAB3620A9E5BC64A128DF1B3
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:1524
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 18AC0E85EC33FCE8EB638F4528C9A08B
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:2128
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding A4246AE0B4FC9CEE4832C184C2F1448F
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:6116
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 9E32753A31F7484073E37230798F06F1
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:2900
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding CCEA89F7DBAFEA4BF6B47DCEE2BE282E
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:2880
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 6D8109EDFE1EB96C006B0D6CCDB010BE
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:1308
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding EECC71B3607F29586AB469FDFA86EA84
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:5336
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding E8A45C3579E561DABB0373D3A7529A79
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:1884
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding BB2ACAB1519AFCC40DD03CEF4D592C63
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:6580
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 22DA199B2B394645D1DEEBBCE79B9E93
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:6772
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 33C80A8C44FCB65B30BB6007EB2F9322
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:3552
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 155169F05C87DC88E31EEC945C77849A
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:4388
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 14E98EC9000457E16E6B9E8421E0CF5B
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:6372
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 01D3D17052EA0BCD7AD9905A7F46CC7C
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:2524
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 15D3067AD2C4958039662F5BED088905
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:2836
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding F691BA54B4B784F5AD89F1367B5352C3
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:6856
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 90AF4FBA244E2C25A62A67BFEFD51300
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:5792
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding F126CB33D628B1DEB32EA892B49798E1
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:2472
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding B99179F9A6D74B15A054D56361002E9D
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:5276
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 02D87215FA10225E74A2A63F288C5E01
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:776
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 4BDF40CAA6EFDBC0B20470C6075C50D3
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:5804
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 833EA496DCA81702DAA59B1E73076772 E Global\MSI0000
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:6520
- - C:\Program Files\dotnet\dotnet.exe
    "C:\Program Files\dotnet\\dotnet.exe" exec "C:\Program Files\dotnet\\sdk\8.0.407\dotnet.dll" internal-reportinstallsuccess "C:\Users\Admin\Downloads\dotnet-sdk-8.0.407-win-x64.exe"
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Modifies data under HKEY_USERS
    PID:6848
  - - C:\Windows\system32\getmac.exe
      "C:\Windows\system32\getmac.exe"
      4⤵
      PID:6544
  - - C:\Windows\system32\getmac.exe
      "C:\Windows\system32\getmac.exe"
      4⤵
      PID:1724
  - - C:\Windows\system32\getmac.exe
      "C:\Windows\system32\getmac.exe"
      4⤵
      PID:3644
  - - C:\Windows\system32\getmac.exe
      "C:\Windows\system32\getmac.exe"
      4⤵
      PID:3000
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding C783F39EFB22D084F0B15DDF43D0C12D
  2⤵
  - System Location Discovery: System Language Discovery
  PID:2072

C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.6.10571.0_x64__8wekyb3d8bbwe\wt.exe
"C:\Users\Admin\AppData\Local\Microsoft\WindowsApps\Microsoft.WindowsTerminal_8wekyb3d8bbwe\wt.exe" -d "C:\Users\Admin\Downloads\SecurityGuardian\SecurityGuardian\."
1⤵
PID:4020
- C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.6.10571.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe
  wt.exe -d "C:\Users\Admin\Downloads\SecurityGuardian\SecurityGuardian\."
  2⤵
  - Suspicious use of SetWindowsHookEx
  PID:6204
- - C:\Windows\system32\wsl.exe
    C:\Windows\system32\wsl.exe --list
    3⤵
    PID:564
- - C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.6.10571.0_x64__8wekyb3d8bbwe\OpenConsole.exe
    "C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.6.10571.0_x64__8wekyb3d8bbwe\OpenConsole.exe" --headless --win32input --resizeQuirk --width 120 --height 27 --signal 0xa24 --server 0xa20
    3⤵
    PID:6380
- - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    powershell.exe
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:5620
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" build
      4⤵
      Executes dropped EXE
      PID:5832

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

SIP and Trust Provider Hijacking

T1553.003

Credential Access

Discovery

Browser Information Discovery

T1217

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Config.Msi\e5ca5ef.rbs

Filesize
48KB

MD5
3ada25fd04d939f38b4172fa18327c23

SHA1
a4f19403cb77ec1ee340df4cdfd1afc4a7ed475d

SHA256
32b68aafccec4d9c19f7bcefc4ca3d62f4cd01d8001a8a08c0b7546387a5c4ff

SHA512
c49f57789ef057bf4032f61946903d62a75d3a13a0ae2254850f794e7fcf1f25e497a100bad381a49b4781955134b973c7161ba14a11573b2fa057e53b1b1be8

Download Submit
C:\Config.Msi\e5ca5f4.rbs

Filesize
9KB

MD5
778143089699b9b4fa546e4c5c81ec35

SHA1
b464a003e37042016c665049b6c8b786371d5d27

SHA256
b90b81167be67a1c2e1192d456c9c710f162af216ab7612545b461c4dd800c4b

SHA512
9dfe7732cff7ffa42587ff8d0b2929ffedffdab989ec139fbce94eee1074c36444ae4663e057c5b7a73e87e0b7b4460ec4a74d3915bc871221a9822773a2a21e

Download Submit
C:\Config.Msi\e5ca5f9.rbs

Filesize
11KB

MD5
dfce66fe99180dc85d649159c60b7f42

SHA1
882f3aef2b78ed566243bdd4ade8cd45c3339060

SHA256
06b5ef8cfa606710e59bee12733a501c78f462402829cdb6f78c366ca6ee6323

SHA512
f6548a9b8a4452b74ee2cade2f3320d88b7f81a8869fcaf031fe0a43070697a85f104aba133671d95bbd2b2ecbd3a7bd8ec25b85929f6396e01aa600480c96af

Download Submit
C:\Config.Msi\e5ca5fe.rbs

Filesize
8KB

MD5
075afa7eb5d19d147b3bd502f239faba

SHA1
309f0036b390e02862a27ebdfe11a01c66a70b21

SHA256
e5503a8fd08bf53c68e05496b18d21fbec8cb5a3725d083dcb3905da943a7171

SHA512
4d7272402e5655fa09fffe7ae005304e6acc4a390b0f69a1226afa2a31384dc6ca31dd6001151c3c193812f8e18ee3455d081f96aef2c454fa5c9796e4b38610

Download Submit
C:\Config.Msi\e5ca5ff.rbf

Filesize
143KB

MD5
33b4c87f18b4c49114d7a8980241657a

SHA1
254c67b915e45ad8584434a4af5e06ca730baa3b

SHA256
587296f3ff624295079471e529104385e5c30ddc46462096d343c76515e1d662

SHA512
42b48b4dcd76a8b2200cfafddc064c053a9d1a4b91b81dee9153322c0b2269e4d75f340c1bf7e7750351fb656445efaf1e1fe0f7e543497b247dd3f83f0c86f9

Download Submit
C:\Config.Msi\e5ca600.rbf

Filesize
3B

MD5
21438ef4b9ad4fc266b6129a2f60de29

SHA1
5eb8e2242eeb4f5432beeec8b873f1ab0a6b71fd

SHA256
13bf7b3039c63bf5a50491fa3cfd8eb4e699d1ba1436315aef9cbe5711530354

SHA512
37436ced85e5cd638973e716d6713257d692f9dd2e1975d5511ae3856a7b3b9f0d9e497315a058b516ab31d652ea9950938c77c1ad435ea8d4b49d73427d1237

Download Submit
C:\Config.Msi\e5ca604.rbs

Filesize
94KB

MD5
0dd26dff65c43e0331df840fd85b7219

SHA1
b45840fd1544c1adfe5ef0c0d404f89e3c48f2f1

SHA256
f7e448639535cc0699bde97d240d81d53db3704834adfe012febb6dd5fbd0881

SHA512
42e2a3e442c013fdc12f661d48a7710bffde5d39dd8846bc2319f846d3b29c0d9aff269d846111d6379e6bb58621d2b777680d0d5298c9acbf20ec0ef131951d

Download Submit
C:\Config.Msi\e5ca609.rbs

Filesize
11KB

MD5
dfe9b09a9e0d0d46f88f098f11d2a1d7

SHA1
025c34129c7b242a07f0e9ccc2ed717dfde91a5c

SHA256
b3050bd48595bcf0240b58102b9ab8e7bcdc959be9d021099e3a91d913055e04

SHA512
98cc4065135ec64b450b513c93a820d92d1149905647b64727bbe0d135eda212cf844d104952f2078d88fc12aabd631dddd7d569cbc5abb44fa06dca0aea2665

Download Submit
C:\Config.Msi\e5ca60e.rbs

Filesize
11KB

MD5
bc7b39cf0f3e40aa73e4d85669806b61

SHA1
dc09bf5a5d14f640cca932ccfe26dccd8ef714b3

SHA256
7b5e72df54d2ae1d08428f314cad12531b2cb3395b212b2b6bab378ac038bc6d

SHA512
7adeee6af1a94f048be48e5df9c15905726d9f683c2c258794bba8e25840d97e91bd0c73387f81907be46d40c915566b49d46d7bc08a38a0aa44c2bfe79c5add

Download Submit
C:\Config.Msi\e5ca613.rbs

Filesize
11KB

MD5
af8b1195fc43e71536076ca474399945

SHA1
a12546566a45e269e745611de05d956b91a1b7c5

SHA256
088caffe9a0d725c8620a1f81da2fc4e1842bd57cc9b7d634e0d0ecf007d8d4d

SHA512
0887146f91d89687f4f223b35c1b760f3f419ced5de39b77e6c4d9217ae18dbce10b98126ae2a36e55ed963320f2ba88bc94a4ac95d58a3181d4c145ee5ec9de

Download Submit
C:\Config.Msi\e5ca618.rbs

Filesize
35KB

MD5
34e94087fd039a80150d5ed751a3bfef

SHA1
192c6eec253038e0df53c35e6d8b107dbfb07533

SHA256
4c954354778ca34b1ae9f283f43562a0ac21f307d4b7e060cbf51f6e06457574

SHA512
77709c3bfb8be34b6c2b82e986d0dc764503269e202a9b942dc7ceff7aa19c23c4a11a0bdb19203ef817197476cf7eef4a093c4e66d8dadfecaf55a6801d7585

Download Submit
C:\Config.Msi\e5ca61d.rbs

Filesize
87KB

MD5
9f890861eb425d3feeed1e6ea759ae2c

SHA1
2922efb5c0e993921c0bd8a11b6c8efe762ae567

SHA256
cbfe77193c47690792f47106b6c23329fdb1722971669f876ff05c38850d349f

SHA512
d950ffbe6b420c978c45c5f652e85b6737a1991f7aa0f00e4b73c2de24b5fe66df7178c9b8aa9be981ee69d2ddafc56e782d4a55ec8c2277ccb292b4cbd9f213

Download Submit
C:\Config.Msi\e5ca622.rbs

Filesize
40KB

MD5
0a24b5fea1a618fb0d6032523d59f770

SHA1
0a87b8ad9c7f26d9491daa0b7bfa4e23790b7933

SHA256
44427d82662b48340ba996d84f61a566495cacdf26da2d7402ae19b6137b5ca0

SHA512
34e13ddd4bebcd0e6e9fd61d04caff718d974d31013942bbccd902f4bbf5651219838a5b387a6e3c13702d4988e2d2261bab1e009555d6c6274c20096d7cb433

Download Submit
C:\Config.Msi\e5ca627.rbs

Filesize
92KB

MD5
14389a2802bae0794d60b2f1fc8d385a

SHA1
35eace638792e1e120ee42dcc02787263f0bc99b

SHA256
09149d873ef5143c2661daf9a63317b62c174c511ea87c9cde69230964d86359

SHA512
2dc4378e6ebdd1457e12e9599f60a44c522deb26931d6213fca7e6a1728e1669d70074efd6c771ad4e6351d16ef18f26ce060843305c944107e6520c0693ca80

Download Submit
C:\Config.Msi\e5ca62c.rbs

Filesize
9KB

MD5
cfcf7d57baa70119a2584ef88d775457

SHA1
006bfd2a4f4f0626daf4247eaf4c76f0611b0447

SHA256
e553b5de6e574314aece86fc32247ce8f960d0854d01eea960c0678c7b838a3f

SHA512
59b6ccc32211d7b44cf9154797a097fa3ba50f4d96eb0437022c286315ababb9abbeb826636bb0e1b3ff8cac5480221967c2d261826528c8aaf9531517aaa55a

Download Submit
C:\Config.Msi\e5ca631.rbs

Filesize
8KB

MD5
19cbbd795f3d9ae5725bafc21b55f724

SHA1
51117cda58f895402da5486bd8b68fd4115b4c1e

SHA256
3aee13e24359b88fbd4a8e3f5aaa864d3b4c4747a385731b02fc9adabc718853

SHA512
b11e1de2a6ab6d5ed9e4cedaca918d512e05348ed88bc5efeed885c72a4a60aeeb50e773addb808154fb01d9eb57dd48a11654959c3c7f8c8cebda6e5fbf3dd7

Download Submit
C:\Config.Msi\e5ca636.rbs

Filesize
8KB

MD5
c7ff1149f9bf4898c10d489e07cf750a

SHA1
159aad8600b2351835e479bab216036e22d100e5

SHA256
28974868aeeb0fd4e08d3e4f3b7d72667816b62d7177d0b3cdf98f51b757337c

SHA512
d38293974c4bcf0487c7eabe275546ceb398ffb352109e3ce8f691d53cb98a81dab01695d60eb09a2dc09597c653d720676ab80b5f6c7aebd2d80deb11c16fcc

Download Submit
C:\Config.Msi\e5ca63b.rbs

Filesize
9KB

MD5
7a9e8c943aa2f8774dd2f83dd0711d5f

SHA1
360c2b6c565313fe0d4de71d89a028166f440a96

SHA256
aa3c7d92ab948bcb11a51feddd317f83d63c7d548abbd2a5418b433199be94dc

SHA512
a174037f8af1da4bfb170423781e7e3db2e1bc2f13fb9dd4d5b3a27b6cf814929f002ccf69b719e0d8f5e3fe68bf52c9ae877806497c26aba3a4b4a5b12a2ee1

Download Submit
C:\Config.Msi\e5ca640.rbs

Filesize
8KB

MD5
e0c292a0e6d26d4dc877dc28e714aaa0

SHA1
76cbf1d6d180cf642706a925707910e1bf874f29

SHA256
8b1919e87a9ca56c50dcd79f3564adb06caf92cb11d3841fe705af211924bc3d

SHA512
927ba4c6f04736a6cf6ce2e5f90f421f8b8de76c77407c8fd6341273965b652ab00470e03d9db3320aa7e77bd414c06ac064f8203f4e6a8cc2f2b4aca3620dec

Download Submit
C:\Config.Msi\e5ca645.rbs

Filesize
8KB

MD5
9ca720d77d3a7e36e5d51dd1d24a8699

SHA1
9674cf5a5a97eceb26d376cf889e88058176a0ef

SHA256
ba38671374b13637d9f0acb17e8067a594993b531b509fd1f1466b8000da82b7

SHA512
3633b65f1fe5cda3ae7a8b93aee9e80bf99edb755c460355bf35da3638d3463951f4ad411a4802f047d4e0587aff3e1b0644bba0eeacb27ff832b96d04b5381a

Download Submit
C:\Config.Msi\e5ca64a.rbs

Filesize
8KB

MD5
b148b27b88f5eae07dbd128774592aac

SHA1
e886536c31db8744100f40242010ce4b0776d87a

SHA256
336a82a91208a9ef1a7fbc469f9f1fd4973e1b3bee4eac77bf9d745cbb3f0ffe

SHA512
ff3000494267eb9e3f205b57bf3dee5b5e38af3c67a589283bb360cd423d2ee10529495a85b7beccb1b40b37d0d1c7a80db2644dac9c4cdcaf807d202f5711ca

Download Submit
C:\Config.Msi\e5ca64f.rbs

Filesize
14KB

MD5
06a47cb65ea6edfc0c8242afb00b1ca6

SHA1
2995388504d70414a9c543b01de9f7fe0cefe35d

SHA256
4f81f5a1017e4d01d36b50f425e1485f5210ca0a49b6296ccf175386c92350a8

SHA512
14e110e3ed7309c3a6f98ee53f03793ee1ca7118fc53d849dc2b1ec97a01ab03c577f19975df5bc4406e13c6cb500cf91c096e250ccf55e65390e2919218b5cf

Download Submit
C:\Config.Msi\e5ca654.rbs

Filesize
10KB

MD5
442500331cd318c1a14bc2cf60dbf878

SHA1
95b7da26ab5f1160361ac7ffc783b2d6709a7abc

SHA256
50fc9f7e1f4a31a5d5b3c8500ff8cd1fc059d30fa02e6e0cf0ba0016501d9242

SHA512
d940c449c7a556e8516af5857f88e9c0dc1ad9aedbf2ae98bf7ba8f5e65851cdc2270641d43abaf65880fc47563b2c35137ac6ed456f825d90932a6d7fa42e97

Download Submit
C:\Config.Msi\e5ca659.rbs

Filesize
10KB

MD5
8244e8b9ff8a73f5c3b61140cef4d403

SHA1
982b30112b44ef3a8935d6830710d4db28f9d27e

SHA256
e878ecf73135b360f613e8991aceb6dbaeed3699729cbe567e877acd95467d61

SHA512
a2827bf4d4b751da78c53ceb30455879b421348340ddc12e4b950288e03a3af233fc5f44168c74e03796e6b2db7fae03ad0884dd902586f9a82ae9aa76abc83e

Download Submit
C:\Config.Msi\e5ca65e.rbs

Filesize
10KB

MD5
f0d6a43c264cfe0f9a1d3e13727a5dd1

SHA1
96e15acbba400c1b6d22d9f9035b6d63735bbde9

SHA256
df22b99ee1769b154d1cc222330799fabbbfcc11e0dddef6e6164bd314d47189

SHA512
0956289ea61ca0127b7b300401f821237eff894989e36ca1039fd2b7f6fe92311f74ccb5a07363c0744ee3a653e6d6e99936f1b0b5925ff863508bc36fa15679

Download Submit
C:\Config.Msi\e5ca663.rbs

Filesize
13KB

MD5
0ac386deed6451dc4a1418139a10232a

SHA1
d7fd4dc5235ef41e2cbd9780afcefb1ca3d24d4f

SHA256
ac39ef9c7447908a16b1e8592127977c7b6f19e401b3678025b4dfff79e21722

SHA512
d75b64e1eefc166eebaeda58ae123d77f8ae1b0ffb379ded47c81098d4c8cd9c7218e2cb3f61cbebd8365aa8a6d58d33fe5343f0ff1e9b60f4730f7dd30489aa

Download Submit
C:\Config.Msi\e5ca668.rbs

Filesize
13KB

MD5
8d82b22df643705ed53fce663d29a404

SHA1
4029f6b5ed2b4f7759d0dd9b58660e5d07c04dd9

SHA256
77ebd603843aca57f5a89c8520f343382baa3d06d68a4c5a325a5176f24b6844

SHA512
c6690e533754d7ecdbac31f6a29394e94c766e27e378f1e92eda86f3e9b46a31d9b896c6ff869aa246bf211d26b2dc7acac1b4ad4e0fbcd9fdcd80390eed43fa

Download Submit
C:\Config.Msi\e5ca66d.rbs

Filesize
9KB

MD5
55b30b562777d21a022f97216e40d1ff

SHA1
4d670c5d1bb03eb3156feb71bf8f417c6912ea8e

SHA256
6403dc7a65ce99354a4d65eda3a4c3084ae5381c40d33f6c2b7570723f5f76b7

SHA512
d8e126a6060af8fdbae7215e38e5a99bf7ed31f910f37a5b87ca9cdfe8fb2d1e54d4c232e9f1b7d887bc6a8987ff60a5858c111e06b7137272be79f868645ff8

Download Submit
C:\Config.Msi\e5ca672.rbs

Filesize
997KB

MD5
1f8d3f7ac16e8ac3c0f9833ee6e9d440

SHA1
86649a875b15f545eb4d322b7e13b4585f81341c

SHA256
8437de4e64802e62a586d0de23ca941189971a9d88232a88f97a66dd70d6c718

SHA512
c0d70603c9a8ee1e2ad675ed68a4db46df8b74ac348b8eb09067a684f09e499af7c4af341b40c84fd64284a5ae9910bd330b903628e0a0a2b3ea8d70b8aa10e5

Download Submit
C:\Config.Msi\e5ca677.rbs

Filesize
41KB

MD5
8595a0def8b9d1143d7b70d653d0e230

SHA1
2a8f3856b0f1ea5731648224b3c6417b73c58077

SHA256
f25be5dede7ca0e997911e2108ff613a9dd380f083f83978f844b759d04181d9

SHA512
bd11c3c19db3331e905a2970fffc92d41c91b1970ece4c8f573f3ef2d9355aeb4fd12cb6fd1457a21f9e232db451fd0bbc45f57b9123c2b62fe9de61dc2e8bee

Download Submit
C:\Program Files\dotnet\dotnet.exe

Filesize
143KB

MD5
a770372a6e2b5b4ac6854392dbf3edbf

SHA1
80e85505351bdffdd127770e3d13bf07844406f0

SHA256
a661fd193c5da59797d2d6327eb2d51adfc4e62fa6360f4c480a418596eac90b

SHA512
17cc59e716aac6460ede821da1b16d14b15220a583d45bb3e5808f4178d04c4134c9fb36b72756758c8562b49aaf2920c17b3bef4f1209590258c26437579037

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\Containers\containerize\cs\System.CommandLine.resources.dll

Filesize
18KB

MD5
2f679e46823cf54660405eda0dbf0842

SHA1
29fdcbd753e36022b6308425dad9323e5f3472fb

SHA256
6c9e8a37d656c8ee738cb0db392d49e908505a82175266e072a4552a7c98adcf

SHA512
f07fac0e45c87ea34fd1e9354fbdcaeb61f0a52b23cfd993def3c71f8c5d7249f861dc8c2dab427fb93e2bfbcd156d2f0518faffb91853e70530e2ad71e4cef5

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\Containers\containerize\fr\System.CommandLine.resources.dll

Filesize
19KB

MD5
aa8eeb801d74a4e562fd8c044e03fa8c

SHA1
8653841bd62dc74f605f608ed8f354dd692faaa2

SHA256
7ad12924769e5e85266ebd510fb4be141cf5092f0f8988345f80f5bacce0479b

SHA512
388ad6fcb298ad170e45f214ea4b1d1e5844efc1612800341a4b1b651ee3ca25b4bcdf541bf2f8f0975a1da50dbe8f60ff8651c100f8675b9e3ce924b0f08db3

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\Containers\containerize\tr\System.CommandLine.resources.dll

Filesize
18KB

MD5
c9c8df325a05d227bc32a5d854713c4a

SHA1
cf9ea69ccebd1ef0bd46beff01254a02c5fb0131

SHA256
7a2ada59d84ae17791ca23ff010f1251d98a72df15d1c7355274557349c124bf

SHA512
fc38b3d241bb8315202d2b40821d9a8ca4075ad7ccffe60a97268805e9cb00e83e6136d872f248661843753415b6eee22858a7de829cf60affc4c89c3793dd97

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\Containers\containerize\zh-Hant\System.CommandLine.resources.dll

Filesize
18KB

MD5
9101e8227a7ab83cafd27e4ec222ba10

SHA1
3a80807f7cd695bd9258eaaadf8b2d7dccefc125

SHA256
8508d85c0fcf1040b05d2a2f0c7e4f74ac476f9a46f414e05e8d47d565367e5e

SHA512
e017142f816299ea430a980db1b15298e4f45b4d8264b06160194061f7cb9c8cd3c9a1a8976eedee1f67d6a94b6a393583909c7c167e4407a5c47cb686f23412

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\Containers\tasks\net8.0\es\System.CommandLine.resources.dll

Filesize
19KB

MD5
79e57433e70b5a0a300303dfc5d759b4

SHA1
cfe5862964f3b389cbac01e157e9ade0031e45ef

SHA256
b58c35c328c383e3461c3ea2f1f0c46e7a48446d863f2c2c63f42aa466e002b8

SHA512
8f2ee3b02c4bee0483ed702d283bd9e513917044bb77aa4412dd85de501a8a52c966510df948a9f5f36177407bd111633047686d727fe32de14599e17b229de4

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\DotnetTools\dotnet-dev-certs\8.0.14-servicing.25112.21\tools\net8.0\any\dotnet-dev-certs.runtimeconfig.json

Filesize
341B

MD5
cff58945d52fdc6200101ac1c30f28f2

SHA1
bbda15a7af668e58379d962ad02d3ca7e0c37e41

SHA256
3628ab20f5c99a3630bae77d5368745edfdacc2ae038c9ae61450d024bedf330

SHA512
fd5b71613c76185a46b4aaf32320e368474ed1b49076958102120d9e1d93050a11f21c3e21aa6586f487a0538f4ddf5e702625893635813d032418b320fd2e07

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\DotnetTools\dotnet-format\de\System.CommandLine.resources.dll

Filesize
18KB

MD5
e771e643a2f47b5d527aa4dd1e857aed

SHA1
ddb6ebbdc354122989c67ed9cc2555da640b16e5

SHA256
8c4a1a6e84875ae583fc032a723e934f0d8805d452b43a81b4eec624b5ea7e15

SHA512
14d17e82464fb813ff044b4e5dad1a429f0fd8fc5973ba2bcdb50edbef7e129048133d99b5c50f86a3f82d33b9faddbbeafff222d92b80e31ff963345c4b29e9

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\DotnetTools\dotnet-format\pt-BR\System.CommandLine.resources.dll

Filesize
18KB

MD5
c7f0f7e0a7562225d7b60b88459bde92

SHA1
96c432044ecf7d346e09c6c46f5ca163396d97f8

SHA256
516e73295a8c886807ef125de6dfdcc3b783133603655c7a105b38a953ca3353

SHA512
05cd9ad86c824d498ab7e0be7656c233cb051b056dabefd9d037923f7d3a1bb967182f575dee89896c47912fca4a2227c56f8f26f0c2949ee18a38d7e041b999

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\DotnetTools\dotnet-format\zh-Hans\System.CommandLine.resources.dll

Filesize
18KB

MD5
c182eebde556be386ca5b656974993fa

SHA1
864aab5c6e71bc3537612c2541e7737d02e6f4c0

SHA256
d8682c24396dd5093f4e4bee6cc021148ed2558039b2682bebb60dbb95db56cd

SHA512
3613cf324c708564185f021404215202dc2fd5340890db115bd906716a9ce74900aba954c68ab13900c79bbe869b916739157e426a0196c1843426beb9d4ef52

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\DotnetTools\dotnet-watch\8.0.407-servicing.25113.23\tools\net8.0\any\BuildHost-net472\System.Collections.Immutable.dll

Filesize
246KB

MD5
af7880a90c02c0115cd169c7182ab378

SHA1
6e3ccf50bb1d30805dce58ab6bdd63e0196669e6

SHA256
d5ec0837bb176abf13dcd52c658c4e84c5264f67065b9c19679b6643f7d21564

SHA512
5377f83cfb8b9892727ed22ba0b9b1a75b2d4750caa6da04f4eeb0f6f9c0f75949226b2ca00876ad1f4c9de02f8ffb1cbcdb3048fbe6d26a6119148282e818a1

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\DotnetTools\dotnet-watch\8.0.407-servicing.25113.23\tools\net8.0\any\BuildHost-net472\System.Threading.Tasks.Extensions.dll

Filesize
25KB

MD5
e1e9d7d46e5cd9525c5927dc98d9ecc7

SHA1
2242627282f9e07e37b274ea36fac2d3cd9c9110

SHA256
4f81ffd0dc7204db75afc35ea4291769b07c440592f28894260eea76626a23c6

SHA512
da7ab8c0100e7d074f0e680b28d241940733860dfbdc5b8c78428b76e807f27e44d1c5ec95ee80c0b5098e8c5d5da4d48bce86800164f9734a05035220c3ff11

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\DotnetTools\dotnet-watch\8.0.407-servicing.25113.23\tools\net8.0\any\it\System.CommandLine.resources.dll

Filesize
19KB

MD5
4e92ced559ff6f26d238fc5393dab39f

SHA1
400983302371c5a7ba38e3dba8fbc4c5f8192018

SHA256
37ab1ac8eafeb21cdca5418d01ee65671dacad3fe206f13e8ddb5b199e5ee471

SHA512
0c77f4392b804a0f47e6c535ac7497182cd4a47e19d1d437d15d73ccfc03bb8febe45ae01965eb9e70a77059ed271bcad210f5495998c75b4ec46c1858fc14c3

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\DotnetTools\dotnet-watch\8.0.407-servicing.25113.23\tools\net8.0\any\ja\System.CommandLine.resources.dll

Filesize
19KB

MD5
5d26652b0f420ca6ba2bfa00b84eea38

SHA1
8dc1d2a7cb6b857344c120544f842fccdaa97e79

SHA256
654efb9ccd7c39ce7992616f8aad94e5855f01a3b1ad5dbf21710b1b6d24f00c

SHA512
5e066b399ce519202f2dc8299787ad47bd37467e85598489489bd5f0f49c424518ed6c4e89cb6ea44c038ceec9a5169aa0c1afcccb0de55ea805e1e0641a7419

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\DotnetTools\dotnet-watch\8.0.407-servicing.25113.23\tools\net8.0\any\ko\System.CommandLine.resources.dll

Filesize
19KB

MD5
ea1fc85ccabec5aa1ae22452afbafac1

SHA1
8ea9da27d9335f80c76867837688218b78311148

SHA256
f3d814678daa95c4609d723548edef7a76bb87423a4e78a20e48fded87089483

SHA512
42a8c0fd58cad8765712b0379a9ea8adaabaabfa2fb5e2760756e0cac80c30484da491065634aa406ec6fd2ffef0dcb386fa6378e191afb6fcb48a7845c8c479

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\DotnetTools\dotnet-watch\8.0.407-servicing.25113.23\tools\net8.0\any\pl\System.CommandLine.resources.dll

Filesize
18KB

MD5
3f14df8e4be6100673090c43eb3c3476

SHA1
61c1e35aeb6cb477077416f050c344fb18f5f87b

SHA256
09eafe24bde0110f526b49001d97673e533ffd9d361d9be9c4b511eac4dd1bc2

SHA512
7988759407514f6a6d3792ce58c582420eba75bb1871d8392f0f018f403557bc99d665c7655f913c9021d6ed777f7bb8b3d12a52ba5869abf48ea29e7c2d977c

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk.Publish\tools\net472\Microsoft.Bcl.AsyncInterfaces.dll

Filesize
26KB

MD5
ff34978b62d5e0be84a895d9c30f99ae

SHA1
74dc07a8cccee0ca3bf5cf64320230ca1a37ad85

SHA256
80678203bd0203a6594f4e330b22543c0de5059382bb1c9334b7868b8f31b1bc

SHA512
7f207f2e3f9f371b465bca5402db0e5cec3cb842a1f943d3e3dcedc8e5d134f58c7c4df99303c24501c103494b4f16160f86db80893779ce41b287a23574ee28

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk.Publish\tools\net472\System.Runtime.CompilerServices.Unsafe.dll

Filesize
17KB

MD5
c610e828b54001574d86dd2ed730e392

SHA1
180a7baafbc820a838bbaca434032d9d33cceebe

SHA256
37768488e8ef45729bc7d9a2677633c6450042975bb96516e186da6cb9cd0dcf

SHA512
441610d2b9f841d25494d7c82222d07e1d443b0da07f0cf735c25ec82f6cce99a3f3236872aec38cc4df779e615d22469666066ccefed7fe75982eefada46396

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk.Publish\tools\net472\System.Text.Json.dll

Filesize
629KB

MD5
d7e1e8629da31f3482045f243edd50be

SHA1
d3ad7f529c0b9232206348842e31566ad7347135

SHA256
86c3f263ae9b4469ab1266c80471087082447eb4a38e6b97bf5e84de15c07a1d

SHA512
0ebfcae7cf17ca0c4299f6d1cd850f0f8959b49e6bbc05079fa6679838abff9eca3a09ad8158f7b0395dabb20a0b9a25efe1d8f645ca9ef69bedce45606a23d3

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk.Publish\tools\net472\System.ValueTuple.dll

Filesize
24KB

MD5
23ee4302e85013a1eb4324c414d561d5

SHA1
d1664731719e85aad7a2273685d77feb0204ec98

SHA256
e905d102585b22c6df04f219af5cbdbfa7bc165979e9788b62df6dcc165e10f4

SHA512
6b223ce7f580a40a8864a762e3d5cccf1d34a554847787551e8a5d4d05d7f7a5f116f2de8a1c793f327a64d23570228c6e3648a541dd52f93d58f8f243591e32

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk.StaticWebAssets\tasks\net472\System.Buffers.dll

Filesize
20KB

MD5
ecdfe8ede869d2ccc6bf99981ea96400

SHA1
2f410a0396bc148ed533ad49b6415fb58dd4d641

SHA256
accccfbe45d9f08ffeed9916e37b33e98c65be012cfff6e7fa7b67210ce1fefb

SHA512
5fc7fee5c25cb2eee19737068968e00a00961c257271b420f594e5a0da0559502d04ee6ba2d8d2aad77f3769622f6743a5ee8dae23f8f993f33fb09ed8db2741

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk.StaticWebAssets\tasks\net472\System.Numerics.Vectors.dll

Filesize
113KB

MD5
aaa2cbf14e06e9d3586d8a4ed455db33

SHA1
3d216458740ad5cb05bc5f7c3491cde44a1e5df0

SHA256
1d3ef8698281e7cf7371d1554afef5872b39f96c26da772210a33da041ba1183

SHA512
0b14a039ca67982794a2bb69974ef04a7fbee3686d7364f8f4db70ea6259d29640cbb83d5b544d92fa1d3676c7619cd580ff45671a2bb4753ed8b383597c6da8

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk.StaticWebAssets\tasks\net472\System.Text.Encodings.Web.dll

Filesize
77KB

MD5
fa9d0d182c63c49a4c567f7c1652b6e6

SHA1
55ddfbe80762c02f9a9c65809f9ec3ef8f7f2ccc

SHA256
e9c4f5eed186cb129c527c4b8d67d163ea2f2396e9d8b96e30b5e7c12203ce84

SHA512
58f468c982ab66930ff37efb5a941db116e8c1aed66ebc23720a7b18f71bebe1e929bea76680294edb25f430c23d520b8a87e3a22064c5993d0396819a21cbe7

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.NET.Sdk.WindowsDesktop\tools\net472\System.Memory.dll

Filesize
138KB

MD5
f09441a1ee47fb3e6571a3a448e05baf

SHA1
3c5c5df5f8f8db3f0a35c5ed8d357313a54e3cde

SHA256
bf3fb84664f4097f1a8a9bc71a51dcf8cf1a905d4080a4d290da1730866e856f

SHA512
0199ae0633bccfeaefbb5aed20832a4379c7ad73461d41a9da3d6dc044093cc319670e67c4efbf830308cbd9a48fb40d4a6c7e472dcc42eb745c6ba813e8e7c6

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.SourceLink.GitHub\buildMultiTargeting\Microsoft.SourceLink.GitHub.targets

Filesize
297B

MD5
5725a6d47308db618d015c3e55dd499c

SHA1
9b3e1ac8d62d522505f57fee89a249ac33325edd

SHA256
61af182d230365161e831fc573eaa7a2c9ea413e01ca2c446e3aa623e3ee37a1

SHA512
ab4ff2bd624295eb15d22377bf1c1bdee135f24e534cc40e86cb569d7af846c990552bd4947b32c2bc74bd92e6ec42bc775e4954fd2142af89c2dcc75fe5f798

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\Sdks\Microsoft.SourceLink.GitLab\buildMultiTargeting\Microsoft.SourceLink.GitLab.props

Filesize
295B

MD5
a5dcc9e5bf323d748b26652e11956905

SHA1
7f8c7a2523d1f4600e0f8bf347d10564cef36780

SHA256
2ddb662297ebfb51e70bc61ca7695dc62124a1edd342c82e87e6302cc03f016c

SHA512
79d324b12b375ccf888828fd64c303a669ab00657dbf6fe76bba522c7683b7aff8b0c216905fed00284ddf8841fabcf8e2bb64b6849956572d11bbbc8e1540ae

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\TestHostNetFramework\testhost.net47.exe.config

Filesize
4KB

MD5
a22cdd3374234d3a50c2ace2dc33a63f

SHA1
d71bb2417cb805c3da21ebcc0e1ae5a102823c9b

SHA256
b60b80763571c22739c4a688a46ee12c65bb66d1e9ac7d0933c2e4222e618874

SHA512
71d27f36a5b03c6b470f720196d3d67706f47f3b1d4f88f55960676b3a5024c9ceb1228e7dd6173d24270af556c0d3898fb5395e3823801691deac8ea6026d61

Download Submit
C:\Program Files\dotnet\sdk\8.0.407\ru\System.CommandLine.resources.dll

Filesize
19KB

MD5
7717b3eae55b3ec74f40699c1b9896c0

SHA1
1483166af6059633de2e20545bc3f3cb6f035304

SHA256
8a24f850a71065e93ae80d3a62903653e1aaff9ff478e05831f288761e4bcc02

SHA512
c988f566875ee73f0e568fb90df423424d9f3f237ebc8cda6b19e6b685ac778435a4fc654ce923a70090579216f6afb14a5663381c505ceaa919ebdda97b239b

Download Submit
C:\Users\Admin\.dotnet\TelemetryStorageService\20250406150334_f32e85044d854414accaf1ab48ab7734.trn

Filesize
1024B

MD5
fcfd94b6bcf04d67eb61842340b25b63

SHA1
f403cce59064d30e9942c278a78c0905cbfdcc5d

SHA256
d478475d8ed6e2d961b174f7c37f661ab2f7649963786eb3248c974d56377d8e

SHA512
9c9b34d2e5f9d059552b3064fc876ca5080f6b332848c35b5f9813ad85d6a7eedd880fde9afcd36d7d0978383de30a580a186d9ecb70562a7e01261abd700654

Download Submit
C:\Users\Admin\.dotnet\TelemetryStorageService\20250406150351_177e363362f64a5d9c99eea2edbc1ad5.trn

Filesize
1KB

MD5
2e4c0481eea2078909451375c5958187

SHA1
3cbe703af912c27d1048addfd1d5970ac632e38f

SHA256
0f63d0997ad5b0595775609b3a2c27759f5ab46a242afa48f03d28b4d2e5e76e

SHA512
c6d7e7f366486fabb5fdc2c70e1fcde4ec2aa6c25c4873e6562e3fc95a2e3df9346ff9e0449ec47dce3f12c560b904b6f05d90fe88eec86ad317d434380c4a08

Download Submit
C:\Users\Admin\.dotnet\TelemetryStorageService\20250406150351_3e9cab1f1921457781ffbcd998e67332.trn

Filesize
1KB

MD5
761b17174ab936c0e414d5ff61762fb0

SHA1
72bcbdb83795bfc9a948645f83851204d2f35e60

SHA256
954c50bde9a1fa9dd3840de2297081384365f70e14c8c7ca55999d481569cd34

SHA512
fffcc32629daab55a7fc440eabb38fbfe6f94e0db27f4fac71cdfdffedc7b2d65629b6b670a8858fb16daf55fa803043f94af064099288acfbe385504899db9f

Download Submit
C:\Users\Admin\.dotnet\TelemetryStorageService\20250406150351_771366bdd9784d2db53344de5bdce4cc.trn

Filesize
1KB

MD5
32d7cbf74c50f9c085e7abcff52b868e

SHA1
4c466f643ec62950d8d95d848fd7dcb18d629df3

SHA256
54618c2a050e2946f2881239b2ee513ead77777334ecda9a17bd687bd8081d3b

SHA512
f661affc9e2ba0aca3ff318a796ffccc86cf6093076f722b4a5256babb9699f81c61f80377d45ac4147a0ddad96228e09913d4c715aea65aa865bdf930ca8bc9

Download Submit
C:\Users\Admin\.dotnet\TelemetryStorageService\20250406150351_960f86d95afd4dab8ff9140d51f14d23.trn

Filesize
1KB

MD5
512ae2c3ee6aa75ecb0c16aad80c0567

SHA1
7cc81d1c3eb56724b49eb766d7485a342216f5e8

SHA256
db4aba68c2ba1ab28eaa6ded564d320fa916519ee1c21a97bddda52e54dd3351

SHA512
516f45073c6e33a655231cdeff2a7856ba39de902fd6b3723be3561660f9fbcebe8afa277af334c9171645610a4a24d9901d3faf6807eb8993aa26872abb619f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\4906f037-a98c-4ca8-a1a2-b065a8ec9cd1.tmp

Filesize
10KB

MD5
1a4b7deb9bcd4c03c34edcf365155d5f

SHA1
ef812651de31fb2cda80eaf83d7aec5cc9d5cd71

SHA256
f9bb6738cb4a841e3e37ebb3506bdea6e50494d70508a715d7f8ca421d150c0d

SHA512
403821747c4fd5c30b7afd772510ff203a0197204a123c4c602cfd4f0c925fc1287f797b2960dda7f47fedce121b31b232b14cebc9345079ef595ea1d160e6ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
7da251a72000b3eb2096d43f02a3f54f

SHA1
3d0d3d2d8231eafe45503766298147d36d2e73ca

SHA256
369c06dd8c108426209431a1a35a4dd8edfc7123bdc213b38bbffd878323b562

SHA512
03e05396a4f87f384f1f15989a0a3170227215a8bf98670b148a7e4fb275a02210fd31652e7112c5965e5045ca7fbdecfd37630235bab26a97adea879b1a35bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000035

Filesize
94KB

MD5
e33cfaf80dc1607b1864a1f0668b2c40

SHA1
fbe48b3c870f7cd2c895a7c6925c4005a7ff6f5e

SHA256
8a1987e5d7f873883cbb789ff2b47a9ce9345c424d6c2949b426d13e80da95e9

SHA512
86c1f380e5dd720edc378235f52bd40b916d4d2385c825b27ee52b4a8f22ccf9e88fb5b6c396b137eea970f91aab39c4ca566ee7c762b047cdccb134e2f36bbf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000036

Filesize
39KB

MD5
05512660f65b78954203c4f50693532c

SHA1
e2865b771ce9b157bf14724ecf5d75f299ff69f8

SHA256
04a29d8aeaa6cf78dece33aaa8ae8294c1fa1275025024ceccae64bba7438da7

SHA512
6b60e689336837bb530067e6ed6a0a60bc8414bed0f2dbd3ac6f6c8658fdcd6ab205cb4f1040d51c64c89ea2f7443c03864d17e149200606c1fce9a3a3a00424

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003b

Filesize
102KB

MD5
6b1b8ec84dc58115e4733b0c6b454dd3

SHA1
dbcbd0cc8e31b33bb57a46f0c8aaa0abfc870811

SHA256
a3bf782f2466b468d98f06d610b879786bd7a1f7dd4968fd769e20756bcfdc8f

SHA512
ca6598e940c94b88fcea1108d675c0d6c0bb890178261621ec048e9ae90715de30e7a56d595c674a297f31554a65917037860f9ac775aaf1f25830ef551ac4e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003c

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000040

Filesize
58KB

MD5
f00b9f827237d087ac361b38f0b7cd5a

SHA1
42f0178c5d0aa8b56fbbc783ad939069807b2ea7

SHA256
f730b421e27d8630ba2a2dc4272847e3c0db7f2b85b0941ae3f3d10ed9413574

SHA512
75ab4533354d4ec7faa13e1ff0fa0d55a510f808e498967a81885f4f0f9a435eccaa8e84387efbca05b26fe957572c04bcd15fd1f3d9dbdc19eb62fb084e385d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000041

Filesize
17KB

MD5
263d6267533501f58c33b12b382e3abb

SHA1
8ae9d89b0bfa4b95c8144d0d972d983f029c3275

SHA256
2ac23279590f18f4577084e3b030600ff80e7d4eaea2a52a9237579f3842f985

SHA512
83c2f6ba7d65220578b1cb07381a9423f8a5704738f2115eecc594128a76063709c15635c17d9a39c924fce595de4ceca43f202901422b8a8c5bb972a7f5fd7d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000043

Filesize
59KB

MD5
f60acfe65bc1fa22da2ccff36823804b

SHA1
ed001eaada9565a9ceb4977b4e59ed6f059ff43d

SHA256
8efae6ee5d9c6d833d423cb0f5a315ab57f11f1167971a0b7b3fe70632ce2804

SHA512
8c0f5eb7e8b51a4e65596a9e0e63e842a051908842735a5d943c34f618edbbf4995a03999fd4ca0b31cbf55c4c80ee68dc9f03e41ec32ded466916fb5691ddb5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000045

Filesize
27KB

MD5
9395936c48e2ccf93adc517ac55dec41

SHA1
671ab13059a95fe11ceda075dd2df09404c53128

SHA256
fca189c55e563eb05794865305d229cf8801d2b664d9c45ce81ac55f4099c238

SHA512
366813efe897525b43c352a5b3ac124bdfb4029bfdf68b2c7a91355d07a74b5418b2f3664f4360bc8dbf19a8bb1592d6670ae8149812721e75245babdab8dd8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000046

Filesize
25KB

MD5
29d16d07bdb00e83e6f2b6ca360b5ea5

SHA1
9c5e8061693153ce657ad287de1a93d74626d189

SHA256
62423281a02e8c9d9c1f4ed62b6679e246391cb28f044e89311eeb8248484133

SHA512
98e696baf3d921946809c91f3c00cf14fdca425b03ea437cba418dcacb1ec4195a7cc25e4585d78c7557ec2a1ff0b90a7c712575e448ea1b22a4e73254b01510

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000047

Filesize
648KB

MD5
0514e093c6083db506b9f721178fed4e

SHA1
f621419bc5c9457d50e2149d506910cc867c0fcb

SHA256
4b291172f16a54ff19a7799c9e359fe0ea59ff07e635ed766e5b139f6dd7d258

SHA512
c547b7f3c3dbaed7ab6e1669a5e86dc7a78886bf6be6269fcafa7a7d919ae8e8e2af79ba74893298af1873c2a7d1e951781a6cda4172794f6ab5eae475e7ba70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000049

Filesize
62KB

MD5
68a4153786c673e54aec935cff6e14f7

SHA1
4253ebe9a113a4c0ea2bbf5747ab1fd91ceece12

SHA256
b1e49348c323fb854ed08955001ad7e5d94c7dfe7a33155290288934897c8e42

SHA512
2fa31cb02c5ec50f6d23edb45978ff32fec9519b4bdff33b45c0c9e81a71a3c690da9401dd76acd14b8e5ca2c5ed0b72abe9149227f5e0571b4e809939a964a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004b

Filesize
29KB

MD5
cd0fb0b2954c59ca57c5c46d2bdda4e0

SHA1
61f5e6696463bb36cf275114562d95eac577db23

SHA256
1e3cf30c834c259c46f0a7a1d175adbf7333707bdd5185e7a57a7a92b60e44df

SHA512
76d651168c17ef0af3afc8c87c7427ab3ab1ba27df5b551d84e80b101f478b3e640a58cbe98ce211805ccccfae3c63f1de2016dd5ca354e45843fae3650ecea1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004c

Filesize
25KB

MD5
6bb3bbb19e301d00fc9590762fdd309b

SHA1
059cdb499d0d62f061f6fc63a38a6fe09ca5c93e

SHA256
26ab972c783f15b50d069d5048fb72a8f465cff994b7cee0c1205062022049d2

SHA512
b89589c04bbe4846ea29edfeb3d65d5f948467b67f218d5dfb84421707a709cafb57a0aeb12f707ebbb5014ecf8cab8d9c6ccfb26ae6bba87b736dd59ee89d01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004e

Filesize
114KB

MD5
2b722114704a16c344626c20f36a4b3b

SHA1
9e24ca892a089325a953bb936abef50371c964ce

SHA256
495f9aa409623b54516d3e88e7ee7ee960924db14eb130ba9291357075f90a88

SHA512
c18eff8835b3956ac8f8ed6a45dc4fe67aeeb2b23f3f27c35a5acfc3af7eef313dd001b61f449b54e19efbb2167d1eb9fd3232404d09a9df0a32aa5e600c18ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004f

Filesize
33KB

MD5
40912ba0a6188ef467824111307732e1

SHA1
a3b9d7cb457adf9e9974e460bca5d7262709816f

SHA256
313a6c16f9d8b1338f77f4ed3ece644ff4689c92f16baffa15bea59ab665dcaf

SHA512
482c6c46aa9a4bacc6ca6b979aef93fd1a4bb09dd12dc1dfa841a9e95638a79a26e8c276f0607aec7f30825dab2e7b6250b38ff83fc9846aee2dfb652af830fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000052

Filesize
99KB

MD5
f316c5ee7083f1e822645c4e20488bc6

SHA1
414b7e2736f99e9d5057e7487538b00e53a46850

SHA256
98374efc371701d711b65c20f0d4f3f37b102b28213d3755f083e4a4c91ffc06

SHA512
9376f9b8c74a47539d99c32229df6cb2d1d29b5d1d0b1158c53ce81f76e60eb4353774e579c5e69beceeb2bb1e3411aebeee9235f099fba6de0003711189c78b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000053

Filesize
36KB

MD5
9e21ecd6387b870ccefe1f62dff7fb6b

SHA1
c9d6412e5477e53df0ac0606418131a2c86a979b

SHA256
35e23865bddd485a79abb86e8023ef88f6e3bdfa4dbc03182abc5229217670e9

SHA512
18737038933d2c3fbdd60e6f9dc91f4ad1eebf0a1b7877f45330335fe82d83c55477d51ce96bc9e31c168df7b8e2e6b2af997122366aad963e23039337a4f5f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000054

Filesize
42KB

MD5
6caf4e975b14d26fe0726ae555f9b785

SHA1
431145a49f938309915b8b419087e0d7fbbbfb5b

SHA256
a3442af6e67cd6f2ed8e330ecc7cd28516062adf7cab46bfc38e86b235fb92d6

SHA512
8e90fa0a60053f4d7e58012740d3a1c126b9fec05a5096d4d8b0e210b37ccaa5650db372ea2761cde87cbe3fc2d7538d0a5c436cb8035c4907e57dcd7e59f7be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000055

Filesize
173KB

MD5
9adff238fc815803e43a764f1ec2406d

SHA1
118527b8f8bbceab556fb8793e1d1a0818631799

SHA256
86473c67b346f9198bd4bee4660eedf4e7c32b3b724d7f4db81dcd3bb78263f2

SHA512
5eec0bc118cea452130e20b4ff5f862901633bac1b963e0f53f206f1272ac610a0973416138b68488ac0773c9367c6d44d656152e19ec89f5b03ec31057d11d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000056

Filesize
59KB

MD5
e8f46fca59edca64e786744e365b8bd7

SHA1
c52250b6d4e21ed942fea310250b4529fff38cb5

SHA256
83c065d971e8484993ad41de26fccab94728260d11602f28f88160252c5bfa39

SHA512
8a3c3f0aaef01ae537588df0a18c439cddb44a3b296ef8e6a90b7792e4fd82806b2e6795d85035e082383bae94e69469851f708557d1945fb3129d19119c2e49

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000057

Filesize
25KB

MD5
255eb13a9664920945580f4fc905f324

SHA1
c1bebbf5206f06437a290402d441094df4a8fd89

SHA256
862ea39fd3cbab495e20f3f4e59d56f64b12a29d8446fbbe762676f0d6a29b66

SHA512
f8bfbe5f94aa81ea5ea4cf28abb654ca5ea2563342275e4eaf17ce65299b5f3198734800ad7242f0fa41f3eedccafa6036e6193b865da2ea921a6c907a391519

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000058

Filesize
20KB

MD5
aebb102fac2bee17e8ac7614a5d2b840

SHA1
5bb2aafc1e9afbd10e6d95b53ca44215555fd017

SHA256
6de39c7af28ba06a66253ea75efcbc8279b2f1760cc37d537ddf673eaa5bf90b

SHA512
573d25942ac29b4fe0dad811de9e8e8da67aacace2e5384ffa2af2a9a6e73a7dab280eafda630937034441ef177ee947c3d0f39906831efdd95f96af975cc068

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000059

Filesize
23KB

MD5
776ba9748d76751a4d7585d991fd659e

SHA1
e60c4753f40ff4ea78d8d6b603843366bec1278d

SHA256
0d4c6e927d479263dd433134370c0eee6e73c66b4a6641d31d16b73468fa6b8c

SHA512
c4abc93e3c16dbf8d3735065992cc6040c90ca4e85d38e36b595c223c4d6982aa2382f4022ae5058b4ca7fd376aaf48b209bd6396e332ee8cf1bec8f38640718

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005c

Filesize
55KB

MD5
3b7eecfbb42832a802177e920ffe4a16

SHA1
0c2e9e05c2e47dab47efeb6fc94abb7adfd0dedf

SHA256
9d0f32afd69daada34aa44126bda552ab8424c73d1c3fb9dd0c5ec2a3e8cd7bd

SHA512
4cdd18501e6f0b4a72075191c575fa10fc24d101c725a2fd913720d8308f50c9eb508df5c23c64ce979676becf4ad29a353d1e81d73b61ddc18616ba6a629f97

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005d

Filesize
21KB

MD5
c467a63b2e7c3a99be423ace649014d8

SHA1
91a3cb3ebf4f3996512a740fc202e1803828594f

SHA256
d070e8b363b2cb1bc55b94f1612a1af673155df31773e992007f8952e3661ee5

SHA512
956b41fc42b9c3c4e161af37270d3eaea9e5936b4a99685727235bf9a46bf05acae5a64a4eb9a305ebf1ed5f752df8fb9912626765debf1eb82839df2124ca92

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005f

Filesize
78KB

MD5
a58a96a11aca0dab726ba91de557db94

SHA1
d9f57ef191a27d1910abbf8e0b95124e5a730854

SHA256
3770c20934a56b43efbc0ef808acc9e93073e1608dd6b500c9dbcd4611fe5ae7

SHA512
f7917ad127f0f4b70adf49939c3469f89107c27e58392ef3c399a2ef2d5054d5bdb89e2afce99a1143105e89debf70d196f131419a212f0aafe4335368f7eb34

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000061

Filesize
137KB

MD5
fa7e748bdf7510803e4a51652ac24704

SHA1
0d86209283a44af19a45fd5484c541b58b18e29f

SHA256
8b86cf6ae7c127a6992a3719cf0b18742590f386fd8ebb36d118f1a8afba506a

SHA512
a7840399d9f46690109d07acd4e114d1a18c4e14c71a0fbba200fb64be5e804f3c7083f56177e7873ed8947aaad56e1694bdc9eadd0684345396fdf5bdc60238

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006a

Filesize
216KB

MD5
50a7159ff34dea151d624f07e6cb1664

SHA1
e13fe30db96dcee328efda5cc78757b6e5b9339c

SHA256
e990d9d31c4c7d57dd4795e43baea05501fb6ea8b7760f89001be660425dd01b

SHA512
a7768dd7e315b07754a305080e0fc023765e5a224b2c3824e8e10f29286df63bbdefef379e069941fd8cd9c7c3befce976779ae2efdfb6e7da697b09d7f07250

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000075

Filesize
67KB

MD5
60a30ef624fad5be472ee5d1acd1b2ab

SHA1
5dbb87bbc2e8a6143308e7928536ae778610794a

SHA256
d0ec8a13c2eb6a38d628cd7adaed308116164ceee003f816889b4db1735bfccf

SHA512
315e3ea4d4c6ccf6c14fc509933b01cb77c964b608cb95ce2ee8c331011adaf618e41cf4b8c499c4f6c9e137b88a34caaa7aaa44a69fdabed84df550e178d60a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000077

Filesize
30KB

MD5
6fb26b39d8dcf2f09ef8aebb8a5ffe23

SHA1
578cac24c947a6d24bc05a6aa305756dd70e9ac3

SHA256
774379647c0a6db04a0c2662be757a730c20f13b4c03fe0b12d43c0f09e7a059

SHA512
c40f4771c10add1b20efb81ee3b61fc5ede4701587f29a1c2cdde8b6faabd1c76d769bf8b99aa19082012f95d99ba448a472463fb9056acd2e43542e14e605cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000079

Filesize
158KB

MD5
83266658f29f5cb762001d5d9f6985a7

SHA1
9ff52157193e1e798944e6a3172d938183f5e550

SHA256
60072b4eb6fc5f1f1214a34fcd55b3cbd1d05eddf778f85611f9b352c4c6452d

SHA512
60b2a8749bb597b71c6cb7113c4ea6c430ab90c6f6a5f78a36ab5fbd2676fbc173ade236be939e862569c786fbdc8e0aa984f1ae4263e91de2ba681cc8ce5d66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007d

Filesize
22KB

MD5
6e84986cbabcfd6cfdff137f46783153

SHA1
c69f9a0394d4cf3cbe1962080c7b9a85cfbe713e

SHA256
844151d9287d6435f307d330fc3df4d2d7a1c09a95271950aa4cf025c0008b97

SHA512
5517e8b3aca502567c9ec578e07022c8f93ee4ab42a148c73b3c92bc790dcc996dc1bf7ed2f1a4fc1c64bcfc71451fa4ec852d02193978f2ab749e04c5ae28f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000080

Filesize
19KB

MD5
81ca08132fe9509dd9726dbcd688df27

SHA1
8d38748a32532ca5f46bc95d8320c919f1e71a8e

SHA256
5c6cfe9d43481ab1fb1ece933e5e8d68d286811b892904fdeccb096f51a21e22

SHA512
cc73aa0f62de877eca378efa7704efee6c75e18e789731043e8c7b9c422bfdfc34fa2242cbe10e771e99107beebdf9423f2cc2595feb5faf16cf99ec504c8a30

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\336a68eaaf209f48_0

Filesize
309B

MD5
6d16da6a437be062fd4c849e012e7271

SHA1
53fce2ed8060500dc1cf6db80112308754fc5203

SHA256
699f5f6d30ff433926a8850aa87aec6302dd819e1b38fe5265e0c67c84664fa2

SHA512
7cedda146ce7c0ef40f1b68d24dfe1e650bd85b72db3fedafae320daec14cb384c57f7074c1a49ee87e9a8e14de5e516af2dd2259314ad4b3fd8ac40767300ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\78dd9d9584777483_0

Filesize
274B

MD5
0ab5e150351dcaa0d08c82dbbfa92da2

SHA1
205451a8d734a0ce5f2737e5f415cc2d1a5f9eb7

SHA256
97018981c0c56db134d19d6af62db861470bdd1398859a7bd39c68d94b0c84ed

SHA512
1897ef1d029e35ea962b5dc05e3843c4c8fa2e6d07beb1dcc4a753307bf1007826ace15bceb933938cb278f8534a72351759adad6988a522c7dcce4eaeb730ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d5632f98bfc6f6e8_0

Filesize
485KB

MD5
94fcd42adea61d917c0071b0354a4e3b

SHA1
3d99ec0daed41d81daa3ac31bae7c0e32e12e355

SHA256
960454ef68facd4a8a7aefd9dc7a9520e7ad7d92447b704e0d2c26b914e2e78e

SHA512
c6df4bf14629596bedb888f0e4727122d5f79f4e6c9582fdedb3a08a73c01ab9c3612c168ec4afa109b14ef0f7ac43897fc20f930c253cc8d751a5325307c789

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
8KB

MD5
2566256ed337f1bf2698f5d1a0b7846a

SHA1
ee0c8a7054df9432fecb3c9ddf13a99751f113d9

SHA256
918d18440ff85842b740f877d2b9212994370eaf0d95aac5e5a0e6eab2e1dcea

SHA512
41244a3fa24ed359a97b8d9c74f2281a8878a3121a5d0853502d38ba11f54b243fb81524839e4a11fa74d6cc47bf8887231375d028fcf1d8da5378e7fc8dbe87

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.90.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_replit.com_0.indexeddb.leveldb\000005.ldb

Filesize
7KB

MD5
133876c98129684020e64d0f009be852

SHA1
7226c03efce5cab975f2c5734ad42bd13f8fc819

SHA256
5c475d077cadb06d3e8b359391554e14d753e7f1db8747c1d65f76cae5a91aa6

SHA512
6d203830e16efc2e60b4c35dfec01542f55d5c8aadcd97b2b4d2df6bab790dee58dcc4c19ac7119874453c56e82abdfdc2ae39f86a4ee54299bcb3f8dd2fb85d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
34KB

MD5
fd7968e14c13a50f6a70d4d2c3fdc80d

SHA1
8d1ea71ff9057e4295263d16b75137a13e013b3c

SHA256
694c50a301c1b064d3638110e18c23552b141b0841dd5345997cb300532e2391

SHA512
5a6e7bad0b29111125c3bb00a0d979728ebda1cde0b850a99702391248d29c70c9c389bbf9b0a3e63a11ec0b48a754b8c0ef40f812195e7c74675288c1674a32

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
35KB

MD5
5d0035eebc681500e398a809bd01783f

SHA1
570c1bf37cbf11ff052c9f3ee9991f034804e592

SHA256
f5b674955102ce7b1c9112332a287f80303814bedd56b14a06bfac116c9a3746

SHA512
b2f296eeb84ebdcae3c926bc46219d7e602f31422dd48cff127ecec8dc5b21996e038d7de6c40b72caa12c57e4ca5eef9f1adb864a5a0a0eda11d80b6a6a59d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
30KB

MD5
d5c0a9feddf6d667f141b1d1f49de733

SHA1
ddd31a8e5e963c7a83ca059ccf86cea95f29dff9

SHA256
d11fbf29f5516d1b156da71a30d8918ac3716189f1c416d248cc9d3abd880b76

SHA512
b82765d267aadf40daf3d00226f8f9c7d2b8d25c1082a99e916653e73ef5c4fd1fb0b17e0b2ad8cc15b045b6ec04d2743ba3a416571c443d2b790a47327184d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
e8eb4c32f5f52c76ca01f813a42b1017

SHA1
30657d1ccd0173243457b7c256d4f8c620e0249f

SHA256
24e842956b8ba36eb98114e4662eb9fdb85a5ec93ee994bdaeaea44638da3019

SHA512
dcb113881e8d7bf17a88769ddb9c7368490153920ed1c7f9253c6beabdee90abe16a8d373c4c60f271e1616f897951890a3f6100ef9b1755fe506e84ba63ca1d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
6e95da51f1b9104ce6c30b3bb1e6c530

SHA1
3b7a70cddf776a3f1f6e002b87ab39ccab376675

SHA256
3e7dca6ba335b3ff7b4114ac95905eddb25d58d1b1f8e27c3e3c88dbe5a5f354

SHA512
e9fcc5113665fdfbe054dea70be5797fa142e6b60898b6bcfbbbc3b2f16471365da25ee7a0bc93621101bdf4ab48a8b804a4a593a56824fcd977cbd6dae42a63

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
7f0ae8a038c0b34289b1409091fe6575

SHA1
5bc794d7d3a32e8195a5da6283fca4badcaf1f9d

SHA256
47409d04f6567fa8b481f6b7bb168fc93ad8ac76cdaa8206dd85204ebe0ba1ae

SHA512
e4d441cd0fb71a7ceb86a3026a8b985866177d38150b997bf29a515a3c064fddd5eb26a65498f45c0ef23755999064c807593482ed3d964e6814b28eb749ab64

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
55d165f3204fa367fa778350f56e6ee5

SHA1
66860096d37b5e3cc18945df6169bff20613e5d6

SHA256
7af8df0d0d4e851657068f0b9ed8d925df3174fbf76c1c8e681c5ac5e6939668

SHA512
8b3a56e2c610e479b374b5eeb24bac8760e68ec736a2dfcea02fb218cf2c801175d49346ebe87340c968f4156fd33e2d238e66fb9244f3922653a22aa227fcac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
3550993924c0c67b4f8e63bf088e2ea7

SHA1
c24828415551e9c8f2ac85796a90f27bd6fb0aaa

SHA256
07fdb2c4cfbdfc1fe0575affb47804a9eed1f80bb7a67705bf8174a438a6548e

SHA512
a876cef0a71d90b05d374c2c30aef2875d0a72c2ad295e2f02e73f89a54dc523046bb615394b0b4c2cc19c6b0e236b46220c31780b79c031d6776fdb7cbd605f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
abf10d0bf7487c9c9d8390620458a0de

SHA1
0bf3eb4fc132e26bbc0c5c7b9178066aa07d8306

SHA256
eeede06cd0e59322d7dc951ccf45e12e2dfad7e040dcc45ddf93dc253b5bbdfc

SHA512
eb8a8ef6a65670b80c7d66f89d7a0b3cede774cc8e1a6e9d55691ded40450e828fc07c7bfc6a3e264a50c2341272f720a4d73e828cb44b4f626f2db0a761115f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
53ba4445ed612cc9eb83d509ed2e78cb

SHA1
195ca3e419d3b18ba59f6790fb91552baf8ac02b

SHA256
c1fada1908382678d11787692d679562fca28836e654e18d8c8512ffc7e71d86

SHA512
669ba13c6a38350856ce22f50b17b4e292d2ef57ade07162fdee55220d3d8b49fe9360c3b3db6e6089a2d217e645fcf6f43671c243c15e4a4d1c981671cb410d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
6a7ef4ba979c73f9507d4d7065279d11

SHA1
0f03576b1020fe03ffa4ae3ff01e2ce181ed0a59

SHA256
4d14c6e851c398536d46d1669c53de1436014b7fee4f71d423768fa2487e7341

SHA512
fb9eea7c73d9dca5e3aef479316b3850db821dbb98167f48cf853b6c1f92b5ddba9933737f2229fc8a14838a5614cf6a4438f957254eb1cb3ec565d04e2b5c50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
18KB

MD5
edf9045146f3c29e1c121b68345e82fd

SHA1
9d5c97991f490ac77b837eefca8d7ed72485e757

SHA256
8b843cc54cac33f346298d383e41c3c227c6378ab507563dae2d4b68d194e016

SHA512
bfa3f645174396bd407af8f4081f4db8171315790eeaff8aff2c0f7e5a65f157401a53da7a914fd88dcacdfbb123a23a6e3c22c0793f3fba8efc9bbc313aae2f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
79b969cd5d5e316ac16532702171d4ca

SHA1
a3d9d371dbff8df06f68ea70e4d82d5aa3915b40

SHA256
e425a63c5b8cf366f041cc56f6c9c2360677a90ce10c78f640b90b1d7b0d423c

SHA512
84f62816afde9fc266d2a1547220226649d804829fa20241e2632e98b797c1b24afd23eb7b0d8a1ac3834fc2f981d56929cea29cc015b8ecf336db01b75fa016

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c88326c16da025a4095d66138d90a725ead722eb\95041beb-e5c0-46cb-9eec-7a58be88f2c0\index-dir\the-real-index

Filesize
72B

MD5
00081231168bbb5e194b9ee16e36fe81

SHA1
67d86782b2762128c36b838ea3b1ab8dfccb5538

SHA256
a823e8b8ac4845aab00b5efa8e59484139bece0bfb4054ef305a32edde8c79ab

SHA512
3c11bfbb0378f8d80b4a34495464bfd405493a4c6ffcd5723f2dd6c3908aa394bc3d57db45de40a116f4e3535b89371a0bbbb3b10aad249aa926d541f4d1455e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c88326c16da025a4095d66138d90a725ead722eb\95041beb-e5c0-46cb-9eec-7a58be88f2c0\index-dir\the-real-index~RFe58826a.TMP

Filesize
48B

MD5
ba05a04347629aaa5627ac47e21a79ee

SHA1
869defc0476dfe097ad13c9526137ac77fbdb70c

SHA256
56cc21cfa958acfe2d3bd7f581b7a77d9c116294517ff7fe16f328222d5774f6

SHA512
4276c59cdaf87128951a1747fcc4918af5e1935c52001000772c0b40ef2f5a00ebf85052c8f2133cd57b160369bbe146c875f31e6eab154e5ebc3d94bc845e35

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c88326c16da025a4095d66138d90a725ead722eb\index.txt

Filesize
102B

MD5
d76bb0aeb05bc964fe6a001fdcce4f8c

SHA1
73247033bf15bf73534efd684c0e3abc778a7642

SHA256
c67d1e89dcb79e06ced51620207bd73378854bb7020c8cd3c93bbe24df5678c0

SHA512
cf251dcb585961cca8244fdbf598ca3d8249559b71fc65f840eb641e32c4ad366492e6842e2452893cd1ee6736d79f97ac3403d5d7ed27847cadb37eb8b55526

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c88326c16da025a4095d66138d90a725ead722eb\index.txt~RFe588299.TMP

Filesize
108B

MD5
f9803a25fc91703dbcded5abef137487

SHA1
4d53b8851c856144d05d3d8ef029ac5b31b3a48a

SHA256
79e6a4c80b24fde46bef8d1d19bd10cc5778226929e03f3325816869f3d05b0d

SHA512
333ad3f038b4486020cf790625024beb064511dba34cdee6aeb993c34955244f24a16ddd8ea9f18e64c185a8566737b8c776297cf6d383f760845cfc3389262e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_0

Filesize
25KB

MD5
510bdb219f33389de0ec6c87130a6407

SHA1
c2a31726e27f9ed941f10995fe43cb487c1e836e

SHA256
df7919fb0f2eea38632612e43688b479090bb49ecf6db94211f13f5993edb60d

SHA512
1bede8334e43ffa791fcabc13609008017dc5da1278af0dfd72ee753ecd60531415f83ff48030da27e1d23644a26dc5f49ce31ea6a03fadf8a43d17a57c081f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_1

Filesize
67KB

MD5
b9a6de6ae58bc434e16412b501bd0000

SHA1
3f2c6cd32d6e8f95a04fa5edae2ff22771df0b4a

SHA256
9ac7181492e605a2241a00fe8449f41bf75e3c685901b4d09a7cac0f6b651b58

SHA512
9f31a7f1432aea38519d211ffcd9bc7022992dbc6ba0aab498e8b216a1672b2293f91e181105456f08c9cb88034142c4ade69cfe1fe3a4221b27fe9578b8ee46

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\fa813c9ad67834ac_0

Filesize
5KB

MD5
547d429c1a110fa8cf3b7f4e454b59df

SHA1
4d5452fe732b9a11a2fc55733bb9f56d7b340312

SHA256
57fe063e8d09c15ada43470594eb98c6cafd1f4330eedacaf1890d30d7ffa5a5

SHA512
4d4343de03af57ee01d7e2d66b529c1dfe9b482eb86ced5febfa00a288c88b94d65ec3b55b12b9b368bb3796b13e10aff4d388979f8a0cf5486c6569c346029d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\fa813c9ad67834ac_1

Filesize
2KB

MD5
4953061f012307b6700d63c0460ee9d9

SHA1
90dad244ccd7b6ce6c3d0f3041b0e65256beb70d

SHA256
e6879dff3e38842460a83db9dda8a8bdbdd69ff6006fcf4de63de9bfdba9ec44

SHA512
6b7a9a98906d1636cb7fb66e1b977c7c1e7f792196549f6dd7424ce4b963a5bb9b785ce62e4d8f660a8044368e2430534b6397c8bcbd3dbc72c81e7f95f36e0b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
f2823fe3e403c172013d17e2d70c65aa

SHA1
94e7900abadbe631c808890cfbf8a12250d815c8

SHA256
fb834bb2d73b45fe822dfd6bdc6351b21648dda15474ca7020a43990508ee0fa

SHA512
87d3e75576ec0b6337e899da491e6f1d14af449d826a9565e473b4fdcc431c35f2c5627319d9538f3195792fe1edcdd1cc062dd97cdae84983737d410d0b16d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
965abaa9e76987a5a4e29d70a3b2ddf2

SHA1
d59cdc8fc27aacef4f58a9a6b9d6e30da57c1daf

SHA256
7dad8018fa5b33dd8b24e69b62ab1061ba6ba4cb1c00f3ffe34e30d7f122728c

SHA512
2b6a3f13cf91a9780bae750df8cfd1926d104fc0f1ac13b245d65932cf61d94f2db4597045e9b7037603310883260c3ea2bacc89354fb191fd4431019cbf45c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57f201.TMP

Filesize
48B

MD5
7b21f3e87d58c1d1f073f5cb998ef14f

SHA1
89d8a5c0eb4c2d03a7620a029e5a89cbc7ff8f7a

SHA256
9623704569d1e1212078bd7ec822660b2adc4dbd935fbb18bf476e0522b2079f

SHA512
a11c54b7be8033ace458a0bbdc2bb9b436c53d570ea1a511de7d2410ccbd8bf0142bf2c922d8fad06b8ce96356735caddc6491c6704487decc80b00d2cec0c1d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\index-dir\the-real-index

Filesize
72B

MD5
11cb45ffcd4cb3c4fe0e1f4ce4cc2119

SHA1
08ded0873112b2baa4c269c2d989e8286da6a179

SHA256
f35e1653a356f5372cc02e050118d3ac97388282eaaff9246dec0a3c29f868b7

SHA512
db71025440c641bdfd38f584f585b3941294244c442168155836b01a40a3417fbdcc82e41be6ac0ae6a1caa090d84e52b1f4ef947fded5ce46d63c3805c2eae1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
154KB

MD5
a56d911c719afe2aa3687d1cf5127608

SHA1
64a80ecda12722991fe7ebf50c51b65cd47429aa

SHA256
08a1ed46ea0a8874b6968609cb36e010fb6d64bfc3293f265a602e89371df33d

SHA512
47a9b209927c7498c79f36de4b2eea1cbe527ff5d5cc4d0aae6c30289c589f7775f9113d55b68719d3f8d18ef289cefdc86c4d6af86f4db3019e61e5c351cbaa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
80KB

MD5
66956170a1c84d0c6a72fc39effe0e09

SHA1
652129af431facaa41c5b64c473eb57a7ddcfcc4

SHA256
f468d6abad4cb872b90681f1e4f581ffa8110eed55358d278ecd59e8a23235a5

SHA512
bb4bf99c61d77d508c094f708d48dde2a35e36e7991f8a0ac20880849cd4e0dbdacca11dbf2808f4eac9a8f40f493decb83439ba088b14d1ebfd2474e9179d46

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
153KB

MD5
23788a8233adc67df21c24616811ba84

SHA1
6370eaa8c685f56b4c64616893ed6d190e33b0a0

SHA256
630292621cf8aa3075336f89c3c7c33baef2108ded0c8cb770a46335237c6ae5

SHA512
17d054d630e1ce1695d953d3e20bbc3be86426f87d07e020379c7f65d8a7b692bdf52129ed513a1e4de37f4bdbefb0da9d5624ccb84a6a18d247fade5b26eba8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
153KB

MD5
06149e0c216807efd442d0b18d6fe5c7

SHA1
190e4cfc23695fa6916c4b9e965e02e85642f017

SHA256
a53baa7a4621e02091cb8a272aeb6f85fa2faff9c7dbd39bc245de974a3c1c91

SHA512
3db106cfd84961e2b0e7a5a5398f8922313756a3b4517ae232bb0e4e8c8d9e432880cee254aa00121aaebf43c353d0829dc848e6038450e4641e453320445483

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
046b1cdbd636e82e7711ea1fde31d7e3

SHA1
f5fa4183cb259a99b4148ee957a5f76e80a77ada

SHA256
40328502d95af4c1db45d98abe8c4e9214d80a8df7f0b8f19f81edd5e121f90a

SHA512
460ba5792f0df64289ff4057d04615973a7844b2fd2c14df554600c141d720fcf13d9e9c8449ac57e50fa074a81887437918970881b4d48f7a7ee3521bac8eb4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
cbc9fc2d9ad2df85283109b48c8e6db0

SHA1
721ea0dfafd882d6354f8b0a35560425a60a8819

SHA256
7c21b286b304b2b42ab3502158aef04892b60c63007b8ed7172dad86a4bcebbe

SHA512
09594b5f33704cf367960376e5abc8cbfa7baead59c3f199ffd365a9a9c2159b45f6596d597ebdd033db5436c000faac3c5b2fb39e97fc17b102d03831265609

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
eed48b90924e5a7c8f370f972e4058b8

SHA1
369dba8445e5d125a27866e2e6b5dca548c5efa6

SHA256
6f8b3eb54b7adf971125efb2dc58a240ed2b15bb09533dd511da87f0083a0947

SHA512
a0122b1567bf404e8ee29a1922b1b12894aca24a2e1c2f6e21c91acf38cf739ca7080b4020c811c5f595113f8ae9c29e18ba2379720c0167ce1575b6b73dc585

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
c5b461463c60b29080394bafe6b32f1a

SHA1
7d7e7ddabe0bb41943f4264ec791a1080c00dee9

SHA256
836338e6e5ea0c05c8a3600954a8b03be4592e718f9b70b740f3efe5006c7f0c

SHA512
02c898c247118a803a3ca5f761f02362d60d3bc534d660b439050c128b61080cc0e6d5eccb64a147ebc37226f82e47574dc421c2d79c6cd9a88886612469f352

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe577261.TMP

Filesize
3KB

MD5
571e9de0f31d7057205baf14bdd3436f

SHA1
5a916016be67e4ec07d4c3d9d7122273b6c3caec

SHA256
d6356e5be46e1470cf16bcab055187796a2f6c708c70ca9a315a3172beefce8c

SHA512
2c661a575c709c58f66bddf7c90806fc76d8561cb848e15b83502edf3fa9539dd7ade964dcdb1bf867816a9f92d70795b2270e7ab3e456a63cb821cbbbede911

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DawnGraphiteCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico

Filesize
69KB

MD5
164a788f50529fc93a6077e50675c617

SHA1
c53f6cd0531fd98d6abbd2a9e5fbb4319b221f48

SHA256
b305e470fb9f8b69a8cd53b5a8ffb88538c9f6a9c7c2c194a226e8f6c9b53c17

SHA512
ec7d173b55283f3e59a468a0037921dc4e1bf3fab1c693330b9d8e5826273c917b374c4b802f3234bbb5e5e210d55e52351426867e0eb8c9f6fba1a053cb05d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
6c889f674d9317e1560f12a5ea5f43da

SHA1
fca16fb114ed5dd48dec0dcf650d84adae0416a4

SHA256
0949b2cb43cf0310489cc032fc7291c200e620818a00bded831e57b5c36a96d2

SHA512
fe8c35521d3cf749fc6d257624b70bcfb3890191e177efbe696a56d9b611e00ca369e19514bbc97a94bb1dfe4576ad4a3f797b6a6681217abb6843b104174238

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
12KB

MD5
cff5aa5b5bb5127b331c5587344a6797

SHA1
4b95eedb36efeeabce1e78cbaa7ad592e3ef4884

SHA256
3a49f1f59d7fbfa8d4d278d402cbfd097f94e189f4a5d256927b91ac4e8629d4

SHA512
617cefefde4478d178775cc5ea42f5d269992e7d5c455eb75794ccacd371d39328168df588270427d80775b46250daf808d9deed1dd07036f80921acbbd3a50f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
32KB

MD5
76dc250ddb86305948af9e39dc137985

SHA1
c17a94fccfd13c381aec266ff4b3bbc42ad08392

SHA256
d27b90fb8deb9a27634921c8a62e9268ead561fe1ba63235edb9d4577e0c50ae

SHA512
e35d17afaa2e38c2f4f09399788e07f1cbd1170bc8645809d931b137aa665c25b7bd8f40e227cf4e3e84dd08633cd79bae93300cc81ea9dfa61905edb54cafee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
7KB

MD5
982f3a87b804c058c6895659aef81539

SHA1
18fa09203acefa4cf2dcd618722adc4419bce056

SHA256
1a69ecf1fce7983e2ebd1d187420a95ad6984b0a4bbb629124cff41309496f7a

SHA512
304cbf0375adf323d30ac9b6523948e5edb597216cb39fced9d0cbaa3199a9959de0b383b1b0d418d6cc731bbf7064686ab15ae3d234702adcfa4fbb6338dfc9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
6KB

MD5
127eed49c40471863cc069d30a4e44fe

SHA1
3c44d3ad737e1066c7c59bf28467dd4d690bb4cb

SHA256
ae130491d8484d242707d2b61a3c92cf4c9eb595f7b29e9a5a9a485c379548a9

SHA512
09878df5c3b938edac094dab100e661dd9934ff69c8c5dce446686add33b25e6b20f5d5f6858d0c5612a4852a63d55ca6ab40346ae2780990ff8a2912ffa44f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
16KB

MD5
6c2e818f71882e5355f136b75ca7bf36

SHA1
431795da65845f426c81db86a84f0ed2d3ebdeb6

SHA256
f35f17dc927d8f91e418ec15c072b6425d80efce0ec9cd16279d1020738f81b0

SHA512
a79eb899b62392ce8736efe03770863f858a3a27fea665a9d7f491a5df1ca0f470d413d6d6f181cb2440717267be6b4a971a4bd7286d46cbac1e29558e1dd630

Download Submit
C:\Users\Admin\AppData\Local\Temp\159775b6-70d8-468b-8979-2e97779b7dc6.tmp

Filesize
152KB

MD5
dd9bf8448d3ddcfd067967f01e8bf6d7

SHA1
d7829475b2bd6a3baa8fabfaf39af57c6439b35e

SHA256
fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

SHA512
65347df34378c2bbb34417e2cccfb3251a0b2412422cc190eed9df525b6e0a9948e0295ea3c33b3ad873ce81e369e89a138ac41d6eb7229546c3269107e661de

Download Submit
C:\Users\Admin\AppData\Local\Temp\351188df-4984-414d-b760-5a483eb620f2.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Temp\TmpCAE4.tmp

Filesize
2KB

MD5
d03077a6cd09d5ff996d41588a85f76c

SHA1
f64a8e388bf88eebc37466e07553b5280b59bbfc

SHA256
536d079e0f2d1810aa579f1c57bd2b1b5f5daac4a032ed368d83292f1f080c2e

SHA512
1c6c6b8177c18d199d594a44601d564e3e6dd1dd6a4e0a799f27b67c3977560e976e0bb7df20a268a1e13f0c867d2ea2345eedf03ac8a6b3cd424ac2796b9201

Download Submit
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_qxbuxzfh.30f.ps1

Filesize
60B

MD5
d17fe0a3f47be24a6453e9ef58c94641

SHA1
6ab83620379fc69f80c0242105ddffd7d98d5d9d

SHA256
96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

SHA512
5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\AppData\Roaming\NuGet\NuGet.Config

Filesize
210B

MD5
2ba93ae557bda7bcd8398d0560eb7d97

SHA1
288f2a2574f2b763349c3bafcda08d73473554a1

SHA256
3bdb050540ecdd6fe717cbb9028c0ff9e2af5e1544afa71b6bade80140c7a236

SHA512
6d9adcc96913c4edc8ae2b1f8f6c662a5494fd2533231f5973757ff3875843e94d3ab218f485efbe63299b9c0bd179c0d8479cef4154bde0634158a6f1c21439

Download Submit
C:\Windows\Installer\MSI353.tmp

Filesize
225KB

MD5
d711da8a6487aea301e05003f327879f

SHA1
548d3779ed3ab7309328f174bfb18d7768d27747

SHA256
3d855b58ce7da9f24f1bef8d0673ba4a97105a7fd88433de7fb4e156b4306283

SHA512
c6d1c938e8a0acf080dcab1276d78237e342a98772e23ac887b87a346878c376fb0af8364e52a36c5b949005aa3218308bc6193f8b580f622ef39d9955c7c681

Download Submit
C:\Windows\Installer\MSIB37C.tmp

Filesize
219KB

MD5
928f4b0fc68501395f93ad524a36148c

SHA1
084590b18957ca45b4a0d4576d1cc72966c3ea10

SHA256
2bf33a9b9980e44d21d48f04cc6ac4eed4c68f207bd5990b7d3254a310b944ae

SHA512
7f2163f651693f9b73a67e90b5c820af060a23502667a5c32c3beb2d6b043f5459f22d61072a744089d622c05502d80f7485e0f86eb6d565ff711d5680512372

Download Submit
C:\Windows\Installer\e5ca5f0.msi

Filesize
26.2MB

MD5
4708f88a9e4a4727ec3c45627ceffbbb

SHA1
5544fe796e2d8ed9eee9348cb92747d5e491c7aa

SHA256
69a125ea1d803bd539acf6f65ef581aee1171709660398b8ef5cceeeeba198bf

SHA512
91f5fac31b3804799c44429e6f058c9b7205c5caf95637fd8092a48965ffd62ff7b40b572f11697bf38a4996deb7f78af9068acedc723bd25455535913fb33dc

Download Submit
C:\Windows\Installer\e5ca601.msi

Filesize
4.6MB

MD5
5817c9cb2f1400cb9b6ba51502600d96

SHA1
387330601fc4e77aadfddb1ccbfe01c42731ba3f

SHA256
ac93a313d2c455f870c2a654c16626851e64241dab25ebde917affaeaf8be9e4

SHA512
2403cdf78ffbcd6e1514c062a550e2943f290ebdca744b83ab6c8d72499665403255c0e67ed0624bc362ffebaf816e348585d76010f98ca1f5e2689eaed98fe3

Download Submit
C:\Windows\Installer\e5ca61e.msi

Filesize
29.2MB

MD5
d1531169578863be209a4ddcf91992df

SHA1
f46d8dbf6a817badea8c7d915120d4e8d9495f5e

SHA256
92067e45536617975c5a5cd8ad68b4423599830387bb2d8cd47c3ecd93adb082

SHA512
460c80bb163f6289c919ba95a503285f268575ddb3d6ecd26e3405f315cb226740c0f135442ee27e46232c6312f3c87938763d41c4688f7f51bb5637aac75b2a

Download Submit
C:\Windows\Installer\e5ca629.msi

Filesize
2.7MB

MD5
4cf8f94ad71a08378dcb93e6467cba6d

SHA1
a80f9768b76227316af0bdb797bb5294b7d77777

SHA256
da0435a2774909cec02c91662f19eedc2cf42d1e6f58fbd38e6ed7cf9aa4c98c

SHA512
ca2015ddfa4f82388ad8242ba2c5ec0b1ad8cc6ab40629f0032dcbc9907cdf1ee9cb26f6f64afe54894db2fcc0acb31b2db3e5a05e52be41bd40685a254b43f8

Download Submit
C:\Windows\Installer\e5ca674.msi

Filesize
9.8MB

MD5
f3abac9dd5852d644f5ae72a5e254a2d

SHA1
00ab2475018164263c37363bac95942334b5aaf7

SHA256
149ebbe91653cc1d473339b62008592a0f975bdee7b070374adb2e23b1ac1585

SHA512
2b6cd63c63cfa1aafa813b6fd89c4702b74a7d0a09b391906e8082d21bcb8a2df43e1209e99f8495965596709bb5a34eed77e614a43e77f38c4737986ec27e3b

Download Submit
C:\Windows\Temp\{1C579FF8-F4E0-4CC9-ABCD-743A44F1A99A}\.ba\1033\thm.wxl

Filesize
6KB

MD5
4479c9aaaae17f8009392786f0910789

SHA1
216b73ba2094150424a9fb4a3d4e1d46b7a38945

SHA256
34919f9197533a6ba636941a91e33e57338fb86a821fa02bf586cb80e9eebdb2

SHA512
6a15007c0239ef1d463f688a5a5f577a8dd0bfb1ca2308b128e31efbb4fb2a2856cbbaa4695e688ec894f8e3ae75a132707d61f88591c686d410f019bc30a9bc

Download Submit
C:\Windows\Temp\{1C579FF8-F4E0-4CC9-ABCD-743A44F1A99A}\.ba\wixstdba.dll

Filesize
190KB

MD5
f1919c6bd85d7a78a70c228a5b227fbe

SHA1
71647ebf4e7bed3bc1663d520419ac550fe630ff

SHA256
dcea15f3710822ffc262e62ec04cc7bbbf0f33f5d1a853609fbfb65cb6a45640

SHA512
c7ff9b19c9bf320454a240c6abbc382950176a6befce05ea73150eeb0085d0b6ed5b65b2dcb4b04621ef9cca1d5c4e59c6682b9c85d1d5845e5ce3e5eedfd2eb

Download Submit
C:\Windows\Temp\{B6F65BCE-A412-4BE2-A516-57727F272CB2}\.ba\bg.png

Filesize
4KB

MD5
9eb0320dfbf2bd541e6a55c01ddc9f20

SHA1
eb282a66d29594346531b1ff886d455e1dcd6d99

SHA256
9095bf7b6baa0107b40a4a6d727215be077133a190f4ca9bd89a176842141e79

SHA512
9ada3a1757a493fbb004bd767fab8f77430af69d71479f340b8b8ede904cc94cd733700db593a4a2d2e1184c0081fd0648318d867128e1cb461021314990931d

Download Submit
C:\Windows\Temp\{B6F65BCE-A412-4BE2-A516-57727F272CB2}\.be\dotnet-sdk-8.0.407-win-x64.exe

Filesize
611KB

MD5
cb2d12f4d983409ec7170a17825fc5b1

SHA1
8b38e8290f30be36be6079fa89e55d0cf81ef5e1

SHA256
67f47054f39a1d0a2037c4460e19f4f1d817a7192fe11a0de14b6982176548dc

SHA512
315bb587982213e4f344a6f722ed410fa5af677ccd632afd47b54e2d7e0c96a6c5eeaf64178e5b6c87f954be9360b17d6b7bce5dba2dde2e7253bb15829728bb

Download Submit
C:\Windows\Temp\{B6F65BCE-A412-4BE2-A516-57727F272CB2}\windowsdesktop_targeting_pack_8.0.14_win_x64.msi

Filesize
3.6MB

MD5
d9b193684055e6a587271ca507183e0a

SHA1
6791632c247e9bab93081fa92e932e181695de1b

SHA256
42f64289c226dc5debe57998f75f4afe76aaaedb806e93c8e2e99761eeda004e

SHA512
ad23751936c6a2c2ebca6b429c6a6173906c510107f15b556cf8b4d67f1bbfbfca7986b6249b1f15cc16289ec63a4857cf0372a60c3fb9d2314eababd60bdc29

Download Submit
memory/5620-8705-0x000002043B940000-0x000002043B962000-memory.dmp

Filesize
136KB

Download
memory/5620-8706-0x0000020454320000-0x0000020454366000-memory.dmp

Filesize
280KB

Download
memory/6804-8503-0x000002A16C5D0000-0x000002A16D092000-memory.dmp

Filesize
10.8MB

Download
memory/6804-5019-0x000002A16C5D0000-0x000002A16D092000-memory.dmp

Filesize
10.8MB

Download
memory/6804-3670-0x000002A16C5D0000-0x000002A16D092000-memory.dmp

Filesize
10.8MB

Download
memory/6804-4960-0x000002A16C5D0000-0x000002A16D092000-memory.dmp

Filesize
10.8MB

Download
memory/6804-4316-0x000002A16C5D0000-0x000002A16D092000-memory.dmp

Filesize
10.8MB

Download