Malware Analysis Report

2024-11-15 04:40

Sample ID 231130-ll2z8aac91
Target https://github.com
Tags
redline umbral @heis999 discovery infostealer spyware stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://github.com was found to be: Known bad.

Malicious Activity Summary

redline umbral @heis999 discovery infostealer spyware stealer

Detect Umbral payload

Umbral

RedLine payload

RedLine

Reads user/profile data of web browsers

Executes dropped EXE

Loads dropped DLL

Legitimate hosting services abused for malware hosting/C2

Accesses cryptocurrency files/wallets, possible credential harvesting

Checks installed software on the system

Suspicious use of SetThreadContext

Suspicious use of WriteProcessMemory

Modifies registry class

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

Uses Task Scheduler COM API

Suspicious use of FindShellTrayWindow

Suspicious use of AdjustPrivilegeToken

Checks processor information in registry

Modifies system certificate store

Enumerates system info in registry

Suspicious behavior: GetForegroundWindowSpam

Suspicious behavior: EnumeratesProcesses

NTFS ADS

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2023-11-30 09:38

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2023-11-30 09:38

Reported

2023-11-30 09:56

Platform

win7-20231020-en

Max time kernel

766s

Max time network

916s

Command Line

"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://github.com"

Signatures

Detect Umbral payload

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

RedLine

infostealer redline

RedLine payload

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Umbral

stealer umbral

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Desktop\AdobePS.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tradingview\Setup.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tradingview\Setup.exe N/A

Reads user/profile data of web browsers

spyware stealer

Accesses cryptocurrency files/wallets, possible credential harvesting

spyware

Checks installed software on the system

discovery

Legitimate hosting services abused for malware hosting/C2

Suspicious use of SetThreadContext

Description Indicator Process Target
PID 3100 set thread context of 1380 N/A C:\Users\Admin\Desktop\AdobePS.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Modifies system certificate store

evasion spyware trojan
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474 C:\Users\Admin\Desktop\Tradingview\Setup.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 040000000100000010000000acb694a59c17e0d791529bb19706a6e40f0000000100000014000000ce0e658aa3e847e467a147b3049191093d055e6f0b0000000100000034000000420061006c00740069006d006f007200650020004300790062006500720054007200750073007400200052006f006f007400000053000000010000002400000030223020060a2b06010401b13e01640130123010060a2b0601040182373c0101030200c0140000000100000014000000e59d5930824758ccacfa085436867b3ab5044df01d0000000100000010000000918ad43a9475f78bb5243de886d8103c09000000010000000c000000300a06082b06010505070301030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae47419000000010000001000000068cb42b035ea773e52ef50ecf50ec52920000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9 C:\Users\Admin\Desktop\Tradingview\Setup.exe N/A

NTFS ADS

Description Indicator Process Target
File created C:\Users\Admin\Downloads\SetupFilePhotoshop_Passwd_2023.rar:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\Tradingview.zip:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\Tradingview(1).zip:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\Synapse-X-Cracked-main.zip:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\Bitcoin_cracker-main.zip:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Users\Admin\Desktop\AdobePS.exe N/A
N/A N/A C:\Users\Admin\Desktop\AdobePS.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tradingview\Setup.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tradingview\Setup.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tradingview\Setup.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tradingview\Setup.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tradingview\Setup.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tradingview\Setup.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tradingview\Setup.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tradingview\Setup.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe N/A
Token: SeRestorePrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: 35 N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Desktop\AdobePS.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeRestorePrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: 35 N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Desktop\Tradingview\Setup.exe N/A
Token: SeRestorePrivilege N/A C:\Users\Admin\Desktop\Tradingview\Setup.exe N/A
Token: SeBackupPrivilege N/A C:\Users\Admin\Desktop\Tradingview\Setup.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Desktop\SynapseX.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: 33 N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: 34 N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: 35 N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\System32\Wbem\wmic.exe N/A
Token: 33 N/A C:\Windows\System32\Wbem\wmic.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\7-Zip\7zG.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2280 wrote to memory of 2464 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2280 wrote to memory of 2464 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2280 wrote to memory of 2464 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2280 wrote to memory of 2464 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2280 wrote to memory of 2464 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2280 wrote to memory of 2464 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2280 wrote to memory of 2464 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2280 wrote to memory of 2464 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2280 wrote to memory of 2464 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2280 wrote to memory of 2464 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2280 wrote to memory of 2464 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2280 wrote to memory of 2464 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2736 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2736 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2736 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2772 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2892 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2892 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2892 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2892 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2464 wrote to memory of 2892 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://github.com"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url https://github.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.0.2130069705\945491677" -parentBuildID 20221007134813 -prefsHandle 1212 -prefMapHandle 1204 -prefsLen 20938 -prefMapSize 232675 -appDir "C:\Program Files\Mozilla Firefox\browser" - {557df7f6-50b4-4e47-be81-ddd37f30cc64} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 1276 f9d9258 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.1.686356128\189884408" -parentBuildID 20221007134813 -prefsHandle 1480 -prefMapHandle 1476 -prefsLen 21799 -prefMapSize 232675 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9b5c401b-fd47-4fff-ad1b-748a9f951983} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 1492 e71f58 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.2.36161412\1343664537" -childID 1 -isForBrowser -prefsHandle 2116 -prefMapHandle 2112 -prefsLen 21837 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bbab22c8-36f0-4f64-bc60-b774c2d61b71} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 2128 19da1758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.3.582267102\151014802" -childID 2 -isForBrowser -prefsHandle 2880 -prefMapHandle 2876 -prefsLen 26482 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a55bd481-3bb8-4ec8-87c1-395ebb958f52} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 2892 e30858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.4.367612363\188996294" -childID 3 -isForBrowser -prefsHandle 3664 -prefMapHandle 3660 -prefsLen 26541 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5567ace6-89a7-4877-90db-68c9789fd408} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 3676 19f24558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.6.1499293911\1496474922" -childID 5 -isForBrowser -prefsHandle 3952 -prefMapHandle 3956 -prefsLen 26541 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f6df3aef-63ec-45f5-86a7-a9b4ee6d71da} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 3940 1fe85b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.5.383923807\1230720931" -childID 4 -isForBrowser -prefsHandle 3796 -prefMapHandle 3800 -prefsLen 26541 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f88600f1-5483-491d-b01e-6e29b49f3ee1} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 3708 1fe27a58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.7.1410587362\1499113060" -parentBuildID 20221007134813 -prefsHandle 3872 -prefMapHandle 3932 -prefsLen 26541 -prefMapSize 232675 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f4a9cce0-fbe2-4b1a-a85f-c315388dcea8} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 4036 1fe85e58 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.8.591631754\1119321675" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 1668 -prefMapHandle 3440 -prefsLen 26797 -prefMapSize 232675 -appDir "C:\Program Files\Mozilla Firefox\browser" - {693d451d-8aef-48de-973e-57dea8e3602c} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 4428 1e285558 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.9.1691721327\565537219" -childID 6 -isForBrowser -prefsHandle 3468 -prefMapHandle 2768 -prefsLen 26797 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {be91f38f-454c-4bfd-912d-4ddc0a827f76} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 1896 20393158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.10.1641829583\1065144820" -childID 7 -isForBrowser -prefsHandle 4588 -prefMapHandle 4580 -prefsLen 26797 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8654dcd4-5aa7-4f09-8bdc-3553de20e61d} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 4612 204bf858 tab

C:\Users\Admin\Desktop\Bitcoin_cracker-main\btc_cracker.exe

"C:\Users\Admin\Desktop\Bitcoin_cracker-main\btc_cracker.exe"

C:\Users\Admin\Desktop\Bitcoin_cracker-main\btc_cracker.exe

"C:\Users\Admin\Desktop\Bitcoin_cracker-main\btc_cracker.exe"

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

"powershell.exe" -NoProfile -NonInteractive -NoLogo -Command "[Console]::OutputEncoding = [System.Text.Encoding]::UTF8; Get-Culture | Select -ExpandProperty DisplayName"

C:\Windows\system32\WerFault.exe

C:\Windows\system32\WerFault.exe -u -p 3572 -s 600

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

"powershell.exe" -NoProfile -NonInteractive -NoLogo -Command "[Console]::OutputEncoding = [System.Text.Encoding]::UTF8; Get-Culture | Select -ExpandProperty DisplayName"

C:\Windows\system32\WerFault.exe

C:\Windows\system32\WerFault.exe -u -p 3796 -s 600

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Desktop\" -an -ai#7zMap12647:118:7zEvent21658

C:\Users\Admin\Desktop\AdobePS.exe

"C:\Users\Admin\Desktop\AdobePS.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.11.1449891225\834096349" -childID 8 -isForBrowser -prefsHandle 4696 -prefMapHandle 4732 -prefsLen 28099 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9979cc96-b729-4faa-8d2e-a988986fda63} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 4004 1e45b558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.12.1598153568\1006959472" -childID 9 -isForBrowser -prefsHandle 5008 -prefMapHandle 1936 -prefsLen 28099 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d11ae917-c0fe-4e43-b217-de101a7fd1a6} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 2688 200cf658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.13.2074516903\2114775193" -childID 10 -isForBrowser -prefsHandle 2652 -prefMapHandle 2648 -prefsLen 28099 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {79af20fb-bd92-4f90-975b-f858b9e3f9ba} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 5128 1698fa58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.14.363314810\71608295" -childID 11 -isForBrowser -prefsHandle 9056 -prefMapHandle 9060 -prefsLen 28099 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ddb9dee7-c444-4705-b82e-e36c4fb118e2} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 9044 18747558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.15.270714169\1088907303" -childID 12 -isForBrowser -prefsHandle 8836 -prefMapHandle 8828 -prefsLen 28099 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {87d78609-9367-4e0a-8b50-f3200bebcf83} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 8856 1f6b8058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.16.1264580795\634033072" -childID 13 -isForBrowser -prefsHandle 4068 -prefMapHandle 4100 -prefsLen 28099 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ba428165-2981-4211-b78f-9021a6f23c05} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 4356 1f0f6a58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.17.483623292\1406492709" -childID 14 -isForBrowser -prefsHandle 3944 -prefMapHandle 4056 -prefsLen 28099 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {32d557e4-b531-4f61-a06f-6f1cb312308c} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 4236 1f104558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.18.774835262\595080959" -childID 15 -isForBrowser -prefsHandle 4356 -prefMapHandle 8520 -prefsLen 28099 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d2e82b9e-1314-49cf-ad53-24e418c4f87f} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 8612 1f106c58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.21.145146223\152627868" -childID 18 -isForBrowser -prefsHandle 8280 -prefMapHandle 8276 -prefsLen 28099 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {49262f77-92fc-4ff8-9a2c-ccc3a12bbfa3} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 4068 234e5d58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.20.1268944318\2022594454" -childID 17 -isForBrowser -prefsHandle 4248 -prefMapHandle 8864 -prefsLen 28099 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1e469db5-bf9c-41dc-83b0-54c009f2f6eb} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 8680 234e4e58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.19.1995146408\1016934673" -childID 16 -isForBrowser -prefsHandle 8924 -prefMapHandle 9044 -prefsLen 28099 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fc2a3f04-46af-43f0-97b5-b8d85ee48f11} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 4864 234ac858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.22.1112550403\363199903" -childID 19 -isForBrowser -prefsHandle 8028 -prefMapHandle 8864 -prefsLen 28099 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d83ce591-adc5-45d4-b383-051953c47258} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 8016 28533658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.23.1944880383\374303207" -childID 20 -isForBrowser -prefsHandle 7864 -prefMapHandle 7856 -prefsLen 28099 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bca58224-ea93-4da8-9afd-ee4c4ccf1e83} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 7876 26a76558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.24.376830353\393444449" -childID 21 -isForBrowser -prefsHandle 7820 -prefMapHandle 7816 -prefsLen 28099 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fde0a6bc-8893-452b-a99e-cb4775bd3df0} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 7800 182b3558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.25.556626815\1615992783" -childID 22 -isForBrowser -prefsHandle 8228 -prefMapHandle 8232 -prefsLen 28099 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {17b553f7-3a95-4513-a809-7556cc7d413e} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 7872 26904a58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.26.1402746078\63635006" -childID 23 -isForBrowser -prefsHandle 7708 -prefMapHandle 7712 -prefsLen 28099 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {69707c0b-d229-452d-8356-803db5bf376d} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 7696 26905058 tab

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x4bc

C:\Program Files\7-Zip\7zFM.exe

"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\Tradingview.zip"

C:\Users\Admin\Desktop\Tradingview\Setup.exe

"C:\Users\Admin\Desktop\Tradingview\Setup.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.27.366228870\1725653190" -childID 24 -isForBrowser -prefsHandle 1800 -prefMapHandle 3324 -prefsLen 28108 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bfbfaf6d-d231-4b34-9ec0-a6b01bc07ad7} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 4608 e64758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.28.15709852\1000042957" -childID 25 -isForBrowser -prefsHandle 8732 -prefMapHandle 2704 -prefsLen 28117 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {212c1502-f4aa-484e-b593-5f50a5335d62} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 8812 182b2f58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.29.293724133\1047544498" -childID 26 -isForBrowser -prefsHandle 2852 -prefMapHandle 2840 -prefsLen 28117 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d65658a2-ff52-447a-a955-a4000d858de8} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 2792 182b1a58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.30.147102635\1016013559" -childID 27 -isForBrowser -prefsHandle 7604 -prefMapHandle 7608 -prefsLen 28117 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5e252354-ab4d-40f0-aa52-34093776b7c3} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 7612 1fe82258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.31.662203832\530588522" -childID 28 -isForBrowser -prefsHandle 4736 -prefMapHandle 4740 -prefsLen 28117 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1d36ac99-67cc-404c-9334-5071ecdb978d} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 4636 1b093958 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.32.469114563\263497961" -childID 29 -isForBrowser -prefsHandle 2452 -prefMapHandle 3500 -prefsLen 28117 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1a69737e-68e7-49fc-8de1-49e5a8348e4d} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 2520 1ce6ba58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.33.1305096777\1875493978" -childID 30 -isForBrowser -prefsHandle 9124 -prefMapHandle 9080 -prefsLen 28117 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a2f73765-67d4-47ec-8dea-ed451728bc53} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 4376 1bd70e58 tab

C:\Users\Admin\Desktop\SynapseX.exe

"C:\Users\Admin\Desktop\SynapseX.exe"

C:\Windows\System32\Wbem\wmic.exe

"wmic.exe" csproduct get uuid

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Users\Admin\Desktop\Tradingview\Setup.exe

"C:\Users\Admin\Desktop\Tradingview\Setup.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.34.330733243\1365028154" -childID 31 -isForBrowser -prefsHandle 3464 -prefMapHandle 3456 -prefsLen 28126 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ee6b481c-9ecb-4f43-8bbe-510e3267323d} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 2696 181a5c58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.35.650433587\987422027" -childID 32 -isForBrowser -prefsHandle 3152 -prefMapHandle 3136 -prefsLen 28126 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5ca78a76-4385-4f35-9e37-890a4c9a1037} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 9064 181a6858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.36.1769982791\807608090" -childID 33 -isForBrowser -prefsHandle 2808 -prefMapHandle 4684 -prefsLen 28126 -prefMapSize 232675 -jsInitHandle 720 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1bc7a1ee-4d34-40ac-957b-d38f98a05543} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 7528 e61058 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6139758,0x7fef6139768,0x7fef6139778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1096 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1528 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1624 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2256 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2248 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=3196 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1352 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3408 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3448 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3888 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3848 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2596 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2792 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3732 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4140 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3696 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=3964 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=3760 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=4620 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5132 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4876 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4872 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5276 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4800 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:8

C:\Users\Admin\Downloads\minecraft-1.0-en-setup.exe

"C:\Users\Admin\Downloads\minecraft-1.0-en-setup.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4820 --field-trial-handle=1292,i,14291059867176889841,3203127987438417440,131072 /prefetch:8

C:\Users\Admin\AppData\Roaming\.tlauncher\tlauncher.exe

C:\Users\Admin\AppData\Roaming\.tlauncher\tlauncher.exe

C:\Program Files\Java\jre7\bin\javaw.exe

"C:\Program Files\Java\jre7\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Roaming\.tlauncher\tlauncher.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" http://minecraft.ru.net/

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3376 CREDAT:275457 /prefetch:2

C:\Users\Admin\AppData\Roaming\.tlauncher\tlauncher.exe

"C:\Users\Admin\AppData\Roaming\.tlauncher\tlauncher.exe"

C:\Program Files\Java\jre7\bin\javaw.exe

"C:\Program Files\Java\jre7\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Roaming\.tlauncher\tlauncher.exe"

C:\Program Files\Java\jre7\bin\javaw.exe

"C:\Program Files\Java\jre7\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Roaming\.tlauncher\tlauncher.exe"

C:\Users\Admin\AppData\Roaming\.tlauncher\tlauncher.exe

"C:\Users\Admin\AppData\Roaming\.tlauncher\tlauncher.exe"

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Program Files\Java\jre7\bin\javaw.exe

"C:\Program Files\Java\jre7\bin\javaw.exe" -Xmx176m -cp C:\Users\Admin\AppData\Roaming\.tlauncher\tlauncher.exe ru.turikhay.tlauncher.TLauncher

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef59c9758,0x7fef59c9768,0x7fef59c9778

Network

Country Destination Domain Proto
N/A 127.0.0.1:49191 tcp
N/A 127.0.0.1:49199 tcp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 getpocket.cdn.mozilla.net udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
DE 140.82.121.3:443 github.com tcp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 8.8.8.8:53 prod.pocket.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 prod.pocket.prod.cloudops.mozgcp.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 44.232.25.207:443 shavar.prod.mozaws.net tcp
US 34.160.144.191:443 prod.content-signature-chains.prod.webservices.mozgcp.net tcp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 github.githubassets.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 github.githubassets.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 api.github.com udp
US 140.82.112.21:443 collector.github.com tcp
US 8.8.8.8:53 glb-db52c2cf8be544.github.com udp
DE 140.82.121.5:443 api.github.com tcp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 glb-db52c2cf8be544.github.com udp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 8.8.8.8:53 private-user-images.githubusercontent.com udp
US 185.199.108.133:443 private-user-images.githubusercontent.com tcp
US 8.8.8.8:53 private-user-images.githubusercontent.com udp
US 8.8.8.8:53 private-user-images.githubusercontent.com udp
US 8.8.8.8:53 github-production-user-asset-6210df.s3.amazonaws.com udp
US 52.217.137.121:443 github-production-user-asset-6210df.s3.amazonaws.com tcp
US 8.8.8.8:53 s3-w.us-east-1.amazonaws.com udp
US 8.8.8.8:53 s3-w.us-east-1.amazonaws.com udp
US 8.8.8.8:53 glb-db52c2cf8be544.github.com udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 185.199.111.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 8.8.8.8:53 codeload.github.com udp
DE 140.82.121.9:443 codeload.github.com tcp
US 8.8.8.8:53 codeload.github.com udp
US 8.8.8.8:53 codeload.github.com udp
US 8.8.8.8:53 ipwho.is udp
DE 195.201.57.90:80 ipwho.is tcp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 185.199.109.133:443 objects.githubusercontent.com tcp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 8.8.8.8:53 api.telegram.org udp
US 8.8.8.8:53 objects.githubusercontent.com udp
NL 149.154.167.220:443 api.telegram.org tcp
DE 195.201.57.90:80 ipwho.is tcp
NL 149.154.167.220:443 api.telegram.org tcp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
US 2.18.121.73:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 216.58.208.110:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 r4---sn-5hneknee.gvt1.com udp
GB 216.58.208.110:443 redirector.gvt1.com udp
NL 74.125.8.73:443 r4---sn-5hneknee.gvt1.com tcp
US 8.8.8.8:53 r4.sn-5hneknee.gvt1.com udp
US 8.8.8.8:53 r4.sn-5hneknee.gvt1.com udp
NL 74.125.8.73:443 r4.sn-5hneknee.gvt1.com udp
US 206.71.149.6:81 tcp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 camo.githubusercontent.com udp
US 185.199.108.133:443 camo.githubusercontent.com tcp
US 8.8.8.8:53 camo.githubusercontent.com udp
US 8.8.8.8:53 camo.githubusercontent.com udp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 collector.github.com udp
US 140.82.114.22:443 collector.github.com tcp
US 8.8.8.8:53 glb-db52c2cf8be544.github.com udp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 api.github.com udp
DE 140.82.121.6:443 api.github.com tcp
US 8.8.8.8:53 telegra.ph udp
NL 149.154.164.13:443 telegra.ph tcp
US 8.8.8.8:53 telegra.ph udp
US 8.8.8.8:53 telegra.ph udp
US 8.8.8.8:53 t.me udp
NL 149.154.167.99:443 t.me tcp
US 8.8.8.8:53 t.me udp
US 8.8.8.8:53 t.me udp
US 8.8.8.8:53 edit.telegra.ph udp
NL 149.154.164.13:443 edit.telegra.ph tcp
US 8.8.8.8:53 edit.telegra.ph udp
US 8.8.8.8:53 edit.telegra.ph udp
US 8.8.8.8:53 gg.gg udp
RU 91.215.42.31:80 gg.gg tcp
US 8.8.8.8:53 gg.gg udp
US 8.8.8.8:53 gg.gg udp
US 8.8.8.8:53 www.mediafire.com udp
US 104.16.113.74:443 www.mediafire.com tcp
US 8.8.8.8:53 www.mediafire.com udp
US 8.8.8.8:53 www.mediafire.com udp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 the.gatekeeperconsent.com udp
US 8.8.8.8:53 www.ezojs.com udp
US 8.8.8.8:53 translate.google.com udp
US 172.67.41.60:443 btloader.com tcp
US 172.67.144.62:443 the.gatekeeperconsent.com tcp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 172.67.170.144:443 www.ezojs.com tcp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 the.gatekeeperconsent.com udp
US 8.8.8.8:53 btloader.com udp
NL 142.250.179.206:443 translate.google.com tcp
US 104.16.56.101:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 the.gatekeeperconsent.com udp
US 8.8.8.8:53 www.ezojs.com.cdn.cloudflare.net udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www.ezojs.com.cdn.cloudflare.net udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 172.67.144.62:443 the.gatekeeperconsent.com udp
US 172.67.170.144:443 www.ezojs.com.cdn.cloudflare.net udp
NL 142.250.179.206:443 www3.l.google.com udp
US 8.8.8.8:53 privacy.gatekeeperconsent.com udp
US 8.8.8.8:53 cdn.amplitude.com udp
US 104.21.28.48:443 privacy.gatekeeperconsent.com tcp
US 8.8.8.8:53 privacy.gatekeeperconsent.com udp
US 8.8.8.8:53 cdn.otnolatrnup.com udp
US 8.8.8.8:53 cdn.amplitude.com udp
US 8.8.8.8:53 privacy.gatekeeperconsent.com udp
US 8.8.8.8:53 static.mediafire.com udp
US 104.19.215.37:443 cdn.otnolatrnup.com tcp
US 8.8.8.8:53 cdn.otnolatrnup.com udp
US 8.8.8.8:53 cdn.amplitude.com udp
US 8.8.8.8:53 static.mediafire.com udp
US 104.16.114.74:443 static.mediafire.com tcp
US 104.16.114.74:443 static.mediafire.com tcp
US 104.16.114.74:443 static.mediafire.com tcp
US 104.16.114.74:443 static.mediafire.com tcp
US 104.16.114.74:443 static.mediafire.com tcp
US 104.16.114.74:443 static.mediafire.com tcp
US 8.8.8.8:53 cdn.otnolatrnup.com udp
US 8.8.8.8:53 ad-delivery.net udp
US 8.8.8.8:53 static.mediafire.com udp
US 104.21.28.48:443 privacy.gatekeeperconsent.com udp
US 8.8.8.8:53 api.btloader.com udp
US 104.26.3.70:443 ad-delivery.net tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 8.8.8.8:53 ad-delivery.net udp
US 8.8.8.8:53 api.btloader.com udp
US 130.211.23.194:443 api.btloader.com tcp
US 104.19.215.37:443 cdn.otnolatrnup.com udp
US 8.8.8.8:53 ad-delivery.net udp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 g.ezoic.net udp
US 8.8.8.8:53 translate.googleapis.com udp
US 8.8.8.8:53 g.ezoic.net udp
US 8.8.8.8:53 translate.googleapis.com udp
US 8.8.8.8:53 translate.googleapis.com udp
NL 142.250.179.138:443 translate.googleapis.com tcp
DE 3.69.213.60:443 g.ezoic.net tcp
NL 142.250.179.138:443 translate.googleapis.com udp
US 130.211.23.194:443 api.btloader.com udp
US 8.8.8.8:53 go.ezodn.com udp
US 8.8.8.8:53 otnolatrnup.com udp
US 172.64.136.15:443 go.ezodn.com tcp
US 172.64.136.15:443 go.ezodn.com tcp
US 172.64.136.15:443 go.ezodn.com tcp
US 8.8.8.8:53 go.ezodn.com udp
US 8.8.8.8:53 otnolatrnup.com udp
US 8.8.8.8:53 go.ezodn.com udp
US 104.19.214.37:443 otnolatrnup.com tcp
US 8.8.8.8:53 otnolatrnup.com udp
US 172.64.136.15:443 go.ezodn.com udp
US 104.19.214.37:443 otnolatrnup.com udp
US 18.239.63.108:443 cdn.amplitude.com tcp
US 8.8.8.8:53 www.mediafire.com udp
US 130.211.23.194:443 api.btloader.com udp
US 8.8.8.8:53 api.amplitude.com udp
US 8.8.8.8:53 www.mediafire.com udp
US 44.241.222.134:443 api.amplitude.com tcp
US 8.8.8.8:53 api.amplitude.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 api.amplitude.com udp
US 8.8.8.8:53 securepubads46.g.doubleclick.net udp
US 8.8.8.8:53 securepubads46.g.doubleclick.net udp
US 8.8.8.8:53 translate-pa.googleapis.com udp
NL 142.250.179.202:443 translate-pa.googleapis.com tcp
US 8.8.8.8:53 translate-pa.googleapis.com udp
US 8.8.8.8:53 translate-pa.googleapis.com udp
NL 142.250.179.202:443 translate-pa.googleapis.com udp
US 8.8.8.8:53 otnolatrnup.com udp
US 8.8.8.8:53 download2276.mediafire.com udp
US 8.8.8.8:53 otnolatrnup.com udp
US 8.8.8.8:53 download2276.mediafire.com udp
US 104.19.214.37:443 otnolatrnup.com tcp
US 199.91.155.17:443 download2276.mediafire.com tcp
US 8.8.8.8:53 download2276.mediafire.com udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 btlr.sharethrough.com udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 eu-tlx.3lift.com udp
US 8.8.8.8:53 hbopenbid-ams.pubmnet.com udp
US 8.8.8.8:53 eu-tlx.3lift.com udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 hbopenbid-ams.pubmnet.com udp
US 8.8.8.8:53 btlr-eu-central-1.sharethrough.com udp
US 216.239.32.181:443 analytics.google.com tcp
US 8.8.8.8:53 analytics-alv.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 btlr-eu-central-1.sharethrough.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 analytics-alv.google.com udp
US 216.239.32.181:443 analytics-alv.google.com udp
US 34.120.63.153:443 prebid.media.net tcp
DE 3.76.240.239:443 tlx.3lift.com tcp
NL 185.64.189.112:443 hbopenbid-ams.pubmnet.com tcp
DE 18.196.212.20:443 btlr.sharethrough.com tcp
DE 18.196.212.20:443 btlr.sharethrough.com tcp
DE 18.196.212.20:443 btlr.sharethrough.com tcp
DE 18.196.212.20:443 btlr.sharethrough.com tcp
DE 18.196.212.20:443 btlr.sharethrough.com tcp
US 104.19.214.37:443 otnolatrnup.com udp
US 34.120.63.153:443 prebid.media.net udp
NL 142.250.102.157:443 stats.g.doubleclick.net tcp
NL 142.250.102.157:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 otnolatrnup.com udp
US 104.19.214.37:80 otnolatrnup.com tcp
US 8.8.8.8:53 otnolatrnup.com udp
US 8.8.8.8:53 woreppercomming.com udp
DE 18.196.84.70:443 woreppercomming.com tcp
US 8.8.8.8:53 woreppercomming.com udp
US 8.8.8.8:53 woreppercomming.com udp
US 8.8.8.8:53 www.ovardu.com udp
US 172.67.174.4:443 www.ovardu.com tcp
US 8.8.8.8:53 www.ovardu.com udp
US 8.8.8.8:53 www.ovardu.com udp
US 172.67.174.4:443 www.ovardu.com udp
US 8.8.8.8:53 eb2.3lift.com udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 contextual.media.net udp
US 13.248.245.213:443 eb2.3lift.com tcp
FR 2.21.224.254:443 ads.pubmatic.com tcp
US 8.8.8.8:53 eu-eb2.3lift.com udp
US 8.8.8.8:53 e6603.g.akamaiedge.net udp
NL 104.85.0.23:443 contextual.media.net tcp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 eu-eb2.3lift.com udp
US 8.8.8.8:53 e6603.g.akamaiedge.net udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 image6.pubmatic.com udp
US 8.8.8.8:53 pugm-lhrc.pubmnet.com udp
GB 185.64.190.78:443 pugm-lhrc.pubmnet.com tcp
GB 185.64.190.78:443 pugm-lhrc.pubmnet.com tcp
US 8.8.8.8:53 pugm-lhrc.pubmnet.com udp
US 8.8.8.8:53 simage4.pubmatic.com udp
NL 198.47.127.20:443 simage4.pubmatic.com tcp
NL 198.47.127.20:443 simage4.pubmatic.com tcp
US 8.8.8.8:53 spug-amsfpairbc.pubmnet.com udp
US 8.8.8.8:53 spug-amsfpairbc.pubmnet.com udp
US 8.8.8.8:53 translate.googleapis.com udp
US 8.8.8.8:53 translate.googleapis.com udp
US 8.8.8.8:53 www.mediafire.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 www.mediafire.com udp
NL 142.251.36.42:443 ajax.googleapis.com tcp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
NL 142.251.36.42:443 ajax.googleapis.com udp
US 8.8.8.8:53 api.amplitude.com udp
US 8.8.8.8:53 api.amplitude.com udp
US 52.39.192.217:443 api.amplitude.com tcp
US 8.8.8.8:53 api.amplitude.com udp
US 8.8.8.8:53 www.mediafire.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 api.amplitude.com udp
US 8.8.8.8:53 api.amplitude.com udp
US 8.8.8.8:53 g.ezoic.net udp
US 8.8.8.8:53 g.ezoic.net udp
DE 18.196.212.20:443 btlr.sharethrough.com tcp
US 8.8.8.8:53 btlr.sharethrough.com udp
US 8.8.8.8:53 btlr-eu-central-1.sharethrough.com udp
US 8.8.8.8:53 btlr.sharethrough.com udp
US 8.8.8.8:53 api.amplitude.com udp
US 8.8.8.8:53 api.amplitude.com udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
NL 142.250.179.206:443 fundingchoicesmessages.google.com tcp
NL 142.250.179.206:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 oa.openxcdn.net udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 cdn.prod.uidapi.com udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 invstatic101.creativecdn.com udp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
NL 142.250.179.161:443 530241023bad05bdef7a77e87a712c9d.safeframe.googlesyndication.com tcp
US 34.102.146.192:443 oa.openxcdn.net tcp
US 8.8.8.8:53 lh3.googleusercontent.com udp
US 8.8.8.8:53 jsdelivr.map.fastly.net udp
US 8.8.8.8:53 pagead-googlehosted.l.google.com udp
US 18.239.80.197:443 cdn.prod.uidapi.com tcp
US 8.8.8.8:53 static.nl3.vip.prod.criteo.net udp
US 8.8.8.8:53 jsdelivr.map.fastly.net udp
NL 142.251.36.1:443 lh3.googleusercontent.com tcp
US 8.8.8.8:53 pagead-googlehosted.l.google.com udp
US 8.8.8.8:53 static.nl3.vip.prod.criteo.net udp
US 8.8.8.8:53 oa.openxcdn.net udp
US 8.8.8.8:53 invstatic101.creativecdn.com udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 oa.openxcdn.net udp
US 8.8.8.8:53 invstatic101.creativecdn.com udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 d2avimlm6gq3h9.cloudfront.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
NL 142.250.179.161:443 pagead-googlehosted.l.google.com udp
US 34.102.146.192:443 oa.openxcdn.net udp
US 8.8.8.8:53 googlehosted.l.googleusercontent.com udp
US 151.101.1.229:443 jsdelivr.map.fastly.net udp
US 8.8.8.8:53 d2avimlm6gq3h9.cloudfront.net udp
US 8.8.8.8:53 oajs.openx.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
NL 142.251.36.1:443 googlehosted.l.googleusercontent.com udp
US 8.8.8.8:53 googlehosted.l.googleusercontent.com udp
US 8.8.8.8:53 oajs.openx.net udp
US 8.8.8.8:53 oajs.openx.net udp
US 8.8.8.8:53 cdn.ampproject.org udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
NL 142.250.179.161:443 cdn.ampproject.org tcp
NL 142.250.179.161:443 cdn.ampproject.org tcp
NL 142.250.179.161:443 cdn.ampproject.org tcp
NL 142.250.179.161:443 cdn.ampproject.org tcp
NL 142.250.179.161:443 cdn.ampproject.org tcp
US 8.8.8.8:53 cdn-content.ampproject.org udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 cdn-content.ampproject.org udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
NL 142.250.179.161:443 cdn-content.ampproject.org udp
US 172.67.38.106:443 cdn.id5-sync.com tcp
NL 178.250.1.3:443 static.nl3.vip.prod.criteo.net tcp
NL 108.156.60.37:443 tags.crwdcntrl.net tcp
US 34.96.70.87:443 invstatic101.creativecdn.com tcp
US 34.120.107.143:443 oajs.openx.net tcp
NL 142.251.36.1:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 s0.2mdn.net udp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
US 8.8.8.8:53 www.googletagservices.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 s0.2mdn.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 s0.2mdn.net udp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
US 8.8.8.8:53 www.googletagservices.com udp
NL 142.251.36.1:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
US 8.8.8.8:53 www.googletagservices.com udp
NL 172.217.168.194:443 googleads.g.doubleclick.net tcp
NL 142.251.36.34:443 www.googletagservices.com tcp
NL 172.217.168.194:443 googleads.g.doubleclick.net tcp
NL 142.250.179.134:443 s0.2mdn.net tcp
NL 142.251.36.34:443 www.googletagservices.com tcp
US 34.96.70.87:443 invstatic101.creativecdn.com udp
US 34.120.107.143:443 oajs.openx.net udp
NL 142.250.179.134:443 s0.2mdn.net udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 id5-sync.com udp
NL 142.251.36.34:443 www.googletagservices.com udp
IE 52.214.165.240:443 bcp.crwdcntrl.net tcp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
DE 141.95.98.65:443 id5-sync.com tcp
US 8.8.8.8:53 id5-sync.com udp
NL 142.250.179.134:443 s0.2mdn.net tcp
NL 172.217.168.194:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
NL 142.250.179.206:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 www.mediafire.com udp
US 8.8.8.8:53 www.mediafire.com udp
US 8.8.8.8:53 google-bidout-d.openx.net udp
US 35.244.159.8:443 google-bidout-d.openx.net tcp
US 8.8.8.8:53 google-bidout-d.openx.net udp
US 8.8.8.8:53 google-bidout-d.openx.net udp
US 199.91.155.17:443 download2276.mediafire.com tcp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 image6.pubmatic.com udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 e6603.g.akamaiedge.net udp
US 8.8.8.8:53 pugm-amsfpairbc.pubmnet.com udp
US 8.8.8.8:53 pugm-amsfpairbc.pubmnet.com udp
US 8.8.8.8:53 ade.googlesyndication.com udp
NL 172.217.168.194:443 ade.googlesyndication.com tcp
US 8.8.8.8:53 ade.googlesyndication.com udp
US 8.8.8.8:53 ade.googlesyndication.com udp
NL 172.217.168.194:443 ade.googlesyndication.com udp
NL 172.217.168.194:443 ade.googlesyndication.com udp
US 8.8.8.8:53 g.ezoic.net udp
US 8.8.8.8:53 g.ezoic.net udp
US 8.8.8.8:53 g.ezoic.net udp
NL 45.15.156.167:80 tcp
US 216.239.32.181:443 analytics-alv.google.com udp
NL 142.251.39.106:443 translate.googleapis.com udp
US 8.8.8.8:53 api.ip.sb udp
US 104.26.13.31:443 api.ip.sb tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 github.com udp
DE 140.82.121.4:443 github.com tcp
US 8.8.8.8:53 github.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 github.githubassets.com udp
US 185.199.108.133:443 camo.githubusercontent.com tcp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 api.github.com udp
US 140.82.114.22:443 collector.github.com tcp
US 8.8.8.8:53 glb-db52c2cf8be544.github.com udp
US 8.8.8.8:53 collector.github.com udp
DE 140.82.121.5:443 api.github.com tcp
US 8.8.8.8:53 api.github.com udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 bit.ly udp
US 67.199.248.10:443 bit.ly tcp
US 8.8.8.8:53 bit.ly udp
US 8.8.8.8:53 bit.ly udp
US 67.199.248.10:443 bit.ly udp
US 8.8.8.8:53 href.li udp
US 192.0.78.26:443 href.li tcp
US 8.8.8.8:53 href.li udp
US 8.8.8.8:53 href.li udp
US 8.8.8.8:53 thetinyengine.world udp
US 188.114.97.0:443 thetinyengine.world tcp
US 8.8.8.8:53 thetinyengine.world udp
US 8.8.8.8:53 thetinyengine.world udp
US 188.114.97.0:443 thetinyengine.world udp
US 8.8.8.8:53 www.capsulink.com udp
US 188.114.96.0:443 www.capsulink.com tcp
US 8.8.8.8:53 www.capsulink.com udp
US 8.8.8.8:53 www.capsulink.com udp
US 188.114.96.0:443 www.capsulink.com udp
US 8.8.8.8:53 cdn.firstpromoter.com udp
US 8.8.8.8:53 static.zdassets.com udp
US 104.18.70.113:443 static.zdassets.com tcp
US 8.8.8.8:53 static.zdassets.com udp
NL 13.227.219.64:443 cdn.firstpromoter.com tcp
US 8.8.8.8:53 d2ycxbs0cq3yaz.cloudfront.net udp
US 8.8.8.8:53 static.zdassets.com udp
US 8.8.8.8:53 d2ycxbs0cq3yaz.cloudfront.net udp
US 8.8.8.8:53 ekr.zdassets.com udp
US 104.18.72.113:443 ekr.zdassets.com tcp
US 8.8.8.8:53 ekr.zdassets.com udp
US 8.8.8.8:53 ekr.zdassets.com udp
US 216.239.32.181:443 analytics-alv.google.com tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 216.239.32.181:443 analytics-alv.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
NL 142.250.102.157:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
NL 142.250.102.157:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 capsulink.zendesk.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 capsulink.zendesk.com udp
US 104.16.51.111:443 capsulink.zendesk.com tcp
US 8.8.8.8:53 capsulink.zendesk.com udp
US 8.8.8.8:53 widget-mediator.zopim.com udp
US 8.8.8.8:53 widget-mediator.zopim.com udp
US 8.8.8.8:53 widget-mediator.zopim.com udp
US 8.8.8.8:53 widget-mediator.zopim.com udp
US 8.8.8.8:53 widget-mediator.zopim.com udp
IE 63.35.133.98:443 widget-mediator.zopim.com tcp
US 8.8.8.8:53 glb-db52c2cf8be544.github.com udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 github.com udp
IE 34.248.71.52:443 widget-mediator.zopim.com tcp
US 8.8.8.8:53 widget-mediator.zopim.com udp
US 8.8.8.8:53 widget-mediator.zopim.com udp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 codeload.github.com udp
US 8.8.8.8:53 codeload.github.com udp
DE 140.82.121.9:443 codeload.github.com tcp
US 8.8.8.8:53 codeload.github.com udp
US 8.8.8.8:53 gstatic.com udp
NL 45.15.156.167:80 tcp
US 8.8.8.8:53 aus5.mozilla.org udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 api.ip.sb udp
US 104.26.12.31:443 api.ip.sb tcp
US 8.8.8.8:53 href.li udp
US 192.0.78.27:443 href.li tcp
US 8.8.8.8:53 href.li udp
US 8.8.8.8:53 thetinyengine.world udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 github.com udp
DE 140.82.121.3:443 github.com tcp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 glb-db52c2cf8be544.github.com udp
US 140.82.114.21:443 collector.github.com tcp
US 8.8.8.8:53 collector.github.com udp
DE 140.82.121.5:443 api.github.com tcp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.110.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 glb-db52c2cf8be544.github.com udp
US 8.8.8.8:53 apis.google.com udp
DE 172.217.23.206:443 apis.google.com tcp
N/A 224.0.0.251:5353 udp
DE 172.217.23.206:443 apis.google.com udp
US 8.8.8.8:53 mcpedl.org udp
US 104.21.19.193:443 mcpedl.org tcp
US 104.21.19.193:443 mcpedl.org tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 88.221.25.169:80 apps.identrust.com tcp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
NL 142.251.36.14:443 encrypted-tbn0.gstatic.com tcp
US 104.21.19.193:443 mcpedl.org udp
US 8.8.8.8:53 id.google.com udp
DE 172.217.23.195:443 id.google.com tcp
US 8.8.8.8:53 counter.yadro.ru udp
RU 88.212.201.198:443 counter.yadro.ru tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 mc-pc.net udp
DE 176.9.82.28:443 mc-pc.net tcp
DE 176.9.82.28:443 mc-pc.net tcp
DE 176.9.82.28:443 mc-pc.net tcp
US 8.8.8.8:53 i.ytimg.com udp
DE 176.9.82.28:443 mc-pc.net tcp
DE 176.9.82.28:443 mc-pc.net tcp
DE 176.9.82.28:443 mc-pc.net tcp
NL 142.251.39.118:443 i.ytimg.com tcp
US 8.8.8.8:53 top-fwz1.mail.ru udp
RU 95.163.52.67:443 top-fwz1.mail.ru tcp
RU 95.163.52.67:443 top-fwz1.mail.ru tcp
US 8.8.8.8:53 st.top100.ru udp
US 8.8.8.8:53 mc.yandex.ru udp
RU 87.250.250.119:443 mc.yandex.ru tcp
RU 81.19.89.16:443 st.top100.ru tcp
RU 87.250.250.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
NL 142.251.36.34:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 mc.yandex.com udp
NL 142.251.36.34:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
NL 142.251.36.6:443 static.doubleclick.net tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 www.googletagservices.com udp
NL 142.251.36.1:443 tpc.googlesyndication.com tcp
NL 142.251.36.1:443 tpc.googlesyndication.com tcp
NL 142.251.36.1:443 tpc.googlesyndication.com tcp
NL 142.251.36.1:443 tpc.googlesyndication.com udp
RU 81.19.89.16:443 st.top100.ru tcp
US 8.8.8.8:53 px.ads.linkedin.com udp
US 8.8.8.8:53 gcm.ctnsnet.com udp
US 8.8.8.8:53 d5p.de17a.com udp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 rtb2-useast.e-volution.ai udp
US 8.8.8.8:53 an.yandex.ru udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
SE 213.155.156.183:443 d5p.de17a.com tcp
US 13.107.42.14:443 px.ads.linkedin.com tcp
US 8.8.8.8:53 c1.adform.net udp
US 8.8.8.8:53 ad.turn.com udp
US 13.107.42.14:443 px.ads.linkedin.com tcp
US 54.209.112.6:443 sync.srv.stackadapt.com tcp
US 35.186.193.173:443 gcm.ctnsnet.com tcp
US 8.8.8.8:53 b1sync.zemanta.com tcp
US 8.8.8.8:53 ius.ctnsnet.com udp
US 174.137.133.49:443 rtb2-useast.e-volution.ai tcp
US 174.137.133.49:443 rtb2-useast.e-volution.ai tcp
RU 213.180.193.90:443 an.yandex.ru tcp
RU 213.180.193.90:443 an.yandex.ru tcp
NL 142.250.179.194:443 cm.g.doubleclick.net tcp
NL 142.250.179.194:443 cm.g.doubleclick.net tcp
DK 37.157.3.26:443 c1.adform.net tcp
DK 37.157.3.26:443 c1.adform.net tcp
NL 46.228.164.11:443 ad.turn.com tcp
US 35.186.193.173:443 ius.ctnsnet.com tcp
US 64.74.236.63:443 b1sync.zemanta.com tcp
US 64.74.236.63:443 b1sync.zemanta.com tcp
NL 46.228.164.11:443 ad.turn.com tcp
NL 142.250.179.194:443 cm.g.doubleclick.net udp
DE 176.9.82.28:443 mc-pc.net tcp
DE 176.9.82.28:443 mc-pc.net tcp
RU 95.163.52.67:443 top-fwz1.mail.ru tcp
RU 87.250.251.119:443 mc.yandex.com tcp
US 8.8.8.8:53 play.google.com udp
NL 142.251.36.14:443 play.google.com tcp
NL 142.251.36.14:443 play.google.com tcp
NL 142.251.36.14:443 play.google.com tcp
NL 142.251.36.14:443 play.google.com udp
US 8.8.8.8:53 minecraft.ru.net udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 192.178.48.227:443 beacons.gcp.gvt2.com tcp
US 192.178.48.227:443 beacons.gcp.gvt2.com tcp
US 192.178.48.227:443 beacons.gcp.gvt2.com udp
US 192.178.48.227:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 e2c32.gcp.gvt2.com udp
HK 35.215.129.230:443 e2c32.gcp.gvt2.com tcp
US 35.215.90.198:443 e2c52.gcp.gvt2.com tcp
US 8.8.8.8:53 top-fwz1.mail.ru udp
RU 95.163.52.67:443 top-fwz1.mail.ru tcp
HK 35.215.129.230:443 e2c32.gcp.gvt2.com tcp
US 35.215.90.198:443 e2c52.gcp.gvt2.com tcp
NL 142.251.36.34:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 beacons.gvt2.com udp
US 192.178.48.227:443 beacons.gvt2.com tcp
US 192.178.48.227:443 beacons.gvt2.com tcp
NL 142.251.36.34:443 googleads.g.doubleclick.net udp
RU 95.163.52.67:443 top-fwz1.mail.ru tcp

Files

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\activity-stream.discovery_stream.json.tmp

MD5 0b8d44d5a74956ea52051778c912cf40
SHA1 900db85b7a0fd193da3b0b7e79a276306375b6e6
SHA256 87284b06ebf7978c877a8d398cece000014313fec905e7798c080d0bde51b027
SHA512 6a914da01c251ba7279e4776492c7b70f58e00161854a0f1fde09e501d1a0a297507236120fac5be2578d4e8e072b61c30f811625f8365b4d2a6dbe4348bda5f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 6431ddaf018b389fabc9af5eb63cb9aa
SHA1 9676b289be0eb61f1cbe6aaf177353b767584f2d
SHA256 4d840ab9893315617c1efdd2571a26b186ed0b8b0cb02b74512f290c2c704252
SHA512 f41e2c4c20f3a7a4d6ec32f8c8aff3e804c679890f4c32024337a3b0e79fa9222d4c2cc4b75ee69584fdab2973340228b1094789cf886f33ce188ca363417137

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\prefs-1.js

MD5 c93ff8bb83ac27a85dc058e19aba4653
SHA1 82b178077efe1e6d3043681c52d221cb9cbd87d8
SHA256 25c56de747a0557419b8bd094edadb71da927b030264c188f1bc64f35cb61dfc
SHA512 9142d9f29407863fe9a843097a3710873133a86182b48541fd8956139910255dfcc7a269806d6412e54d81c23a587dbbe0a37c0047053b9d661e78905d98d1dd

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\doomed\18813

MD5 38b36f365b36d997b97e944f435ccb30
SHA1 eeeea80fb985771916f42107e9e0100b5240c557
SHA256 54033760884698fa48d5851c6565f0c285f244f04430858ddb7ef5d253a158be
SHA512 72ac375b094bcdd823f8b17ba9dfa29eee2510722de925358b1494cd95b790d7f47c42205d26698bfacc1e6e71ec60ae1fc9119926c61842544acc99570f90b7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 5ca31d3161fffc66aa0b815680196725
SHA1 062dd9c22e912e666d5c58c9a2f3f0952d0d8acd
SHA256 4c157edad1940976f055ce1f029cca9e5c7f2e99a3bbcf65f84d752e32a4e2f2
SHA512 86410f4fed6ee8bea867468678da71779502ec47f472816831338b265df572110153387dee51e9f08e6229a084c31eeb8404a58f18054d95da7a2678ddad5fdd

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\8CF0FCA8835761241FFF87CD21699A59C31B9475

MD5 4998bb39f01c614a71a1ca6bf5fed785
SHA1 e755022d0403e16274864f850ce532197de2256f
SHA256 8260a7018c43871c5dbe4e7491641600138ee7f83bd68118addf339116321f9f
SHA512 54b09a76e8c56fd95b6d83b8c3c2778973abd84c6b878fc23aee55476cd6bbe0f7d1ed4595c6a1fb2cc8b7d0a5235344f07ee1c2ca84c91d138c41f174dbec46

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\FAF7831283380F406773DEB9DBB542CE25BEBDF3

MD5 09adc81ff591a6ece29fc6680edca8cb
SHA1 29cca7349e769a0b7cc647ef9863b6e3779a1301
SHA256 1c16463988c8d4d54d33b77461942a548ac1f0061688153d594bf11aa62ccab3
SHA512 10e34408290c0326ce70840917620cb957ed8fa43addb2b90273684058647fa58dfd690301e413e71137cda3d3f69053c3ed461fa65f883a8a023d22f33595d9

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\72459543CA50EFFE781E7E5241206F1CBAA365BD

MD5 fb17e08dc6ae81df16b5b003e4d1beca
SHA1 2004832fd968ffab96aa10c2d62f54587592acfe
SHA256 00c94a7ab8e16c9c135a7533bbd0eb42f80411ae4bebb9630e273f9dd5ffd0bd
SHA512 5928cdf5746f276b24206610aa6826643aafac7c8a7a578d2d914cbdd3f76086771f486a2ceb71841446eab02fa0bed4971401b0f3d22e92c62c6f143533856e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\7F24CD669B6E5345700CAF20E68D8E061062C679

MD5 8d7541f079d279cbafd471ed908daed8
SHA1 393ffb53095652e2c144a299f37c19327e6093f9
SHA256 81ec423ddce4cd932a342ad2a8c6818607c9750b3f22b7b4eb7cab964ab2c023
SHA512 ba36426dda7b16c6e34b0ae33c8f67c718037016a6c95a0eedafe2ced1223a91aeb522cd04861d1fb2f5bbe25779c9016a8b00fb6258df6f3dbc3b23aba9e028

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\DE46EE04856B06593A3188BEC9AD0D09C978916B

MD5 e51d57c0409f55a72e3a8ff65d4a0e0f
SHA1 7fa204a86975fc3c34aaf24903538b673d619965
SHA256 95b44d06b2e0c6ab5cc79625ebb1c5a4bfe253f03174f8902e7d7b917d8a4135
SHA512 31c111146473e4a87eedf07dc403f4a00f9a1de90c3bc24680b12d8162a217216cb20af71288110a51af0d2b29e42aae163d0120f44726241686a5a53dfd30df

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\144A2030C2AEE9908B27E607D65F0E845A81ADF8

MD5 ac26f370c1d69227021407f2a1d70fa9
SHA1 89c22fccad28fc712bcd7e9af0b625c5a7d79164
SHA256 6efbf3da29d14e7a9c1ef795c71fbae6b50918a594980fd7e879415e7c7cc322
SHA512 9f11650606691b8d7bcb1b50c2c1988ebe3d71e75b579b340b11684f6f69b28510e96160c34da3ada7f1b8f2311845b9cacb8fe0c4a01277d4235afc10cd316d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 32d6c32ed2018ecd21fd8762b375884e
SHA1 40e0129c506ce4681cb030bbdb93957b8b864f9f
SHA256 5f23e1287703b10b6b3a22ec50f6addb1cf65aa0c007216f7be45551287b70db
SHA512 7b5ea911f5f4b533909ca792eaa7e0a1e1b5e32420fa9637037e19f8482bdbb1724a6d92e979ce06b1526811a751e215b29ad49c35441207fb02e2638d7d92e6

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\95E775A5F9D9114276994F80F4077A84B3D1A509

MD5 6b0506e06f26c1cd8f8b8cf0ac877421
SHA1 b6cc22da486adf4f7422b7cdd0e926a517e69863
SHA256 90a8dcf5756e008a881874a94267ab102beb477e388d0fc3c3a9d203734d6925
SHA512 2dc5fee7bf1e8f21fd6b114e7d5c764d10bb8e067e7aa872f69ee0ba7e7f990ce14c68f8b17a167f01bcc7b32492341a94262056b0aecb901b79b555e13822c0

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\FE209E078E027D377638E2C16AABDD2AFF9B8A24

MD5 e1cf10088445da8cb19b51e610e934dd
SHA1 b424ebce15bccc3ab6d8bc663137c8ec241017f9
SHA256 c03d16b0e981643381336d7880272a46da595064f67f18a818e90cfa88d103f1
SHA512 0d27172fba549e9264dbd52f4999c11500462363bcc72d12410af8c9abe0c7376ff53eff7fe54ca8f0cd10183d2a0b3bd4a052ec40689bb2656a73315ad109e3

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\67DDCA4A583A12C0F49850FAA4F241EF052AB50B

MD5 fbece020283464d4845c05278527b50c
SHA1 f69030277a7170fcb4325bc42431036e21a09d9d
SHA256 e5da768cdaf7ad27a8161bd052f4948b9e6addd03d0523417d1aaa0b72c12e9c
SHA512 a0a90f034961074a2d3b5fb7e16b3ff4f9b766cb228407c02f622304cecfeb54ba5a503d1b6793e3850d1d05eeb683c434eefdd30ac12174d2e54e92d0a77a65

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\30178BD9AB2B3EBC2B38C05433FD47D425CEB96B

MD5 c429481706a20ffbad60f1dea4e5b23c
SHA1 815b362d0b6efbf0bab7ec72b99cabb69e27fd05
SHA256 05db0d15b8e57eed646e6b74b69aa4db6a286d3c53b7da657789f90b5c7417c8
SHA512 305197b13a47eb6a5310b991d603f93628d4b3964832a9f537deb9329dfc0ae4db08e5153193c6bf50d514904356c22fbb5be50727bd15750f015b6c053a25a0

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\FBD0EBB0E2C0CCFD6493EEE689700E76AF63A10A

MD5 19d489a71ae47b21d360e04a79434ae3
SHA1 2eb94b33ef73efa483431a5453cf19cfb3b6ba79
SHA256 a7c47f8d3b5c469ca51a437f07f24aea3ddc209bad7a58590dbdcddd897e9756
SHA512 507ca2cbb8d32272980f30ef4c7b80bf7231897999c98cfb5fb1355c3bd1a1a52d070abc24ca0011bbd883b9045db301f2f1b60db98a2ae6db98f7da00180440

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\61531F996C01006C5A9F664BCF1645D4CDCC473A

MD5 d663d01ff0f18e95e20d55196bd2982f
SHA1 852ca7b538d79a73cdadc8952038b44739410bdc
SHA256 f267cc4ff273c87d7967e707ca9341fd5d64a7ec814c017eb738f523bcf052b7
SHA512 351bf8d7e8764b9d74a039c793e6abf646927583b0e071371bb6ac52769a1fc8945111c8baf1768a621071fcc6966a3316ce1e9fb6cbe7f5ee0436a512a8f8de

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\1EBE392A8B5FF03FEB10FC397DA798E4B02AF9EB

MD5 bb42f92720ad5be2a29bc81c7c90cd6d
SHA1 467ba04807f0ce46a1c46687808e5bc4c99647f2
SHA256 949afd91f6ecf650eb27a4eda096b6eba711b35b70ae89d2787f0e673e823f3f
SHA512 7f6a9b6bfb7fb119b7b723229dfad7aea105af1b915ad2a39b19f4bca25997525ba40a4cf3a9343fb6411d628bf535390ccf55fa2f28be00f159c3a342a8b3a4

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\0B6BD357191CCFD86F7AE07FC78FD28B22438953

MD5 f848354f56029c2d66986996525937fe
SHA1 32af31003c043b6b85a5b593144682a777366351
SHA256 f86783f0089d57134210d0af8aaa91b72f686c60ea17653d704d8ccd6d42764e
SHA512 be04bcfb17c76d88e4a7db2fec0e822d6b52c3efc63db05e2b66db0bec29edb113c9382dc75e01906d9e32800b18090e73e89e73aec3d6b5cd40fce450bb573f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\F2B1FBA54FEB4450D9786CEC897AF3369E1F1C01

MD5 5900a0732c988c2004552c2558976132
SHA1 86356cabb76a293e62e698b2808a0714881a1e0f
SHA256 8e87b4da87e339a21c9debae941378afe439e1e998da404ccf59aa0022dfe272
SHA512 ce3da8ef455932722c57525d7ee7268922c4c5661893edcf5fc76deca913babc7a0e40b374976d26c3773e32618f616c52e124e26b48db26c7643dd5020a0577

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\634E16DC7AF73196290DC0EEA7EC63EF6B95A520

MD5 00ee23cb6d793eb883dbc3d73900d9a0
SHA1 8ec00cb9ac25b737255a931eab00d7d5a282b5a2
SHA256 a290f0916d83dfb4070ec636fd131661baafaa5bcae670dfc0f8000753c2584f
SHA512 a05d59bc7fca24c6a232eaf79ca00d7145bafb80aa3d4a935a85c31f9fb73b67db1c2b214c9d91e617f86cd56d049fc5889e9bde21fd95204fc8074f62e45537

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\64EE8F438F62BCFE34C54F30D8E63D329DE7F613

MD5 2c616d7806857b2e1d6559688aba6567
SHA1 83bf1bfe3e5f13e65814819793233eebb8bb96ba
SHA256 fb5caf651845da28d6a8a79fa852bec1d839733a7f94c04d032bb02900381739
SHA512 aad89d342fea77ccb19b91bb523ed9e0cd7fa490b3c726d7e66089b0ad9b9cbc65eb0a8cfa588045b778f444197fe7b7d608fceb7cf029f0f9f93f3b3e8bc1b6

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\16F2B3FB682E34399CB2C500AB86967A3619251C

MD5 e8d002e484a568a76c80f48d613e71b3
SHA1 6f4f075950acede2ef03b6669d69b6a4a1e46c64
SHA256 61783ed9fd415b5d14de2b6f0e21b7b9ed13f6d743481e497179458dea872d29
SHA512 b5b640dc0b778b27f8597ab18975b000b0642a28072e7af963863897543beeb0b045ca5f6c45d28ca74330ad72d50f6ace8f2d5467fd642b97fc76e51712b239

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\D6F7536FB0861AD77B7BD39D04F3150E761C54CA

MD5 64cd60ee1ec9e01606699c91699b97b9
SHA1 8165e9040bd7f0b4e4cce08d0fc63a9520e62e41
SHA256 f7705bb255a976b7e7aff83b1dd858d1449dcdb292f3b46f463be089eb3d9cf5
SHA512 e534890529724ba1905894a103d6f7878f1b2c4e4dacea0032ca4bf30286d4d18fd97d20949e7d29e4bba4add1246f41a51a447f4887998da854012b1bc60ae9

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\45722AE6FD12AFDC2A70A368BA642949293F7F4E

MD5 d342b9d56b29fdaee94a73a148da1779
SHA1 580f84322d791cf787b6bb2b13e7e0caaaddf38b
SHA256 77d564c00d4567964794f463b99e491344504e3c09acb16ca3b006328f78afd4
SHA512 3fb0c8670e1cf473eecc1fbf0c602948b1d64deb2706700e2177270cfcc2999ee4ac9189b78e038372c5d0fc39fa85901f463692799927f4d71c8e70c2bf1eae

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\80B29C46F201545FC0026C0E16648FF5B77AF949

MD5 fee0c66c42ec8c7e6f24e473b1b3842f
SHA1 bf4e8858da6607e3ec765376d633467902027f55
SHA256 a3be9cb08ebcf318ae6a41d27d42b2c41b05dac025d0272935b6be9c0612bc10
SHA512 5015fce4cefcdbaeb2c67d2e36a3c80b420b9783d34e692bbdd498ed30c02197a0bc382a1dc883de0ef68f74961eba4d748b067aadd9d7cf2931bbd80a7707f1

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\9BF33C17D13EFC4E88BE4C9A56061E64C9F2DC5A

MD5 327e545d564b603baab35299c38b623d
SHA1 dee28e3736a9a8161004f381219d002a634e3ad8
SHA256 2db43949279bcb3d08cb4549f1e9bc6a3e55d00e30ea7f79149f4c013bc1a5c7
SHA512 bc586293ce76f8fc6c0d35daecb24d771f0e7c2030a6a9302a279c27e6b19483c5558a76d245e969eeb87c9f23c29ca0a5bf49c584da59b4074e795baf78f2fd

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\57B934D3EED8D09EBE868582D576A20C57AE1305

MD5 374a82562cdc7565e77000d577b3be75
SHA1 bf3c3c7cb09e4004b6e955a3f020cc63eefbda89
SHA256 d2731a6c22a921f005751816ee62f0e690560a14b619bc1ce98328815c3ed332
SHA512 fa8717e160e7a4c2f759ed8f9ace45a8a0914ea7af0592fff15968f30e484f6e4c9f735082969aa9aaff1e1a31d7d0a4ac74924d9fb9f7e412871220041b5f1e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\5F2445AC0D5621A2902A4D2396A980C134E2339A

MD5 ef2568187942827f6a8c18aff340b343
SHA1 1ea92dc4dcc931a2d7d8485d52452595c200d308
SHA256 c9f417b2b8f1e1a52e993193b4de27efdee6d844366b778d4b6075a4a9a42985
SHA512 24844b99c98b3633595322666ddf94b52f86bc7a05a8a6bf8cc06f16d7cfbf83368381de340e43b0a4972fa17a66e627bbb79d353f2cae8f0a3a6faffe4a555a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\EFD38084DF453526467DE817FA4BB9F05B5EC2DB

MD5 9671435b53408554b1746f6f970a85c4
SHA1 63398e38db8a34eeef96207c16a0e55f59ca99c8
SHA256 c46ec3ef40ccf8bd114d89487602d37a5b313f530d07323124f97e6cd2569ffb
SHA512 4f08075e9b96d0ba194687d11ae01cfdb5fc317c3621cf178d1342162decfe0b86e324808ae853b9081fd93da3126430a147dfbd21562ed3a3a27a259df28ad1

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\9D7200B29009692E23307DAE2B4C8EBCEEC246F3

MD5 7892ca75a83c863838e095531ecce8b2
SHA1 2e700a140a61f21667efe8815264db196b945fbd
SHA256 10e77d9487fd206a10f6297fea2aab23d638e09418e7aa5fc8a4f4396621905c
SHA512 65fae960db38647730637e011a545b864a85e6c5cebeb48d0ac2f8dab10d4117f05818f2767da9a9b01da500fd37e99029b0a63f1d6a47c153e7b0935739bda0

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\7302A25E67ED5B12BC0BFC50F9D725C0AEF1E232

MD5 cf6b98d805b8e3ff232b7d40f1387f19
SHA1 a825d4bdccf324cf86e4e9604241789122347daa
SHA256 7cdef2644b29e5282751e58a646babef56188af1a80c459a7e45700b126d4756
SHA512 0b1c262446e9d06ce555bbe4c02abe96a8aa2ef476e2bcc8076295296f7ac19231c33a5397cff0cb4c8b9d1eea7359f3ba079c41f542ab83d9c436c3ac435ef8

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\791B8A8DF70047BFA15B8104F2D15B0CB898389E

MD5 23c832a79789e51eeceddf49b95e57fe
SHA1 39aa14911d73bfe81354a328fa008b4353558e70
SHA256 a2a98abfe2fc41950f9e3753482a0d74d24f2d383f8a54afdd2880eaf5aa58a3
SHA512 e660af944f77ed5fd87fe6761d33efc50fd7782e08f041e56a96dff762bfff156cb9806960e6183e3ac04e69bb5ed8f5719ce465b0db26c3198015241fa4bdc6

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\599EB1AAB4980DFBC75515F606E8841BCFBC21C6

MD5 8d904036864adb7e7f30a636ca9b9bfe
SHA1 513ab08d61db560a38cba900a9db5b53c0cd1c98
SHA256 f19a945eb66cccff4c4c8aef5606127823d7c8e0fe8f3a32068c2ce17e9064bf
SHA512 fa723a8fdaea701235a043e95f3e431f05186ab213962395db7d4475be4e5a8950c4957d341ccbed76ddb06d3d2f058850980c0e65d5c8240f6e76fd97a5da09

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\EA2941B41F9DDBE0354E7E35C994BE2102E8C937

MD5 9741dd01f73b3838e3ae09e9e51cffef
SHA1 6bfd41a17d9a6785bc035616ef22f2f96d877b14
SHA256 1de7c8fce3ffdebaa27b824c98156c40a93b2da62e9456fcd6ce158beba06064
SHA512 41e03c12f945d1822852cfb3e76cb14fe49fb0a96784f1252511f6174c54cd55b0bf3f679c40b487d6fb8ebdc69c12ff92d6c2d4e90f9ba0536ad95ef9ccde46

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\prefs-1.js

MD5 3d1d75374872e2f5feb064d085cd4cfa
SHA1 f359d06d22f6202c6674f789d322253bd5555209
SHA256 f41b18e1c02d383f22659268b7158cd2c49ee64d37402d41ddcec6e9f5e97a75
SHA512 a7981ffecc2279d0abc78f45717469c2517eeac6342c2201ab8676c725994651e2d53c686c51e096d1bc44b2b1a49330bd2a5a7cfaf843e679f09ff382e91e08

C:\Users\Admin\Downloads\Bitcoin_cracker-main.sOrfBFVb.zip.part

MD5 1dc1d310cc65fbca590a0e8f0c5cc425
SHA1 70d2935e25bcb1969ba42583d54eb781a0952b9f
SHA256 b437653d8dbf97478debab076609b3a9292f203bc6a7c42c68237084ac8ab1df
SHA512 3775d4922a48c25992b5c813370b881290ae9209eab28339a100bcf83e3a0f97016f2a2839dbb56323e8bf2bd87051174717294ef7327ce62178a6612afb1e92

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 9c60c022b9db01b79fbded45f501b1d6
SHA1 ce6d647295972e083f9bb4cfa18554b61392c2b4
SHA256 c7c1903deeab159f10cd6afa91be25cdc5793e25e7e5b7523a597a69514af465
SHA512 f29e4509bdbb5a859ca23e0f0b476605c1bbe9aaf313a4c5ca672f739e6db96ee4227e86cd5d7be5a3d9d8fef1ee0a150d4c76e58a675dd0d4928f055c3c3383

memory/3944-645-0x000000001B340000-0x000000001B622000-memory.dmp

memory/3944-646-0x0000000002420000-0x0000000002428000-memory.dmp

memory/3944-647-0x000007FEF1D10000-0x000007FEF26AD000-memory.dmp

memory/3944-649-0x0000000002820000-0x00000000028A0000-memory.dmp

memory/3944-648-0x0000000002820000-0x00000000028A0000-memory.dmp

memory/3944-650-0x0000000002820000-0x00000000028A0000-memory.dmp

memory/3944-651-0x000007FEF1D10000-0x000007FEF26AD000-memory.dmp

memory/3944-652-0x0000000002820000-0x00000000028A0000-memory.dmp

memory/3944-653-0x000007FEF1D10000-0x000007FEF26AD000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cookies.sqlite-wal

MD5 625b96f151e6e6ca81fe24ad7cace1be
SHA1 8bb6600afce822537fcde7db334c53511758d3fc
SHA256 8b661b5d074bd8d147ac46b5f638daf9fd3c4999c47e7b54f0d99e5d9d776b47
SHA512 02da09cf604c55d21e1cd7653669e9a27d688619de86917da02bb947355510f7d9982ad7ebd90c7e2de792d6e792ca2028d3912f7780202ec1ad15ae12a53c1d

C:\Users\Admin\AppData\Local\Temp\iK84dLdhoksjvMNzFCMqHmy4pGJG94\sensitive-files.zip

MD5 2711afa05878242b7f8a258d4e3dd507
SHA1 ec9907c89cd68fc8b1c5ef6da4892d1582993168
SHA256 d4dc2b3c7ec60fc68550079b4a2c73b92d7b46227909f7a95fe80359e87d35df
SHA512 905abd881856d220b3cd602e37588b3c397483aba900aebb22ae1943387570e2329b26082732b172d66d3d56d10113a429eaa0dec90d0496f6471d130e3b6846

C:\Users\Admin\Downloads\SetupFilePhotoshop_Passwd_2023.Oyw4JkD6.rar.part

MD5 5ddadbc8a9497ee7f3c120f23e1fb55a
SHA1 d861e39b15247557c7c270d97da68e50dffb3b06
SHA256 6aaabeb60019d17e5a2d87dc2b5a70eb3f8d58c33923ea7daf62afcf8adfadfe
SHA512 76cb9f3b2d3941e4ab98c5c9e3373784248eab4a505fe9394b64aa0e762269e20abe62d6d9501104ebea2ff48700b559d6ac494e6d27639e7d2ea011029b9710

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 7055999fc168252f2aea90246ee3d9ee
SHA1 a39a69453b48f1064bc9d1d349420bce9afc2142
SHA256 d34df237b40be314eca81e12bf4d39b09ad54187267af2cfd1c980893769432a
SHA512 4b6d3f477ad46fcb90b775bd24d5b5026d2179c870e893582f6a1af79ab501fa7c1eadf15673d8709a394555269481891a7625b494c0d0ab3c63db71af2734ba

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 b8bc8c62b62ea8209e1418f41e8220bd
SHA1 837dd39464e9e0582107fea023267be44c67dc9c
SHA256 2fb291161fbff132cff7d4aa872558446fce00afa08bdd392feef6c61d2015a9
SHA512 c9361908fc1d37b99ae9c44913fb4d86228aa7b30ba9cf10c5e91159fd44e84402bee4520ac6392ae0494f52475db8f1cedd4d46c052f77e3e66772ffd3c2060

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms

MD5 46ec01d668098645f4b24c24c38a1329
SHA1 cfca0c6d5ca1011a24c5be892a7b6cba3e8f2af1
SHA256 086a9a4325d145b256f04d75a059173671f21ace5538a8fb17015f97e4ef9a39
SHA512 d7ff537cfda034653e3e9afa4191680d376917c4c925467dddba324348e00af88b9a30931b870a69adea866f591f578aeb2fc16b3134194c28ee11dba07e63bd

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\4RUD2JH97G5TTPX5Z6OX.temp

MD5 46ec01d668098645f4b24c24c38a1329
SHA1 cfca0c6d5ca1011a24c5be892a7b6cba3e8f2af1
SHA256 086a9a4325d145b256f04d75a059173671f21ace5538a8fb17015f97e4ef9a39
SHA512 d7ff537cfda034653e3e9afa4191680d376917c4c925467dddba324348e00af88b9a30931b870a69adea866f591f578aeb2fc16b3134194c28ee11dba07e63bd

memory/2764-745-0x000000001B0F0000-0x000000001B3D2000-memory.dmp

memory/2764-746-0x0000000002490000-0x0000000002498000-memory.dmp

memory/2764-747-0x000007FEF1920000-0x000007FEF22BD000-memory.dmp

memory/2764-748-0x0000000002900000-0x0000000002980000-memory.dmp

memory/2764-750-0x0000000002900000-0x0000000002980000-memory.dmp

memory/2764-751-0x0000000002900000-0x0000000002980000-memory.dmp

memory/2764-749-0x000007FEF1920000-0x000007FEF22BD000-memory.dmp

memory/2764-752-0x0000000002900000-0x0000000002980000-memory.dmp

memory/2764-753-0x000007FEF1920000-0x000007FEF22BD000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\History

MD5 90a1d4b55edf36fa8b4cc6974ed7d4c4
SHA1 aba1b8d0e05421e7df5982899f626211c3c4b5c1
SHA256 7cf3e9e8619904e72ea6608cc43e9b6c9f8aa2af02476f60c2b3daf33075981c
SHA512 ea0838be754e1258c230111900c5937d2b0788f90bbf7c5f82b2ceda7868e50afb86c301f313267eaa912778da45755560b5434885521bf915967a7863922ae2

C:\Users\Admin\AppData\Local\Temp\History

MD5 90a1d4b55edf36fa8b4cc6974ed7d4c4
SHA1 aba1b8d0e05421e7df5982899f626211c3c4b5c1
SHA256 7cf3e9e8619904e72ea6608cc43e9b6c9f8aa2af02476f60c2b3daf33075981c
SHA512 ea0838be754e1258c230111900c5937d2b0788f90bbf7c5f82b2ceda7868e50afb86c301f313267eaa912778da45755560b5434885521bf915967a7863922ae2

C:\Users\Admin\AppData\Local\Temp\oJ3Mc3uQuaMWFBgencFu9k3ymwA22a\user_info.txt

MD5 2f3a4d111f621e717d5cf1a15e817975
SHA1 9db4967ea85f1cd643adae26a3e3877128d36982
SHA256 1623573acc682660d7288ee976e70038bbd0d70000cbb1b63d8663a5c1cda52b
SHA512 26d8c90ca2597cbe34cf8dc8e930b9333214d33960a6ee644837e22040c584238f73ee6e48113ecbbe0deea70042682ebb1f590f85a52b2168a4a4868c7df3be

C:\Users\Admin\AppData\Local\Temp\Web Data

MD5 e1c67fb5f1e06c0c5bfd26ae70976cf8
SHA1 f117f9369b2e44572ba395771f0d7a0a25de86bf
SHA256 5de4b747cc6a10c15c71217c7f25e6567c02c1e3d5d3ec8278ac18140a4679b9
SHA512 0b6a3925a6802bda541c3b59db1f31177a8ea6dbceaf889184c1919546555b2044acbda4f462c69c1fc8fc61982bea5fe83e320d3bf3df9e2a6d27ea4eca90dc

C:\Users\Admin\AppData\Local\Temp\sensitive-files.zip

MD5 233c3847966fa41b144ac2532f26da76
SHA1 7142dca6443e1571367d642f2a54697c211ae5a1
SHA256 89546a811b5fdb753a5d96b76b8babcb4b1158c9499630bff46a825c4a1775b3
SHA512 255c69e6c3050ad49d8831c9faa3dbf39a05410a596faa13a23121ef8fe6802c6d38424903c5bb57f6810067c17af544ed4aeb90b662d6ac26768fd0f698386c

C:\Users\Admin\AppData\Local\Temp\Cookies

MD5 c9ff7748d8fcef4cf84a5501e996a641
SHA1 02867e5010f62f97ebb0cfb32cb3ede9449fe0c9
SHA256 4d3f3194cb1133437aa69bb880c8cbb55ddf06ff61a88ca6c3f1bbfbfd35d988
SHA512 d36054499869a8f56ac8547ccd5455f1252c24e17d2b185955390b32da7e2a732ace4e0f30f9493fcc61425a2e31ed623465f998f41af69423ee0e3ed1483a73

C:\Users\Admin\AppData\Local\Temp\Login Data

MD5 02d2c46697e3714e49f46b680b9a6b83
SHA1 84f98b56d49f01e9b6b76a4e21accf64fd319140
SHA256 522cad95d3fa6ebb3274709b8d09bbb1ca37389d0a924cd29e934a75aa04c6c9
SHA512 60348a145bfc71b1e07cb35fa79ab5ff472a3d0a557741ea2d39b3772bc395b86e261bd616f65307ae0d997294e49b5548d32f11e86ef3e2704959ca63da8aac

C:\Users\Admin\Desktop\SetupFilePhotoshop_Passwd_2023.rar

MD5 5ddadbc8a9497ee7f3c120f23e1fb55a
SHA1 d861e39b15247557c7c270d97da68e50dffb3b06
SHA256 6aaabeb60019d17e5a2d87dc2b5a70eb3f8d58c33923ea7daf62afcf8adfadfe
SHA512 76cb9f3b2d3941e4ab98c5c9e3373784248eab4a505fe9394b64aa0e762269e20abe62d6d9501104ebea2ff48700b559d6ac494e6d27639e7d2ea011029b9710

C:\Users\Admin\AppData\Local\Temp\out.zip

MD5 2e7145228dfc0e3e6950d77ec52f9660
SHA1 fc896a34e2960901a7e6b8ffca2fb29cd70b974e
SHA256 094fe7623253f27fdbea6774b6c3a6e377176e17e65005ebedc3add4b1be7714
SHA512 e5019d1bbd0a531c241e5e9ba92bdad98ff72521cd4249ee85f65de0359acade70d7ffac2d3a1a8d783138ae77719eb026e4dc46a8c14b976a15acdc16959e9c

C:\Users\Admin\AppData\Local\Temp\oJ3Mc3uQuaMWFBgencFu9k3ymwA22a\Cookies\Firefox_qnq0haq7.default_Network.txt

MD5 4d77a3d8ba5de012eb0eed13e15003eb
SHA1 9279f230f808766c179b513e9113d23c59b5e8f6
SHA256 69371bb100e608e063f1107039e55ea1f18639bd8d99257d7e8ff28fce71af46
SHA512 cb8845b232bc423dfa5465df81e9284d33eb689f6052f59ffc5f94308928be635b1a15dbb6ec0d5b5d329d7bf00a1f0a1ef6949ee451aba990b893212f66071c

C:\Users\Admin\AppData\Local\Temp\oJ3Mc3uQuaMWFBgencFu9k3ymwA22a\sensitive-files.zip

MD5 233c3847966fa41b144ac2532f26da76
SHA1 7142dca6443e1571367d642f2a54697c211ae5a1
SHA256 89546a811b5fdb753a5d96b76b8babcb4b1158c9499630bff46a825c4a1775b3
SHA512 255c69e6c3050ad49d8831c9faa3dbf39a05410a596faa13a23121ef8fe6802c6d38424903c5bb57f6810067c17af544ed4aeb90b662d6ac26768fd0f698386c

C:\Users\Admin\Desktop\ProtectFiles\locale\es\LC_MESSAGES\vlc.mo

MD5 8bab8755744626d47869203946f4cd35
SHA1 91845527fdba9ce803a86005011adf4708d83cd7
SHA256 cc92baa057cffefa75fa1e70fc0df5095ab2807237333826bce6d820e3d279b2
SHA512 4d3fbb8fd296ed54653ab82e207b5fef22c38083741f058ea40776d36b51cfaaa237043c66c5c6b9a9ea230334ef56324981945afacdeb67a9049778e358c021

C:\Users\Admin\Desktop\AdobePS.exe

MD5 2902c4e80adf17b8c068d859ba3398ec
SHA1 2c09243de3cb907386901397b622518b0e23166d
SHA256 1b008b379597535209cf0d9d09de24bdf635a9dc27869cbfdefed2b41e68f2fd
SHA512 3c5be5d794b49d2987f010f0ca24b4a148bb31ae0baa4c067b8638b86cc5367ba27f1e5f51b19ba8e15175fb6cfbecae366a7ff0fec3749d1ff779f9f08b21c7

C:\Users\Admin\Desktop\AdobePS.exe

MD5 2902c4e80adf17b8c068d859ba3398ec
SHA1 2c09243de3cb907386901397b622518b0e23166d
SHA256 1b008b379597535209cf0d9d09de24bdf635a9dc27869cbfdefed2b41e68f2fd
SHA512 3c5be5d794b49d2987f010f0ca24b4a148bb31ae0baa4c067b8638b86cc5367ba27f1e5f51b19ba8e15175fb6cfbecae366a7ff0fec3749d1ff779f9f08b21c7

memory/3100-1006-0x00000000012C0000-0x0000000001D0A000-memory.dmp

memory/3100-1007-0x0000000073DE0000-0x00000000744CE000-memory.dmp

memory/3100-1008-0x0000000005A90000-0x0000000005AD0000-memory.dmp

memory/3100-1009-0x0000000000C80000-0x0000000000CC4000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 f73122f51a8a3998a0be379afe22df1d
SHA1 4962155755a23d9501111bf420d3b7bdef25c483
SHA256 edfaacd4640e3730ec1d64f5238bd6b8b4d6c379ff3af5a3b7257cd2ef40f3e7
SHA512 37bc19971e3c17a407eae4fa9788b0c83649503c0f232eb311046ec44b773f37255ffa9d73b82589cca588b6967534f302ccb6bc1209b3e1e56084d573a03116

memory/3100-1020-0x0000000005A90000-0x0000000005AD0000-memory.dmp

memory/3100-1021-0x0000000000540000-0x000000000055A000-memory.dmp

memory/3100-1022-0x0000000000510000-0x0000000000516000-memory.dmp

memory/1380-1023-0x0000000000400000-0x000000000042E000-memory.dmp

memory/1380-1025-0x0000000000400000-0x000000000042E000-memory.dmp

memory/1380-1027-0x0000000000400000-0x000000000042E000-memory.dmp

memory/1380-1029-0x0000000000400000-0x000000000042E000-memory.dmp

memory/1380-1031-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\jumpListCache\AI7ERT_zFRP0OJPLp6oxyA==.ico

MD5 6b120367fa9e50d6f91f30601ee58bb3
SHA1 9a32726e2496f78ef54f91954836b31b9a0faa50
SHA256 92c62d192e956e966fd01a0c1f721d241b9b6f256b308a2be06187a7b925f9e0
SHA512 c8d55a2c10a2ef484dedded911b8f3c2f5ecb996be6f6f425c5bd4b4f53eb620a2baccd48bac1915a81da9a792971d95ff36c3f216075d93e5fd7a462ecd784f

memory/3100-1042-0x0000000073DE0000-0x00000000744CE000-memory.dmp

memory/3100-1043-0x0000000005A90000-0x0000000005AD0000-memory.dmp

memory/3100-1044-0x0000000005A90000-0x0000000005AD0000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\prefs-1.js

MD5 62bde5860ffd6bf04040fa6d15c00684
SHA1 b061265f2a1060921b7e21d292d3cbe05d9f7577
SHA256 572b9c2b4f833557ce9b49169ea9605ec45d60ac70db5631c4a1a729d3be34a7
SHA512 519fbb4ab385fe9df03808b3ab2aaa0b6689ed6369fdb811e73ac3838d45468ec081c726f863a146c989a3113b43dacfbc8c40d4551c7a9675ed123c2e5a831b

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 758ce5fb8252b48442bb3d319c4e06f0
SHA1 63c5c457298516214beb0bbcfe9aca95e53a1b9e
SHA256 1d3743049c25085f4064b009d30b5a54f0d3a27a51c82c0d8b779f8b329c775a
SHA512 5769674ce93ec5740da83c0cfbe5529395d0e03913d80da9a886029f7f39d1cc75ee0771bdcd30be5ec21552836f2f23b3579ae4e1f41cf57da3b2e696f401ba

memory/1380-1127-0x0000000000400000-0x000000000042E000-memory.dmp

memory/1380-1131-0x0000000000400000-0x000000000042E000-memory.dmp

memory/3100-1132-0x0000000073DE0000-0x00000000744CE000-memory.dmp

memory/1380-1129-0x0000000000400000-0x000000000042E000-memory.dmp

memory/1380-1133-0x0000000073DE0000-0x00000000744CE000-memory.dmp

memory/1380-1134-0x0000000004C00000-0x0000000004C40000-memory.dmp

memory/1380-1135-0x0000000073DE0000-0x00000000744CE000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\1AB238C56C3E1E4DE2E632AD5695F28E68F60C1D

MD5 0624530695c96c27219ce7d64c99bbc8
SHA1 adeb4f8ce57df30eed0eddd7a4bf9fb15a0cbcc2
SHA256 eb954bbf664b1a32cf772ded014703442cc5adfa6c0eab5f28dd2e86994a2f3c
SHA512 4e4e58def12ae24aac54d9aee37ad57b8751401c04370125144e70114219e0f4de0537f64bc9c5320398c30195e6f0d25b5c275460aa1a61449842350304dc16

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\7915B44A331FB888BBC3F7445632DD7DD9014AE6

MD5 e23cce8a50261f3f0ff8fe65299fc03a
SHA1 db4ce33649f50799a13a42a72c2b295f849f2d50
SHA256 868642d8d32682ada58da9e89b2a50f8a069061bf66f994705d32935c0084d28
SHA512 c2cb16872866a3c2355e5450543c471a333953cd3e52d58e342bcba6529b68b5cd3c3e9ffb3c7fa994f15367859971320e0ddb398fedd6722e7d9e985c4f4306

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\90782B0514423C42E7C23F574ADE1F1897964BD0

MD5 df34c4700c0bab45de412e01e89084bc
SHA1 c3c172fa726f48b775872d810e96ffc9b3344d3e
SHA256 5d319ac9c960d0dff8c8847d1b260d53db450e30e108a6cf632dfeed83c6995c
SHA512 0c9880198b75e00d08acf6fa915f04b02dee1898c6283f94298b69a507a93168e55e3c2bf0b59a0101405860ba630ff4cc6f8d31f602bd7780da47da7a3651bc

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\A6C74BC2260EAFF823C7AED38BBA607C962CCB55

MD5 e7d0ecdf42bb3fb1833a4316272bd06a
SHA1 2455c155d7da9d068aba155dc8ccc9d6bffeb9ed
SHA256 032e8b9bd6c07a8775e08cac81eb0eb010d75275ddd131e88e41196d37a379bb
SHA512 fd3bda5fe6e717af56e69443005c0b8e566c74b9cdb43051334bd483e2207b86e41840836b79c8139699a685808df02f8234e8a8277d60ecfc3ac440ab8ab997

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 743fcf87b97b73302cbaeaf1656a68cf
SHA1 fe87550a7ca3c2acc17d91cdb9bccf43053468e2
SHA256 e19d5b0ffdc386b64990796a8862cf069f4bcacfe93a7cd034d3792e016cae6f
SHA512 51f39d5565a7880fade395e356940b509c7590298910fa4a489922f2b4b560b7fbc05754f38649bb1e076707ac26ece7630ac2525fb292a314c0fce4e830a4a3

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\F967B2DA0354C146A34E7D56BE86D6657F58F8F7

MD5 4f07dde9708f7fc965b60f9586cde996
SHA1 d48648328e4674c0acc7fffc328ddfbef58e58c3
SHA256 b4ff46b78a7fe74ef724c07f6b41844111237bca12bac418779fb6eeb14d7704
SHA512 ff1e923e24d9ef2ab0a870462bb7ef189eed04981bfc07d0bb99f993f2785bb1904c75a982173ff5289e530aef7514600b40071c8ca8e9330fc5be8b3a76180d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\CFBF92CC617886962DB7CADC17BDF8E8F6B913FA

MD5 0288df49a595dbd2c32e36aebb11bb8a
SHA1 f22ef92dde7ff6ee3b8b6fd8c37bd1213d7ea9ca
SHA256 30b0d2cbfebca36235e285be17917d107054310ef1333db3d54e50ecbd3a4249
SHA512 17b4c331a48743742c925537c09671e2047dae07f6f967428db2d96f0c2c24727a03d305d9b5045c1b9db6421566d9fb918be4572591fef35c6e33d8a9dc09bd

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\5C922C14483235842480F67C88A340D188808C2E

MD5 afdba1427fbe3f7e1d65253b1dcdf1b3
SHA1 a02844c730970e5f4b2025b55ccc3b85d563fd39
SHA256 e5aad9c2a3108d624edba2b77c637478f565049028b221694b97294ed483fc3e
SHA512 28fc8223be19368dd3dd986bb98b9581c928cb7f984489d6cab95135642c4dedf04d00809dd2e599a2fd623da95878c66070dc8b5eaa97142cbed24b088eefcd

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\DCBDD83FDE4ABA4007234D9A7FFBA7276277C5C5

MD5 30f8b4ad309106c76bab94b3de684350
SHA1 88533fb0ea191abfd18c6763001fe55bc7fae9ae
SHA256 04eb3faa6c90cf10bdb133bfd13d6a792d247e331be3b4ae67ff5dcb1929425e
SHA512 509da8c7806ffabd47d4c3b6d9f1e09f39e09e4858fd30f92fd4368b15c926953a7e1a4d891cd44bc9eb1e09bfd7b445f0b7352fca9cfa75f2207d9c273caa21

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\4E384D01DBA6DE1349867B8074355AD86F5F3D65

MD5 728fa21543ea41e47e64cf172b7fa5da
SHA1 c47d09a3a5adf6752889faf4867e2001d565121a
SHA256 18d52669088e70a8d4a065d709c154a252f6514f3b3cb350c9d4b267f4dd5019
SHA512 031f24464f665203bbd3d9e3b5f8d234186314289673ff38dcd221c145a46208567fe2e96a244dfee00701ec9735b41747a9ea668c61a9f871d838b6c7cd97c3

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\EC8BA141C21C8E6499621B50663213EA1B376A49

MD5 20c702245683e583353cda89a63b2fbf
SHA1 5129ed53553595718ebb0c4e87ccdf81db11f7d7
SHA256 a11f95bb517c8d620a182a6d08ad377aadbb102d292a44a5d4a61a3b8f649b35
SHA512 3116a0f0c77fbeb9865b6120f858f71060903a3ff7268c8fa8d438da38f9bbbc7f0bf70e96d8c5cb3a42e6bfc579acdc62b428067ba7d1702d81eebca71a23db

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\47AD825BCCFD3AB729B26069ADCC155CF7295280

MD5 0dc4d628303a14b6f4714dccf2ba367a
SHA1 f28cf7ae1127aa0c71e4ee64516c9d68b2938022
SHA256 0d0d29dca988fe57d848d886abf1d8ac961c3e6eefa15d0a695c0e441333fe85
SHA512 5b450b149e2c807f74ca0044dbce7e0215750cda523d495660ab458c705d9eeea839542a5c8602e992f5c08b701b8a8d95942db8a9523294bf7010209c81d367

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\6A5930AAA22085B822AEDB3F0DD0274A430ED3A8

MD5 70dbf1dee26478104b1bb1edf64b89bc
SHA1 a9b7614c03f774cbcb4e3d2a5354f8df9048877b
SHA256 924abd713cb0a1a9a660802a93539f5f94030359c0f9ce72ab692e4c7a3e001d
SHA512 649988efb6b489e9ba3b58771f702ebb8fa911e2cd2593010cae29cc921bf0648324ae83bd373831ca45f3c36cb75ac8e3e8112f9466800b4d550f47d4b047aa

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\E08F5F083A64B55CF86FBB2A2CCDA56D0694BF0D

MD5 b66543ea9bd99087c067b25b8d731d1e
SHA1 381d7760868255af669a5aa02a8bcdb99b8d9cf8
SHA256 2512ecd310ea78acc222e0cc2f61f08337e26407791de0a6d2afc99341eba1a2
SHA512 93ad0359c5620e3c2492f8a8975476bf076f60f7db28d579fef4c4997fa1e853c1e3a6cfa9a14155e32bf5d16d8d9f5c39bb1dcb9639365aba333a6eb72a4fb3

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\A5F91D876B33AFFA777B26404E018CDA9EB8C568

MD5 df619ae9acd4798dcc39eba9a9182b6b
SHA1 ce6c3890ab6c4b73acc39901e54f2ced531410d8
SHA256 8c7f255a366df647c733051c8918ee32265fe01c78304a0f079fc835adcb6fe9
SHA512 2c842dd02eb3014ab6cba9d3bfff2f51d2cc5932859f243ce9c532a0cab2d142bc54ca0546b1cdb21e190359b3a19c8796867445527f387e756bb55021f191c1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 84521dd0b072244a5516efbec79af454
SHA1 9d768fd2c57feeba0e837639c247c6285c567a00
SHA256 dc97421065f188596a673f67673c4e9d2141259dfef5e77cb6ceb3c7492029d1
SHA512 8109fbca3182a0624a42e6017066264b962647263669eab6f9794cc9eeb0d603ce360058d997cd512e2e3bfdb855183846db5e3d32dff078eb52b3c6feaba314

C:\Users\Admin\Downloads\Tradingview.YCy70k40.zip.part

MD5 a1c6f4f1e5694ddc84ec3e2575f4a349
SHA1 7ca78399350bcd9ca5a937d89cdcd217f1098a6c
SHA256 2164ac310ced5d302a5a35559b7da8bf43c595e515b1078effc6e02a14a5aaf9
SHA512 0af229ce22597d4dcff92fb55ba963232aefff07a62c248e762c7fffa34210691cd0c2a4347c8cb102106700b692ecfd85ebd5fbfb3af16ee052259fbff34781

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\doomed\19455

MD5 3bdd7e9e82fa06ff878ca9c33631f283
SHA1 aaa096f4ef6dcfa1738795aef60aa2c3fe4966f1
SHA256 48ec810c52bfc8206114e240c46b9c3574f2ab5d1fcb47ba9bc4d04b3372249d
SHA512 b216d16d8c0585b494de12e60c257433213c5190dcf496e230856eadefc45898ae53313ecc428554c61c1dcfefa1b378ca90723e5d0967a26eae15e8689a74c6

\??\PIPE\samr

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\PIPE\samr

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 3c3925f04ab60733876028583876a9ff
SHA1 f4e8448bf104eae9a3d6d48557b351c488c73f36
SHA256 16daa8ad3d8fc90347b401d9f71e043cecbe761d91a422ce3d1c66a15f6190bd
SHA512 0ea2445435dc88185b55ec853a54842f657aa7aeb03997ea83f6506416b2d5dfd47b4de99ef668a5c268859899251656fdf0494b338df6e96053cdc54e86361a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\B2D89E772F04CC441B00D9374C94F2A3AC063188

MD5 c3182b7c04ed36f7f8f8c18917091d7a
SHA1 03fc8f18115c247b44ce1b8d46bc2d9585bc849a
SHA256 7ea671915a97666b2f010ae9aa351f58a6fce1a58ed054bbc72ff2374ad146c1
SHA512 74966fccd7d51aa0bc194f02bc3cefb82d0c210b1e01d8163b3aaf6b0827cd74130b36d16e1eb3a910ec3e11abcf7b52acfcca4844601cac5d2d86d4b7e6ec7b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\doomed\14987

MD5 b9a1933463f9e52fd6cc4edb59d646ab
SHA1 053a35dcc10649338614d5d312e49d2e43595061
SHA256 e67363b16b88d539d7bdbbff0784fddadee4b695c10b12d5c057d17f43747c60
SHA512 1c7360e4a42429b228943158bffd57d7ac489c77fb32be92e8962fd4fb8a6b9f335803481ce14b9c36e335cbce59969eca1ebceff578bc77736f86416664d745

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 7192c509a074fddad1c887ad1552dc89
SHA1 6ef0acfad95809a58cfd39e3f86d469bfdb9e65d
SHA256 f4500a1f6a2bbff5711f19832f80374d680b74d1cbc0866e305b43f28bee3084
SHA512 349bb017062a98e27c965146ddf09994d93e61961b9dcc705251c964ca79884d47f1091fcf5e1935319ac5560865e4835daf672a3da371593746575433817309

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\doomed\32169

MD5 97c525e0906179df8cfe95ad09c45891
SHA1 b0b480a1e44fb1cf32364d32f3ec88b645337ae2
SHA256 665c778025acda13a7b42cd346d9025d623ba795ff45fd9be9cd2e47b8fcdb24
SHA512 0faaae6f27a44c9e0f951cce2142a07e80773ab4dd8b0a9722e8f86876ad4359fe93569bb13856ea06d62039b3c400ee1df0b222f7792e7b7698eb5fa45b4c30

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\doomed\23843

MD5 b81a56875759ef9ba65d29afa44baa42
SHA1 8a93e8068573f8506913b465615d981b1bf5fb17
SHA256 07900aef42d9ca32fd3ac7d7f4ea0238ae5435c90a5951525573017940470cb7
SHA512 313c67aae0f384590b9e462d9dd3e355e8173dd3facd84f7c5bf186e6921693d1fce6e8591885cdb0b4ce1ee74294d125a0c5650ea3c04e437571537f75d4dbf

\??\PIPE\samr

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\PIPE\samr

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 7ee2c07330c7f876f184ca8fa7dfa5a0
SHA1 5c5ea039bd1cdeddb15ea123b4b4b36e50711c07
SHA256 29f05689dce93f00625df033e8d6a6ccd79a4cfb6c07e9f1dc7acd2c2e4b7712
SHA512 a935f549c3272f8803fd50f7a896656c1e14fff25e3063aae5bee751dec83db1db54d86a0fa3a71ceb149733c7c40bd0cea34353ffc65ad7bd9ef7709b406562

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

MD5 a0fd8b53d60740aad4ccc5496d9424f1
SHA1 313c0984dc40f3fb4127f0e9cc6cfcbc5c7cb7b4
SHA256 5f5571f07b565fcb6aa16b68f8906458115ff892e4fd5e4232017ae076f4e678
SHA512 997c559af1ca0ef586334dd4e7bf8b7390667af9038f1f0ef2634b9ac0284ab8514303211967ea4aa2b916cbe9dd35b8c11ad115e0c1f8e14881bacfcc9e1c01

C:\Users\Admin\Downloads\Tradingview.zip

MD5 1ddd88d3df4e6d2209c12de01cbdb289
SHA1 f357d04f4d765a14b37234a22b470e617e3eef4c
SHA256 be02ded56b755d5551c334a248ee01924f06d25c7640482127e17ea9f7ca4ec6
SHA512 bdab6139be51c17b9379731af82195b434ec68c4ed9547c795e8262d03461d8b324b529d6d83273df07d57056f62ae170ebd7a6f78337c8339a5f81f92fa7dba

C:\Users\Admin\Desktop\DenyRequest.iso

MD5 56f3cc331e54cbd16938dbcd5dc11db2
SHA1 d013bf5d48191bdb829ef37b771b3acf15f85df4
SHA256 e9e2ebd2e398f0120d40df4d7187c7737bacf3c695ca1a74a14706c91c598fcc
SHA512 3294ce5b0cb85daaff74b25b0c4673fda1ae1fdb49905030f8164e878cb2feb6bba9871a93fe7fb684d74ec2edf0d36491a288d36256085ce11209c3877e9a7f

C:\Users\Admin\Desktop\ExportOpen.xml

MD5 90093a922c1d7e77921a992903b46061
SHA1 f616a105a2b79e86582c4ecc55d885f9f8d320d8
SHA256 f997f7d265cb15c5814e20eed6d8c94b47621fec7f808177de0ef39d7e65f02c
SHA512 51cd01db78434ece5e6b24c6c9c88ed1bd2674679507fd7bf1e3d883395b306f8400bb5d9e04af4dc6059a56e506fd9b51843ebfb29dbdd972997e8ffb389671

C:\Users\Admin\Desktop\StepRemove.bmp

MD5 70af1232643e1aeab92d049986cac92a
SHA1 ef136a93ed159e54c3385a9e9255231099f31b87
SHA256 9fa5679cbbbd5d471c93981e4ebb5e66076ca3a0296acf753db4a9957b52150a
SHA512 61e8521cbacb5e793a6bb664e27b25bea971293329912d7787025abbeed6cca1f9fda17c2afbc88deb8911d7673b6e0b012f146a963344500b45507c4b2d587b

C:\Users\Admin\Desktop\UnregisterShow.wmv

MD5 5400050baaf97888ea91db8540e1b45c
SHA1 8a90e0f6bceb43d705ee3cef5687ca22472eaa68
SHA256 3e20a794b4d8b667d84c259e8a52d70e3fa3f5eb9debd2a625de71a4071840bb
SHA512 09444470dce772e4ecdabe79895fce3e442eeb6885f3766ec6e13b6060057faf1bc43baa6b157d6f2f02a3770e0ebbac7dc29634c98e174b8e068c605e6ee7ad

C:\Users\Admin\Desktop\WriteWait.xlt

MD5 6c90dfcad187b9f713ada7ad786039bd
SHA1 64bbf2506eb48094e59ccd5bbf1f65c7eb546f22
SHA256 a9fc56fc229117e63a55da7893e37f63135cec48bc87e465ebcc629cf82f86fe
SHA512 b187b0eeb27bc77f81e8b1dd34d95793bcb8f8562f0abc42db9f556909c5af0b1cc557e58b899ce39f933963b770a96f13faf5ee6d70c9304d30661274f69e7c

C:\Users\Admin\Desktop\WriteNew.mpg

MD5 2483540d7415d83bec94ce2a69b05ee8
SHA1 fc5d906305894987a92bd3b34f2950562e013ec6
SHA256 807cfb3219c37c4a68554c80a3ac4d68205b1b2961afd94269813604e683c630
SHA512 9361a3b0c5ead53e8cef4b983dec3d3aba8324f794c843a18fe4fedd673b165a5038f742ed4960451df8b518910171873caaf6ba277f34fc38d8df879f54c736

C:\Users\Admin\Desktop\ProtectFiles

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\Desktop\TraceReset.3gp

MD5 4d567d35265eefe9efdb2f13aad54bfb
SHA1 c0c79b44420dfd70a5ba15ab2494b69cb05467a7
SHA256 2d7ff78cfe36d2a6464b40fa3e48b418749c9b77d7bb7614c9135ed8c1e9fcef
SHA512 760dcfc927f46b031d84198c6c0965742b44074f1d27afab3589d38ac2eaee609c64bd0e502e279e2e8b2e18d3887bc3b201f7f369e84297137603368da5f3ba

C:\Users\Admin\Desktop\RemoveCopy.mpp

MD5 a5e53545f3e0fb7e3500dbad4a5f6708
SHA1 0ea87827629fb93161c9ecca32d72097cfdcc92f
SHA256 a029795f90c4c66011806e6ecdd325ec5fcc6866a25579978c4e59a69bb14b7a
SHA512 5b404a860f18b3f8948105a288aac1205fe1f4dfaf2b1c7435ebc141712bb3b91bdb4891d521aff58f0d596ef8c4f906d4ad7526f85e7c1d3700dcc295ad9b4f

C:\Users\Admin\Desktop\InitializeApprove.nfo

MD5 fac4e0e277b3eee6ef4ae93148eec32d
SHA1 2576556eb71bcb90362bedf17a83a55d31252280
SHA256 07495b60174b030b4cd2631a150bf8f2adcc35d2c3ac80d4741b773ea204b085
SHA512 7400d01e22e3a01e687d7e8aecdb86e98e509ba00be20c3e8f911a59498175380b9cb6e0fdeb9688a3b47f32135c0e79433ae75281b1a8acad697fc96c72e873

C:\Users\Admin\Desktop\EnableSearch.vstm

MD5 c09c18c879a84f33018b3aa710ad5278
SHA1 cfdc1b3a95eca7513eab30676b0eb3b5b0b8636c
SHA256 d9b3ccd75063a906eb9a190e904b8daba46b9d714c01908e09ccd66b8193cfff
SHA512 aa6854ca95bc423b0d7753854e1fe9b26d95f0c6b1a5efe3472e2fcb0c3e4791e6660d0bdd59dfd81bed9e5adb37bb6624fb0917567a0ef2e0b7e13b283eb517

C:\Users\Admin\Desktop\ApproveRestart.3g2

MD5 53c6cd8d8bfa7322b140cb012adfe531
SHA1 f161de6a71c5f98ac98ad27b49977ff70c3eb96b
SHA256 dd23637a55e25b546f1eb6a6385b3f697be903f388244cafc439581e4b9d4995
SHA512 db5469c35f3a454136db6e510899f9facc12cb0cd84c1f3618b16c8247fdd82c9e51c7f70d779c4d238567b266a2ef58fb87d000ff3019bf4b10e4c717216176

C:\Users\Admin\Desktop\LimitRestore.wmx

MD5 9ea163628275640783bce3297e64ccc9
SHA1 62781a8a117af7908e7c9afe375f7aacd6afca54
SHA256 29e417ead8a75e390756b6fa342a3ba051be80d39bc04abd0a8caabaa4b46515
SHA512 89feed3c4161e682b2bde1306f5f9a3d462fafef7cf9d2954472048bb70ce8094f8477825e6625312c8b3d8d2d0fa1decd30478919971f19ea5d167ae624eb02

C:\Users\Admin\Desktop\RedoEnter.xls

MD5 8053ad2edd1a11b4550b3689d19e6a9f
SHA1 3b78f0135757c4d91931827315020d0b5f8a0657
SHA256 0bfdaf501a1a9ef3f80378faa05a22448e304144af6f7526328cef3718f0a6bf
SHA512 f17f7058229779d207de21dc7e013ff42ea7fcbccc0fd4df89784ac11e28f8b11083a674aedecb904f25dfdd00374fa1a2751ae7e6f25b57daec5dfe5dea33e9

C:\Users\Admin\Desktop\SyncRevoke.snd

MD5 fdc1b8381324ce1e6c8b16c49da84f0a
SHA1 b47c28a4b01f168e4da560df8c5be699fe7acc31
SHA256 d5fabbc0de7b87299dd1353cdfd6c8b39971fe0062719b1b21815cd57b5c572e
SHA512 aa6d11a2836d5a7abb250bc129e49fe8c3501e4cf0f75f3d35462b6bd3423a9432baa13bd808f5d29dd3a4f043d94ce37823fc3a568005444a47a8270790daa0

C:\Users\Admin\Desktop\WriteReceive.mov

MD5 dcb5f254ca84b3d4fe039e20d66887d8
SHA1 e192bba3eac7e4fe0209ba5a0e71b5b10e248020
SHA256 5b477773110bc23d4dad93b64c78d321b6e9b4dc44e6110f95c501a5e7863e15
SHA512 4d349ed1403ca7e0f22ed67f2c597711a05130210c53bdc973e61030c6c9ffd0ed115fe623b9a3e2c7c388992f1d3b62bc61503a7ad183eadc1b1ec3c861b17a

C:\Users\Admin\Desktop\System.Management.Automation.xml

MD5 04609c96eca3e9cb2418a63df0efa899
SHA1 d0d999425d8d715d8279b2b0caefe648d4d3fa0e
SHA256 7e533f14ae4582369221c9aab00e002e8eec8388888a9b72831722309fad1b88
SHA512 9a49f681e8132ef1047fccc6a1b3c5939bd35d811eced255f7c89374bd1d4e87cec0e9a86ce9d88463f471800e2500bfb3e76cfd1fea4a20b107fbf677e381ab

C:\Users\Admin\Desktop\System.Management.Automation.dll

MD5 835e9ede7e7c774e7a2d56cfdf6e9b17
SHA1 a43ed886b68c6ee913da85df9ad2064f1d81c470
SHA256 c3a5868584a777422cebcf31d6718fd2b26d5e2314d3b5ba6d8e47aa40faba0c
SHA512 74284fd44497beb74326d11a0f63d96aff20aa44cfa8385f6b63b7e6743403c36e2ea4fb0d991767117a97d320e04d2b21f0a4730916244af4ffdaf51e834a26

C:\Users\Admin\Desktop\Microsoft.Management.Infrastructure.dll

MD5 3998804194188c25df75f505ac5c531a
SHA1 6b15b2d779e7c46e31fcc864fc1ef326fb3d2b50
SHA256 cbec9a910488cadbad860c850ceae521a2a346619c5a9da579e5051e270f114c
SHA512 d7cd7457c753190fd1ae5386a62dffbe5907ace02227ef873f4c890f4a4e987914fb94ab1ec8318f48a76fc55cfe8e7de83b75cfcbec0bb8ff0e18d2d956abdc

C:\Users\Admin\Desktop\FontAwesome.Sharp.dll

MD5 e63e12c050ed9c6e80d5e32a5b6cc121
SHA1 6e3c83f9e232fcf1d2f9a0e8a02f143cd8a54de7
SHA256 552fc14f20d6144aa7c92dbbb47ce50d89e8b84f8155006efad24c4298479907
SHA512 4f0ebb1b0988a0f6a0fb1061b91da9bb7b36904923d2f0710f0ef6f641d59affddbe60ef3aa18dc4d7b6c1a9735c080ca66cb8922fc434b3753938b2722cb4b3

C:\Users\Admin\Desktop\AdobePS.exe

MD5 2902c4e80adf17b8c068d859ba3398ec
SHA1 2c09243de3cb907386901397b622518b0e23166d
SHA256 1b008b379597535209cf0d9d09de24bdf635a9dc27869cbfdefed2b41e68f2fd
SHA512 3c5be5d794b49d2987f010f0ca24b4a148bb31ae0baa4c067b8638b86cc5367ba27f1e5f51b19ba8e15175fb6cfbecae366a7ff0fec3749d1ff779f9f08b21c7

C:\Users\Admin\Desktop\UnprotectSplit.eps

MD5 cda8aeffa0a81d822d5a59249ebd000c
SHA1 8bdfe09f6e7ecc9a3fa6931320b7704797debe31
SHA256 15e1016a622d3e954905f7ee4aab6f24f3e95bd22a1e661db996bcadd3eb6ac2
SHA512 8437677f68432b753297858aef113547f909aaa756e18e08ee0bc4b757b54b73cbc05ad3cf8520ab75780d6bac24c311304d8157dc967957f168d24aa633cd6a

C:\Users\Admin\Desktop\TraceGet.mp4

MD5 2d98cc164368ee386f2a041930debd0a
SHA1 e4191287ae92cdea17437e43f8a405a277945f6f
SHA256 c50800c78282a9380c6edb24ab5723ac57deeb05465a0b30e8545b494327824b
SHA512 309aefebd563a0851a55995e03a169dfc7e2e08d7bb71dd8cb0bd31a4c12afc3274426e0fcce5cdd2e7e499eb4b6d5f1fc02d7e273195dd66aade74932e65f91

C:\Users\Admin\Desktop\SyncEnable.eprtx

MD5 952c11fd11d514ffa63594c81bb88bf7
SHA1 bc3702b387fd6f72793a206eafc4db087c404aae
SHA256 d02a4eaf94481998f633e912010d060705d5948a3373c5c3e563a993944efeb7
SHA512 92b415068af8b7a62c591049272a56be2bae9e2267b4b2c195e04b4de14a549dac7efb96d200efa8a62c780b237c6b89ba82057a9fe038363de8c55e215a42c5

C:\Users\Admin\Desktop\SelectSearch.xls

MD5 8d1a779c1d3e3247d8aa381d0d5acadc
SHA1 8522a4a72c919f1d8823d23387892a21bc080c60
SHA256 a3f6f40467a6f3397319fdb8d54df4e5a0d648d12ddbc36651f8ea450abccf5f
SHA512 203ef68735ca8dc4c17216617c337c9cd553aa8cf21bab6c77e11bf912c096c826e6fbb4cf865e2b65dbf97ff40d61728e8cf060ef2190a52644832d51fee172

C:\Users\Admin\Desktop\RequestUpdate.raw

MD5 f8600385febff9fa8339c6b036341402
SHA1 b8612437d83bd4ed5361981708979daae969d5c3
SHA256 e5098b95289f6522879b3c8882564bb21e079fdf39202b00a5064f064f52a2cb
SHA512 2d983f923c348df1751003e8c5088efe8fca7c519508c44dca9818c25d15e47a75a789315cdbd31c2d4423be23b1e47c0739b1240b8b9531369e4f7a5cd7a055

C:\Users\Admin\Desktop\ReceiveConvertFrom.contact

MD5 9c31892a111b2c7c17d2ffef737ecf1e
SHA1 7a8eb6a305b7edc3903fb27cbf7dae65819746f3
SHA256 b910b4c8cfdec1b1dcafc252eb9f4e7ff400790856047eaafc8502138894dd0f
SHA512 71835b16cba90b3243ecc018e1c6a95359b4e188b228a0a7f955d50e5f63dbf13e5c9bbea714114e3ea0cbe2c93e35f8f0df51d2a00dc6d406d9b0679e693fdd

C:\Users\Admin\Desktop\InitializeRestart.lnk

MD5 739656b6980077c8aa11916d569ba938
SHA1 cdd10659b5452e95530b260daa7ce606a66fef3f
SHA256 668f673f0814a02fa2748233e4b8ad75e921a0359fd1d0a27e35d31ca7aa85bb
SHA512 d0b70bd0abb982e370f38f17526a81e4b1d8260cbb50a8e20080d5abf2ea72a9457355ead011092f0292365ad485ccff192b3f2c5aa2cb287c5ae95f5f33e692

C:\Users\Admin\Desktop\ExpandUndo.M2V

MD5 ee7884910d49919f9819072ec76d639c
SHA1 6fd6fa78dd183a430df177dc00a2f9c108a4af74
SHA256 7fd9f008172b73c98334dcce1bbc97cd39510c768f03632165c8cd2bc649b327
SHA512 1758e3c08198994558f3c4426a601688898eb9ef5718bdbf289092af91ef761ea64b3197591f23c70f357a489aa3ff945f1f40bd23906970184e0fd2f46444e1

C:\Users\Admin\Desktop\ClosePop.cmd

MD5 a26c26e78a47fe7941cee1f6f8a23fd3
SHA1 112c4da6f0cd4b22fcc4720d9ac0a63ff8f18193
SHA256 4b843461d12ecea999dff97b5a583ae75ddd2e21820b20ca813cdb559c730093
SHA512 67bcf9971927ba96d9d4e069c6ca11b9f0df4681fcfc8896aab074d926004cf2cb89c0e4b70bd8d2eec6d840f706bd02e509c9a9a5c946fd8b5e3e1bfa5b628c

C:\Users\Admin\Desktop\CheckpointShow.mp2v

MD5 9d44dc22cf4b2d9156b3645825c8ef46
SHA1 8d8fba7b04380d5a22cabd2ecd25c6a071dd05d5
SHA256 064faa4aca69b26f937fffe4041e37cd88bb06aec2a24bbd41841333a40c2bf1
SHA512 09048328d5827827f9cc32ccd559f3a163bc6f2a07ce4eaa879ebef9d6e772ff466f01a6920a014373cbe87bbc0ae8ff41ec786cff50842989e013b7a719eb1c

C:\Users\Public\Desktop\Adobe Reader 9.lnk

MD5 cf64a2bee38842ed4553de7fc079d3b7
SHA1 547d30e9c3d685f316e73114eea4106279faeae1
SHA256 3d3e720a0bf5a1c43129e7d5558e16a449104641eeb721741e80135a0069fb66
SHA512 525c70abccc7e8c3d8b71d17f3796845ddca2b3e72bf89c6ab39bb6877d46e26e819f9cabae6b7ca9634cb301daf47fe9dc2518a8e471c7cc6303b8fd3d33419

C:\Users\Public\Desktop\Firefox.lnk

MD5 95bd8fbc4fdc4c712d45dc5f58c2ede9
SHA1 b265cc6828c02634d73b03dff15583b1e504c646
SHA256 af224d8abddf809d0e9e70c940a9cf660c97844b97b92c0e964e1abe6371d544
SHA512 7f6e839ef162eb97f9695cdb25888cc36011df3e0ab3c67cc5ef8a1a8339432a0fc6b2942170ce59a33975c6ecf724b6646ad2ed4720a00530f54ec3816c5811

C:\Users\Public\Desktop\Google Chrome.lnk

MD5 6a70b0cd6360605c630ee3812ced07e3
SHA1 d00b9af47a837be25a72c085c6eda59dc510552a
SHA256 4ee87103943d46cb8c95ee1ac7ae2aff5edbcbe23c6b8f705d8c83391f2201c3
SHA512 117273131796c18a01ce8186638024bbd3953d4fd8a80b939879f3bc6483ae56abe704908566a4335e39e35dde7c07a609b8af7148fa371a2ef8edb4a35936b5

C:\Users\Public\Desktop\VLC media player.lnk

MD5 764f7650db5e64f296249b2539487309
SHA1 7501bd91f0206f48c4e149d2a747b3978e7cf8b3
SHA256 cfc891e5b61b39f721ccdf7afcafb3566738311a8dc4b42a83df07c26f1620c5
SHA512 59556626a80a9a9677e1a638914e032b4473a17ebd2459a4d4c5e728f5f774feb58ce10691e8a06e826fa1afd87dfa2a40676ed12ad64022d22510a92f2f6859

C:\Users\Admin\Desktop\ApproveComplete.mpeg

MD5 06b29cb6d5ab70008536e3c525b875d6
SHA1 c9d654e8642181c1f4930b52194d4669dd881510
SHA256 967f930261d9ec2f96e177134d09fab84fc7e278540aa8ffc973750ec54e54f8
SHA512 cdc1f017ee76b003076a229043925af924b0f5d028aa58dfc09409c6a123fc2ba4d2ae51cf2125b9f3b070b19f06b5ead5dc10d4a5669ee4c3ab4396d44c7ea3

C:\Users\Admin\Desktop\Tradingview\Setup.exe

MD5 6b1bd5939d77f4939c03b80642074a0f
SHA1 1f62ec08d97f7e0387d23909cb7358705c31e8af
SHA256 1f621c2bace767a963c06feccbc242c4a07ca6120d4f627389184f02c3d13719
SHA512 db1874005484e1577f3c27f5cb9468d8b40d5ed3ab5549bcdd988c5b57356cc8bf56666bbdd713edcd5b51330cbd953907b440e6283e9a26bbb0e66cb100b01a

C:\Users\Admin\Desktop\Tradingview\Setup.exe

MD5 6b1bd5939d77f4939c03b80642074a0f
SHA1 1f62ec08d97f7e0387d23909cb7358705c31e8af
SHA256 1f621c2bace767a963c06feccbc242c4a07ca6120d4f627389184f02c3d13719
SHA512 db1874005484e1577f3c27f5cb9468d8b40d5ed3ab5549bcdd988c5b57356cc8bf56666bbdd713edcd5b51330cbd953907b440e6283e9a26bbb0e66cb100b01a

\Users\Admin\Desktop\Tradingview\Setup.exe

MD5 6b1bd5939d77f4939c03b80642074a0f
SHA1 1f62ec08d97f7e0387d23909cb7358705c31e8af
SHA256 1f621c2bace767a963c06feccbc242c4a07ca6120d4f627389184f02c3d13719
SHA512 db1874005484e1577f3c27f5cb9468d8b40d5ed3ab5549bcdd988c5b57356cc8bf56666bbdd713edcd5b51330cbd953907b440e6283e9a26bbb0e66cb100b01a

\Users\Admin\Desktop\Tradingview\Setup.exe

MD5 6b1bd5939d77f4939c03b80642074a0f
SHA1 1f62ec08d97f7e0387d23909cb7358705c31e8af
SHA256 1f621c2bace767a963c06feccbc242c4a07ca6120d4f627389184f02c3d13719
SHA512 db1874005484e1577f3c27f5cb9468d8b40d5ed3ab5549bcdd988c5b57356cc8bf56666bbdd713edcd5b51330cbd953907b440e6283e9a26bbb0e66cb100b01a

\Users\Admin\Desktop\Tradingview\Setup.exe

MD5 6b1bd5939d77f4939c03b80642074a0f
SHA1 1f62ec08d97f7e0387d23909cb7358705c31e8af
SHA256 1f621c2bace767a963c06feccbc242c4a07ca6120d4f627389184f02c3d13719
SHA512 db1874005484e1577f3c27f5cb9468d8b40d5ed3ab5549bcdd988c5b57356cc8bf56666bbdd713edcd5b51330cbd953907b440e6283e9a26bbb0e66cb100b01a

memory/4292-1924-0x0000000000400000-0x0000000000449000-memory.dmp

memory/4292-1923-0x0000000000270000-0x00000000002AC000-memory.dmp

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\Local\Temp\TarA6D1.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\Desktop\Tradingview\DATA\libmbedcrypto.dll

MD5 e36f57872000e5e4a13357e89655898c
SHA1 a742e5d8f110a6ff535762914878d5e631d1317c
SHA256 7d20adff8e154a7f27818d2062797242ac84f50f75cdfff308675d14adcd6259
SHA512 c9f069f700be822f138c2925059ba9f2e07c1ba00f84fdb175ea989afd47fa62eaa09ff6ff60f3095bac8730e349147bdfb49f51e910c651c1242207bfa0d7a2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 6ca256170adf1266b48cf1345c842c4d
SHA1 2f1eb9b54a8254685f067e7aaca8a3aa256734db
SHA256 06b8d41cad030c1220d03ec8a0f3abeea87017b49ce99d5d2195848fd437aed7
SHA512 658c3814f07ee054cf8ff45a690e753dca2f05e9ffd3cedaa67abfeb7dce3b2ef9e72f40f8318db082938e6cf4983a959a07adc9f5d0db0fe8d23857a37a050e

memory/4292-2000-0x0000000000400000-0x0000000000449000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\doomed\20636

MD5 06909f2c62e31e570e006040e334911d
SHA1 95a8157e0c766ba75305e036ac9b14e82cc2fc68
SHA256 2e1b92403de81c342bef9a875681f1f4c090b5d77251e6e6daa2994ea527e349
SHA512 30ccf6bc9741b69232afea8fbcef244c0d1f8439e5ae0522c1cb735cc21d94af8faff769f4cab05a69d8a9b22216094a115883b703d001b723273480893fbe8e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 5d6c84a994097414a94b5f706ce4c022
SHA1 5a21ddc6b51ef704be1950230b715f088c8a57cd
SHA256 f1de2721cc66226a682cd00be0fbf3c8f1bb17ba7cbc9053e0649b04ece64f12
SHA512 962987a23c4c6e5f2a62248cd36062e4d95364c92dd9c2152eac6fd418350e30af965d8cfc2a658c18c358d66df88c3bc96c234ee90b65f00e6c40eb94762751

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\9DC82D7A3BEFD443E1AC8CEFD048DEE638BBC226

MD5 b62815897d3f0408012fd1805454b1a4
SHA1 21e1aaa33b13681a92d19b8bfa52144f2fb343f8
SHA256 7f949699bc393e920329208c6fb7c71e1efc639c3600a115a03ffd5f335b2313
SHA512 8e8b52cb5ce41cb1d86022a91df201486cfe77d764fc2f94527beaabcaf131ef58fa2b2537f1c8d6c3424c8e27867398b38cebff507d689c42758f543ec7e8d3

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\7FD3CFBF539ED90BD0845BA2154480FB85088467

MD5 92a31ecadc0f079e7b97115c38106ec5
SHA1 600ea4a214704b3d07c3467574470ce586acb424
SHA256 75ecae665df3ee23a93c8e7a914c65de8245b0bd5fff6d62d1ebf4e70562e0cb
SHA512 1914cf13105124986ca5a96c833f2b8e15067b888b4e0eefc49d45adedccf21f1f64dedc373d64a54eaaaba97806e1d6021187e66597ffe2d25538a60592ea18

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\D4F16E69B9775DD6ADA46844708FAD90DC7045A2

MD5 e761ac92898e3445081253be2889eedd
SHA1 9995039adfd176523fe18914b5097dd8267e01dd
SHA256 0aa5fc70d26598b3016223169c4f99daef5e3bc7328ca3fd39af335cc9bdc6bc
SHA512 5366969f308efd387047c80df64157523e09e282e90f0d2ef51df5c450c93554b01dafcfb31fa77143b14c93cda233e9c195456c2a9a81956296ac977068229f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\0AD4BC10AE8E76F92163AA214CB69ED4D6E968A9

MD5 f2ffc447329a2acb129545d1bae2cc7c
SHA1 b718d56336b3582ad73182866706d0bf2e9d43ae
SHA256 8709e8f5a8974647e8d87789a40b74a4b2a33a8e835294a7eaf2f99e83687e46
SHA512 8290b6a0886c4d648771a0ca37918d2645e11fd277782403e68afe7f48d9793d66845a88300e9413d2de7d691bbb50dda2a5018071be77637ee6a4c297533ea2

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\93F717D947FBFB9CFE5A68E718133A611DBEEFF2

MD5 d4e923b5e8e9452ecc514df32cfe6bf5
SHA1 7be6f07eff800e06d326813b94f7f7596497bba3
SHA256 eb5034b528ca467ae7af6401b7586531b10f58edcc89d6ea688fe0e42325eb10
SHA512 f157ff87a16728736945612debe81a559bdfce3c158588149770785eb61286d34897ed1b69b7ed59fd3163c34b9b50d7e7962d231a6ae46250a835e9cf7d234d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\CAEA4D3CE5392767E631455EBA89582BB8678939

MD5 3c374c6c4e28ce6a8006e324528ec2b4
SHA1 57957e36a6972451439b20c4f62f3b447456f512
SHA256 24a619419cf6afc978e452075291e3fcfb349363e4e9a6bff6b7d9a591ffd2a8
SHA512 b69561df04c42530ceaded9294f272187a53e3215225b02366483d1dc6d716eeb2f40c3290c7d6bf25d1042e066ffc30166274936209a8adbe8b77160719c7e5

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\447DA402CB61601FF1F9783257339816DC2B5588

MD5 5d3095fed925a5eb459a8b617022be6c
SHA1 768196a012cefcb89a65a33d713a4263a861b79b
SHA256 5d51ce12222fa959defc070edd7c52269c6a4ede29faf6af2d4cb4514fa1ddc9
SHA512 b7253b81c5a71998aa9511468c1468e7b70f5aa8d38fc51b3f335ce8770f1d149e2b619b1907759b7a256846c0d4eb668c598813962265e0369c950109fee0ad

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 70bba6c8a0006073e1c54724de41f3fa
SHA1 001a55c1cd30429fc11a5574d62635686286ea11
SHA256 a89ab560de5315f1bf4c3be635d2cf74095f0a389903c317c0c2c66668e9643a
SHA512 67738ac3f3bb872c1a6bcacfa0f425fa864f14231c0ae4fb5e357ee1bad552bf8b2e1598c3d559abc6428a66478f382d0e219d9bd0474d8bac863f001e9e36b4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 7fa0e80b7463846d438e2de2560e4d06
SHA1 a4554c59a8b31f5204c85779269003d26e669ef2
SHA256 2a1d391d1b228c334dbb4412ea215ed6fe0b28402ebae2a67b89ff851d7e0b44
SHA512 ba558f2d60ebc8ebad6e37b684c72f5411ffdd174042fb2cc451c1964fe83af494ab30fa61903fd2b43b16b2aa6ca3766a06986f174963545ae913082b60b0f5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 92081f5d2af955c9b2db91e035379868
SHA1 7bdd62de6a16322f7d55f2b5721360088a8cc064
SHA256 fbe0200eca95172986e63ad6734aaebb01b74d0f9afc1f70ca893d9fbc86411c
SHA512 713884827e7b61637abdbb8de34393875d6fa0235d815947d83f80709634ffe02981a27a0367f0c9eb14974197ccb57544fbbce2d33cd763d5b97e8609d942a8

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\8D75324FA008E74F69A603D6296277E1EEF38FE0

MD5 9d8534ca86d84ce2c3e300b2b792d539
SHA1 6e05a43aca66f7039f172872a7eff77b3aacbced
SHA256 0de6b2687005631a23e4973957ffedf45ce934d0072a24c1929ba9e05c5d009e
SHA512 c048475978590036fa4c517fcd002326d0a85ad0dcc941d5edbcfdc741f0af1156870fb6259712d1f07294bbd44a3de932c89531afc166ca855f58b7a93bedbb

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\2A623DC1A56E18D34EBF14AC7FC53CB043B2C1BD

MD5 ea1da0cf42d4fa7b48840d3dc5174783
SHA1 be370cdd70fbe104479b37b7a65052e8bf9f14db
SHA256 9cd142a0d806da01053e77c1a0aeb78b4ef7958afbd0d904816611624f328333
SHA512 4bbc063c19649047d7d492517178313c4fe80b7cb7ce5086bce748f5be3910c12cce223b028463da76889cae98a2742fc86096e040757de2faf0702d9d5a2f20

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\52292BC31245ED12D523F6ABA85A7015A95862BB

MD5 a2c8ec83f7399384f7eb949b6e419779
SHA1 fc04f280c33102bbf2ce9a79ef8f56a70843ddf9
SHA256 b2cce3e7ab78fa34e826a1ed08c369e794ef6fc1c58c97db90f67242bf3ecb7a
SHA512 aca8bd0a05f5342bce2792402aedae23e42bd373625e1bad7fb0e3dd0a8c7af13e15fcdd2aa873affa2fda79a234b12ff97d38b9fc8bc9ff8d87fc8f84b79b95

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\F82935EFAB40391B796390BCBE303DA222F44099

MD5 c95e65e97b2494db2a07fb7611beb621
SHA1 19b4dab0021d7d8cd359d7b8a4035d720434e1a1
SHA256 11db5069ecba9b0e51889755869da9c1f84d0885f70daf184ff63b8a3194cedd
SHA512 073dfaa95ff3e799060d747b79e2d25d56635a6d4b2513192f8978ad53102cbe14a60de122d1a88fcbd7ff5bfe68db43d94d557719a468a64101c6c84ad32ff5

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\8674E326B17190B18FD8A0D5D85905FAD55DD34E

MD5 82732d04bf0472e4251ca36348634c5e
SHA1 7e951b31c4d428f64dc960bd330c0db6dc38a2d9
SHA256 603562739db938e8589e22d7e4defe9ec9c66d502594267ae9e4ccaefe8ace1f
SHA512 bb47b139e3bb2fee6bb587c513ff3d730ba8e26a6f32b29088517c772d5738ab47876e481a663e167a6bc7770c6bc457575f59385ae1460dcc6625a1658b1217

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\8015643060C021F7CBF33B3B06A9710B0FAD87C4

MD5 be6c119dea5452b0003bea7695bcd870
SHA1 20dcee283d388ca6ba0ee49e9c4f63d7866c74a8
SHA256 836473929ab89e918cca364e6bab654169aa696dd7d8d2f1969261525c07e2aa
SHA512 d5d6cdce94c94ad9a4e8a2003c5ef044b7a87b65302c66831334a27acb8f45df161c46e84446184fbe6a8307e7b9dc71b3f3d0ef9b4c04741227521495ae05e9

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\E8FC5FDCD27FAE570D3AB116456F0DE067B638D9

MD5 53f342653b0f7ac238c93d7db9deb110
SHA1 e3c9c9c95bc4234379d4a7da5bbfdcaaeda1718f
SHA256 8f7520139866bde7e2b01deda3a5869fa6ac2f533ac85cf2f6e072878266423b
SHA512 063e74f0e6ba3293742be2904c04e193bef4e207fb68a4bc720e1679dc09fd95a834335c19b6437e0d1f6255ff7b5ad6ab34e19fe5aa0d8db09c989b8a156b4f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\7F1784150156ECDF047E86B8E1BC0A2AD425F41E

MD5 e35957675341828aa1991eb63717e0ab
SHA1 cba30e26f8e33bf491888db16f4a44c3eb52a6a2
SHA256 cd849578264fb5a8d9891ad4853da8afcbf050a9341ded32374511beec0f351e
SHA512 87d69518fc65342d0a9cd930189e64ba7a257b134dfd96e0c2bff986c84850a22194aeeba5aa6c1e76f172e1858d064cf61b28dfe269ab7f0e957a7a09fc988a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\FD66EE1ACB04661B61C039F800D6C9556738C4DB

MD5 f5dcce9e8db7e818af151d06960dc081
SHA1 00fe9dc35035422ed4fb00d03daab06aab8db5e2
SHA256 1fa93416a1ec686e6d960c1c975f64acfd019889ce2e8be47e494f763997916b
SHA512 5210987d9baa965deffe85efa3be63df31a426fbc9c1f238a6e5bc19eef0a50b3ae5fe6d68f71e5640d755c9a25d7295f4a3880a820d4e03892493e10f6b82b6

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\0762816DDF82FA4D7AF3935CAF9C0FACBF9C379A

MD5 a92ce179ca992fa29891428919e37ee4
SHA1 ca851b061ec8b12c4196bda31b7fd7ce0817e939
SHA256 c9e49252abcbef9e89293c13c09b5e05c9168836172fc8dde41da37309e30181
SHA512 3c94db2e2c5915093942ce32c77d0846df0c0182ebfd2c66d208417cefc2551544d3f29554ea1216bc1f9932eb05865757eb3e0105994142aa0db373364f8377

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\doomed\923

MD5 155e0b0d82ee340020153fb1fc72b21c
SHA1 404e890c5a56036ea40eb04321556b8cf90a1d7b
SHA256 0cc0fd2bf12131ce8f44dd7bc264ececdfe3689548d27b66f0436c4e323707f0
SHA512 b31ea5d7c740fecb7a9cca4222fadd55685157ebe169fdbafde842ceb101faccabe632b1e26a72774eac01ec1df1e52a6169b8c827d30792307036225b3d9e75

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\doomed\10496

MD5 80bb882156c635e2598997905125a928
SHA1 49b5dc7033ff13db334e6c5cb8116663acdf5728
SHA256 31f81e81e3609335779b6271f6f53c8a3faf790cfaf305852b0c37b3bfeca242
SHA512 a015c0b83ba5e92a66482923bcf5e11142ebc0089af6b2a380dcf4656ec5ed1e991cafb3cb7deb708c498a2eca9a5960e418c08c1f3ac069df99a67a59606546

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\doomed\13661

MD5 2b262b19cf57c13a6bbf6a925a2bad3b
SHA1 118e77e14edbc1878aaca0e2a39e1c94a6221421
SHA256 318b8638701cd0286d772b69a929a1a1b8b92ed28f123be60e04aaef13e57166
SHA512 30236d2455d0246ffbb3feba9f1921af6a582d3b1555e491638b1c818eb143801c140197b2f48bfe84bb0ce2bf6158a842b4737d83f73b62509a6634b20dbabf

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\doomed\14593

MD5 fa88a450a18f032c84cabcd8f60decf3
SHA1 6944a5b9a921b18741adea335ea7299f692dcf5c
SHA256 2fc26fede84d38ab973800e92c55bd06d216a1628bf2f1ae7cb4e8064124e7d0
SHA512 66ae83531c54591d5b972c8d101e9894d5997f96f2b3734371af653ce57271a3d44254ff41d3e36e4d2a2bb07915ea11865f5af8436ceef5bcbcc553242a4f30

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\doomed\26769

MD5 7a6c40acae2e6f1b38480ad350260289
SHA1 2c6efcf9e34fd2d7bab9ded5b6cc3c7af5167f64
SHA256 407de6d18165c86da51622c5665b0bbe8c56fbddc14d39de7129013b23030df6
SHA512 60659278a838f46b83f82b39b6e8c3693eea8c32f806b158b6a1d45544fa8e049c1f692a733650e424a7a4d76ea94c1c6665a7618f1ab3562f9817d038e5807b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\doomed\14616

MD5 0b78089089a6272d1113177fecccde81
SHA1 895cf8d74db563e33412a577a7a2c60db263bd2b
SHA256 ae0b52ad2181ba8b1e1c0d62d3c25148625bd69ab8c1f7f0b2f85df02185d356
SHA512 91b21bfe37b49a6ba649a6427a5dc09cf7cbbc0837725be95876f70ea3d263c374dbbc987dd1fb0cef8b8ee969a2e9015ff83c024923822a1a929159931ba508

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\09735E4F01DB3120A5D122D40CF0D9EEED8E43F6

MD5 728450f14ac5d54e82b2d434693c88ab
SHA1 b13001cc440d92e9789fb1de0357085626276eff
SHA256 405a5c233b03aa06d6c2628922d41376f81824957af3940d0886b0d1b71327ee
SHA512 8886a322f0542cf1ce4b964f4dceef321e44f80ebaebe540662a08f8c2ca136b0be1b4aed93191bfdd2d0289de06ee1e6016cc0d64e660ee57ae249b6ec88b21

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\A18AB3FBE5FC5E1A527BA36FF698DF26A7C382BB

MD5 9ac6fd99fa367ff0121554362972cd18
SHA1 de24b127e6de87de688e2e20b4ada690b57a69cd
SHA256 1791a2656348a93edda374241dd4e601cacd91595aac747e8d945b3c83308d7b
SHA512 6704d140e2f6d2475bcb99f3879bf406a860cedacc2f9b6b69bea332adb56fe5c196b1c5a3e8fc9bb96660a55f9fd3c650d4ab1cb91547cd731f21ddf1b0fc04

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\5B5B240269928EDEB8575F9F85079C30592FFE59

MD5 1a1ba513bdde4d1accd3a8ea64dcd2dd
SHA1 1fb552c67c42b6d977d9189676aa91f972c8f426
SHA256 03f7213b41e4355ebebce0846596dfedd533effff3638822e0145dc24defa943
SHA512 c5d0aad948849774e007848b4706082b1fe62c3123419b0d3c9f356097da86e50b168906af9ed24bd1fa303b75e77b056aadda27f3b96b77e8b29178ebdb7291

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\entries\0C59952BDEF4EC024BF42A93EDBA550CCF931AB9

MD5 b46ca1bd9c450bc72fa55d3097e82fb7
SHA1 4faab0bff4af2e3d4bf6c3820a4a8707ada371df
SHA256 1d87136507cc6af7c0ef49a6cc5960b5ac4fa30b4d2d6f702919d71a8f3ebd31
SHA512 5cdb08037f01cd12a8f657efb6f17a35bea81e032c82e2c7a29a0db281c9e299864f7a3a29461c0fcc8e24a2799e46c526788852e5e1199772510e5f6e34e850

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\datareporting\glean\db\data.safe.bin

MD5 1c3c58f7838dde7f753614d170f110fc
SHA1 c17e5a486cecaddd6ced7217d298306850a87f48
SHA256 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d
SHA512 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 71dc42c0875910a3368ba4cea82ef5c3
SHA1 9d2c2e12b7e6e51a041f4aab7c92218d1bbe41ca
SHA256 68cb8590fe5c9047cb7d0ceb6912602486ed504a8718c4cf76bd1291c80f271a
SHA512 b42ff2df729b80a9681d83e5ef6aaae57e3c43606014fd62f1c8039b7cf48f6a1a8952b699d660d7fe8e6a84fbba4a2606809c25ee15327a7906418895a35818

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 5ef3fb53fe58eda71be5d542571f2e66
SHA1 7eb072a3ed4d76a80361c9825dab5982277c76ac
SHA256 df934742a421310e0bf695a724bf2d500125f2efd7929bd6d5b2418b5110b060
SHA512 d999955b0993ea4629132116fa0a7fe9bffa7663f16967804ae9b7ac4b696f8ac43907ee3bdc50a5cfd07e5c6774620b85c3a4cfb5dcbc84526be0a101846ff9

C:\Users\Admin\Downloads\Synapse-X-Cracked-main.zip

MD5 547dc9c49a1cd73ab654e4c2f7a35423
SHA1 afa85e3306d5c47f94e2f468870da632d2ec6fa2
SHA256 c3f8e383a54f245b844822accaa146c969da9f5b44579b21d34497d871224a06
SHA512 c3a54f4fcd41f283e7a688b6dd0dcb083d7e01412163d398791b641ec2919c28f0a8fd480a706d14934fb3f4a3dc3894f5fc26367840892088ccb685c20ed003

memory/3616-2700-0x00000000012C0000-0x0000000001300000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 326eb7de32098def9a950009e12e673f
SHA1 92181f2a4f6721909bd3ab9f3ad8a0b206036822
SHA256 6605381718ba39223e692bfa489ba4eece8ff095738a13ff9cd31bbf9fd652dd
SHA512 aa363bd4a754ed29d75bc44cbeeb99ce651050e84fc1feef6d2be3a301a39bae7eb517cfd28ca38f9464a552ab47ccfa91f860eb739540c6165d36034938a1f3

memory/3616-2709-0x000007FEF1470000-0x000007FEF1E5C000-memory.dmp

memory/3616-2710-0x000000001B260000-0x000000001B2E0000-memory.dmp

memory/3616-2711-0x000007FEF1470000-0x000007FEF1E5C000-memory.dmp

memory/4316-2728-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/4316-2729-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/4500-2730-0x0000000000320000-0x000000000035C000-memory.dmp

memory/4500-2731-0x0000000000400000-0x0000000000449000-memory.dmp

memory/4316-2735-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/4316-2736-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/4316-2741-0x0000000140000000-0x00000001405E8000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\doomed\1841

MD5 56ce27aca25ba866ecf8d93182288bff
SHA1 1e2e06993dd8f5cd35376846f4e0a377ec137dac
SHA256 37e69e39a1a5e786198179cdf3ed928e7d889b82d4a194b8c69746c17fa94153
SHA512 8769a1138250876d606dfa93e2b44f5850f20f54342a4ba19c44c30bb0699d8b7c2e4e82ae677e89eb4bf2c9f076c6f85bacc6281fa21d6e8c0f11f77426921b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\doomed\13238

MD5 6be10e1b7ddc1d66e69b294e504b027d
SHA1 0e6ce984b85a3a0e8f181497535725af210da196
SHA256 dd3874dc4e71943e1c800f3032a5678ac8daefd077738a696dd59bc770194b69
SHA512 70cec02193b26dba80c7192912bd3aa4600424d170532c7d31246343df23d86d64bedb2837552f35e76e398f291f158ace7b191b744153c3a328e76519187297

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\doomed\20589

MD5 d37df7f7ee110d65265de10e4b9d3e5b
SHA1 e375dfe6752c4718ce8ab9dc65cd900c1b575896
SHA256 0e59d8451d0e094f0554ba6fe2b7167ed10c51ce26f0a0ba8686c93cf7d0b179
SHA512 ea0a535c66f5a602a8e8bbe74beb01510762225a31106cf0d4308ff484f5fdf0d6803916c07e9c711d93d9781b864bfb58d7d12a455d3abd8c1714e6e87f570f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\doomed\20477

MD5 4c366f8ce46f2673d3f5a618a9251fa6
SHA1 563b18f0cd87d8642e0059ee065cfde876dcdd8d
SHA256 568da7042dac949822a3b919d9f7c8dee19cd1f33a47cacbbbe4cc0d781a8fc2
SHA512 17aca3df7735f8601963d35967fe805c8dc3ac142054581196b6bf204f785e8a4fee2d9939424e381851469b92457c3f8d1c45ef22a023eb4a0644aecb37a571

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\doomed\20253

MD5 1ff6cae33f61c2bacf6283f284635a26
SHA1 f22727ea9dea8354fde279aab25542fbf5bbb7ff
SHA256 73ef97db565795fea21d7c52c08a551e8fdbd91a411412f26690544278de3a45
SHA512 043e0389f28928cc82a8e8b50be51c552da2c6a8f75618dcd4c823bd7469931efdd52ad553e1152937ae07435a34d0f4030ca64e987a990db1bda80600106c2e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\doomed\19467

MD5 a1eff182cb0e3109aee1f7f1145ca07a
SHA1 4a48bcab1affe3a615d3409fcaed448f01cabad6
SHA256 8766177fb546ce831563dffa7048f0f0684c4a0a9c3cd16b7c8fde5d37eeba46
SHA512 c89079e793a2c315eb34a5b7c15142167be0838270d12538354a227072d75b337f97e77bc63860660d2af270f78e035eff18d90f4058d52ffc4e3dad85964ebf

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\cache2\doomed\18009

MD5 00b4a5ea1836806d8b2c3382a4a4ac6f
SHA1 c4deffaef234913ecc00301a1e47a6eaef3e3a5c
SHA256 52a89f5de66c8468d6169cf1af0894f295b8133f9837d9f3515f72fa46567ea0
SHA512 98f3774a84b666aa90dfdfe80d66a156464825760a440ee64caee5185429c9665bf38e298e372d751b04cd235026ed9c2ffdfc5da2e8818ac77555ffdbaddf11

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\sessionstore.jsonlz4

MD5 f7a3c8f72263ceda35b1aa7e8895f1a5
SHA1 1093d19c181c4d2d9e6635d4a414e903d0f2790e
SHA256 e6c96058eae056f0cf84e41923b96651b04c5348ec7c6aca602f1b4c2f117786
SHA512 7ea3901978b88864c55803d4d14c24e936028bf43b6fc0344326d24dee3be9c26ac42b0b6d8cccf1d24f8626219c44ee030b03ffac6a8f365b32b4b1f8b3de5c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k2ysa5kb.default-release\prefs-1.js

MD5 2e0cdaac89a76af6d5337cca4eb142b2
SHA1 3c27517efa0938f5de5dc963cdb7b001e6758bd8
SHA256 b59a70ea1c13d06be1fa2c231479cd8d992282b5c74c2973469c4005865f7291
SHA512 4caf569414b4ce87f76b6073b6d747e45e1871f9ace476ad36ea107d25f3fede7ca6640d707bcbef534fe9e1c8c28580b307329b3a97914342cd7d217c485366

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3b1ace49a1710d88284ee67b8d18d16d
SHA1 576ae5855a3072a6ca989c058e3215ef2676d30a
SHA256 8e15c11d21dd265bef9608a2608efccef4bbdf4ba449055417f2b468e16bd237
SHA512 0f9c735a8c953de37f9f502cf35f07149838c08f7d6b6ddf7e831006074eaaf4594d5eb0cdfc90b2f291d07c08efac8d400758b5a7d4321fa734cb79f9076732

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

MD5 929729aa7cff46b3dad2f748a57af24c
SHA1 81aa5db7dd63c79e23ccd23bf2520ab994295f2e
SHA256 3c63e6c7fa25849799d08bf54988bfb3b77b1d1eebb1e55a94b64995850cba2f
SHA512 a10eaa6f2708b683bd43295b9c3da5840c0eb6d8a6b9e1922a534270fecbc0dcdb4cdcc28768df292a06f6210885b510254bdca17e5b3c507b0337fe7dc3d743

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000035

MD5 9f61d7b1098e9a21920cf7abd68ca471
SHA1 c2a75ba9d5e426f34290ebda3e7b3874a4c26a50
SHA256 2c209fbd64803b50d0275cfd977c57965ee91410ecf0cafa70d9f249d6357c71
SHA512 3d4f945783809a88e717f583f8805da1786770d024897c8a21d758325bcd4743ff48e32a275fe2f04236248393e580d40ae5caf5d3258054ea94d20b65b2c029

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT~RFf822da5.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9ad1c146594aa584ccb283b5bcecd055
SHA1 6c39eb81a8fa3f0b3ea03c7dcfdbc3b0151f307b
SHA256 2e026ba68ac1b8dc19a9b792690e07df5665162494306ef7312e16c89e0b0400
SHA512 e691404f5fdcc0abf0e5f996cb7b79eed0835b0bf33dc2ec800fed0b77c358bec5546bd3b09e7d742f9275e9e3d43c5488b11f82acd236f39dcf62616a348242

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 015d45b652d82c47200710332069ed21
SHA1 9ad948cb33dab75fffa88db5b7a4c0f6ed4bada5
SHA256 e6a1503088ec97616503b514a73f232de5d657438a506752941b9796358bb214
SHA512 cd9a5ccd09011c25f94b082c2d2e6cfde127b8e7fe4fe863be6772efcc8d05f99d9810a523c1ced6b5b946dba4a044c78352545b40e0a15e314844f70a04ee48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4a4627467159cf54dc618a12f7055ce3
SHA1 532abbd88d0850aee2dce88ce850fde44352d952
SHA256 0a88584a6957166a420d142c3cdeaf8c7a5ca77766300c624a860258d794d19c
SHA512 f0f7acafd9cecc1444e778df27530c6d781e90e357b950b5e4a85ad1a7f4d799799eb453330078d2c61f18690c7cffc2465638ec157179179f6d92312f859428

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4eb1f596adc8dd4541d6a907d94084c8
SHA1 195b167154831b258f888bf474a069d2fca20eb2
SHA256 0c26a220cb262593625653bcee1aef1b19e63485074e8a22dc2305d2ac9108b9
SHA512 bc19582d38d43efabda8ae8f4913f11f18909c12ab0e389944b2d2ec868e3acf0acc413d4165492fd1aac18043e4f1c1e3b45dcda22c67a681c5413bfc0f2aaa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bc9c34201a3c87f33ea8d7679c312ca1
SHA1 78e749c7ae955cddb9e03802b30efa587bcaa1da
SHA256 f84d47063d4594912a428e7437ef6fc89dc4e637146a07bd39cdc94451e0ef18
SHA512 8a2b277d82299c6b3f0c53f7349194b94c66b31a1c9cc59116e4bbb0eeacf4ae2513b067f24d1293d968af5885880e9ba0082cc4e41317f1e6afc6fb72ed1e7f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 28d24fcf72a4f1d8574d4e284d8b56ac
SHA1 cbd08abceecfdace5ea94ff043d0e36f76cfa717
SHA256 824daf79ca73ede7d4f7a0efb9d8e5dd71c5a745621e448485511ebf80630c31
SHA512 73982ec7281c3c333e1b8f7e0e435ce9882ce95553185800bb79aa5bfdf221da0a35d049eaa6f06be72a54ff1a02a668d5f6f0b203e85bff6a91f7e8cd216ed1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cbb062b08bc3cdb24e19ab37eed87406
SHA1 2f741308817df73faa71687155a5406a064e8e96
SHA256 42ccdd3d776e8069c01c505e713aac9824237c96dfd5d7fedb0ef95988c6fc97
SHA512 4f8bd8f4e6d9e092c6bd23b5f28425c8ff777e52d9a60f0da466edfa8b40322fd13b676fe58a20d5ce595ebaf6d7f78fb59b9b21e21d2439c608073a744706cb

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cf3eb6580efe0c7f9ae4418f7c439116
SHA1 b0f46decc2d79f9a5296d7b619d9d3e3b6ac13de
SHA256 b84e5003bc356ac3ff0ef2be1b25b54ee1412f2faeb8a5504dc42208ab79d2ce
SHA512 1beaa4974bff5db41a6ec7b2cb526a27fe79c8b5f1f0a307f77e0f79bf29e05dc5a84eff132012cd718cfaec33366534feabeb31ff7164d5ff65f2fc71c15b54

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f26eab221116423a27334619badfe2bb
SHA1 d0728c743846d9d19482d64dc2a62a0ecea253f5
SHA256 dbc994004aa2d00164df95446d6bcf76a95377f1b3c63bf2019417f0c5404ff9
SHA512 cfa4fc6d6a4d18f1f12e33fbb46125478400ecea963b968299c56b17504df2a700f492c87ccba8dc30b68959651c094dc19fa533b868164eac591aaea065270c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 66ccf995abc44d4934ee0b0b963f2c0d
SHA1 6b53f75b38609c3f81be7480c92c80391d41d7c1
SHA256 a8aa49ea4cfbaf97bb13dc25cf75b20a54caa6d4f54c223d13523d7244063a33
SHA512 b7814c355aa40ccfde96e7294d684c52de02170a8a8ba62e21443135c02eb6ae99d1829a6988722a6bf96bae996b924bbabfa8cfc026e66b90b5ef650b5c1bf2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0390186c5440978fdbc235788fa06d0a
SHA1 cd598feeb8363e69106a0178023c6d500269c6f7
SHA256 e8edccb6a6c30350bf8ca265a8f0032edc9c6dd5676c0d0d32bd994254d929be
SHA512 048f31a7a2eb731b376a4bd009ce362025a4c7a4eefb51b957d01d19b7baa091c60cc7b09880fc6c0e83b04bd5ec00656ebe411791f1432b11435b64ce2d0fcc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 920c2a3e899f1a9c106630f461d1a8fd
SHA1 f388daeb0b637675f4ab8f67ac43587d270e0db7
SHA256 d81b24d7755d2191a79077f6cff8cd3569e3adeefd85c28bce065dfb72e0c6b8
SHA512 db0a17faac20b2ad4f44e34f42e2543d52e33d3cffd48c6917df4ddc89c20739548f92913064333329add188950de9920256e832ef4aac1502bcc843c9785ad1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8b0c8fddf4acf5dec46aadcf362662b2
SHA1 b7a135e9783541b5e9d8fdc814ceff2d384e365c
SHA256 4ddc936c50ce432728f2aa23ce14af1699d0bf0309acd55f0b3642d71c2b6570
SHA512 1e963a02ce87bc20af96af86f70bd22fbe8fc685d33aa54687aa20e1a9c385f40a854c84e0e82172e7b09e6f55db5405a46e2933c45e34dea79b0cb948c82cca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 700e78326e5d860c706da017d97cad67
SHA1 596757f92f4f048f3ae47f1320c01f81fce858ef
SHA256 81cb506cd24e4b2a159f0bdd03bd8365ee67cd563d0f4c943249be90fbb5bb56
SHA512 188a628207de7356f1a720a4fbb29c9308db9fe943b853548bb22a9ea127f0fc90c1cd7bc2a56e130df4f5d13a2866efdd3a44b8774e97b178563afb1f1f49d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\61583801-5c57-4128-b3d0-848c0318d779.tmp

MD5 6ccdc3f2a37a35621f92d7ef26e26a77
SHA1 53593a9fde28a6821f4c49f07d702f0f69e655e9
SHA256 51cf02484e271ccf83977a7785a4fbf7328ae2af56b5b3bf8e0352b6ebd516cc
SHA512 3d2c1c8d9faea0f1cf549db22dbeabbea77a568215ed5be1fecc4f8a9b239f33836715b43e8ecc3f911bb9eabc24a92bd1430359e6aa7ca21c745d8bda740f22

C:\Users\Admin\Downloads\Unconfirmed 138922.crdownload

MD5 d04dbf884d0dee728e9194264dbddf10
SHA1 a90fdfba53f23840ad47ec3fdeb510c6961ca907
SHA256 559e4daa065d5017cc6c3fb0c57e7ebe5d813fc4aa89f416adc99223b10a4653
SHA512 22e7a325951f538a57f3f259d4fc6b810636381641060b19503f3f53b68850e5857716fdb51e627770999a2e63ca82334ee4463a164fd745703b6ce94738a837

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bae7c336c54f14abc2fb5fe28107d4d3
SHA1 f80be1096ce7c24f4a5bba081eb84760a7527dc0
SHA256 cd1f10de8adcb7286e2044ed3f6c856f4148df710d8917b12730763af74f4078
SHA512 70b883ed2112c19002b755f32f32dace42af34d03312fe6a97aef45c4b9a8379a6b554daf0ac2c8f299a8abbe6ba040ccd048a648a1f37eb867486ae5e4f631f

C:\Users\Admin\AppData\Roaming\.minecraft\stats\stats_mc-ru.net_unsent.old

MD5 727d0641b0fff26798152ecd42e1d32b
SHA1 a00119d2a39c6facdb4a00723c1bdff680846934
SHA256 654a395dc55522cc5c2fa15a429b4191b58d086cc8be949c1486fc4f42c7aa9a
SHA512 de44a5c6b8717dc9cd8fedae978355a3d70125b35bf173ffc1a668882ffdd8d08e5323abaecbcc1d425c73ec4c5bada05aed4999264fb6a22954e0efa9000739

memory/4328-4753-0x0000000000400000-0x000000000048D000-memory.dmp

C:\Users\Admin\AppData\Roaming\.tlauncher\tlauncher.exe

MD5 b6814606e20d0e087ecd5187c3b2d57b
SHA1 8e960666548090261aed66a72222b2ec5728dd8f
SHA256 a303d593289df017c19303491699e172bb81f6f6d1b6a56c8ba239c78c5c79d2
SHA512 5fe1a5c2309dedfdd3d216d853962574ff2d5d97ff2264ad038e366adbf453a6e31906e73581d2faba30765be016afb9ad1e92fa7f2da54febedb437de999637

memory/820-4766-0x0000000000400000-0x000000000046E000-memory.dmp

memory/4328-4767-0x0000000000400000-0x000000000048D000-memory.dmp

memory/824-4779-0x0000000002000000-0x0000000005000000-memory.dmp

memory/824-4790-0x0000000001C40000-0x0000000001C41000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 00287dd400dc83870bfd5d063b2814c8
SHA1 e030e59dea70b66df91539d054db45dfeea9afc9
SHA256 5eec0cff9579cb01e346a99151dd10bc3dc090ec98fe08005e859337cbc99f16
SHA512 1b8d70e680767cc9455f037bc46bbccae9b535aedd5c2971e6490c83a80ab24434cd062d2186c32c8f8c35a4fd4d603224b36b504a73ce6d1b857a565a18a58d

memory/3144-4798-0x0000000000400000-0x000000000046E000-memory.dmp

memory/4736-4802-0x0000000002320000-0x0000000005320000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RFf834ae6.TMP

MD5 35d80435d464a14a03f0faeba746c172
SHA1 79dfd07d3522f9a23b0505aa6c57a3c3b8d8b616
SHA256 eb8a28d33ef149769b9fb22a4ef208e4aadafbb50a7357aa6cad1971fe8a5e37
SHA512 e2c619839dd3b43d4b1553037595ee02580aadec764c2a27b4420de88191c668ffd6fc96dcc8df3dc7d892b23e7f351d166bd8598996009a3375798f0d2fb49f

memory/4736-4818-0x0000000000120000-0x0000000000121000-memory.dmp

memory/4332-4819-0x0000000000400000-0x000000000046E000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\b92164bc-237f-4427-8c76-d1e99a0fe452.tmp

MD5 70690cea12b9588c61bd181d36e4daff
SHA1 ec71afd9162609ee1a91fef751ccbf6f8b4258ab
SHA256 2ad62ad1a033e2f6afe04ed712b03772f151434567d54a88c8bcc01d1226ff9f
SHA512 7de758e3ef19ef5ab413d2fd987b4af40dd3a47ccf0e98e26703964699212ee6e3312198490f6fcdeaff3fc15c03bb8dc690fbdf1eb777833951015220be950f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 86f2a92cbc449b2a5ffbd9ad7075c795
SHA1 ac7019931d346add03f8a97dc960e241ccf8a56e
SHA256 5fa7a43515ff06807b463ee4757134ab1556e680937611c46a3869bfd7d94de6
SHA512 222df5383a139ce3e051088a0af6eb0b0628cfd6ff4a3da20a30b27f70a0586c871a2866f035fe3736d5b86aa5166c181904ae87bda6f035c2b8e4f785a0a250

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8bd7fc3fec8c7ec58b11e38770dfde43
SHA1 ec5fb8e7a16bab2b9e5e665bce416bfa0e7982e3
SHA256 f5e00e8952cb91e272910932028908ac0850bf4b9391fd7de13f83181b4d1073
SHA512 7f68cfc068ce8c614aa9e0d7afc2b1a49914862e9c82482ee523d0f4f8f5b59f087e93239bd3172347f474e527c98c533434268836e404de3fa3cf52681221d6

memory/4736-4951-0x0000000000120000-0x0000000000121000-memory.dmp

memory/4736-4979-0x0000000000120000-0x0000000000121000-memory.dmp

memory/4392-4982-0x0000000002230000-0x0000000005230000-memory.dmp

memory/4736-4985-0x0000000000180000-0x000000000018A000-memory.dmp

memory/4736-4987-0x0000000000180000-0x000000000018A000-memory.dmp

memory/3980-4989-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/3980-4991-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/4736-5002-0x0000000000120000-0x0000000000121000-memory.dmp

memory/824-5005-0x0000000002000000-0x0000000005000000-memory.dmp

memory/4232-5006-0x00000000020C0000-0x00000000050C0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 15184da2c0490d41b39c641d4b2f5c46
SHA1 63a94b1997e39cea766e75d661f9bd7609a08b9c
SHA256 aa17133374d5e444db0f0f233e01144cd5b09bbf3cff3d681d169c97ffcec9dc
SHA512 78201d7d63c371f55e46b3fc152b3216f2ee30caa33c72c7a10f160e8bc1d86e4d42fa56902e9e646a61d416ba7eb608ad88bf761debb0526ed30f3be6407390

memory/4232-5016-0x0000000000110000-0x0000000000111000-memory.dmp

memory/4736-5024-0x0000000002320000-0x0000000005320000-memory.dmp