Malware Analysis Report

2024-11-16 15:51

Sample ID 240205-skk4msaha5
Target 2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23
SHA256 2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23
Tags
google phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23

Threat Level: Known bad

The file 2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23 was found to be: Known bad.

Malicious Activity Summary

google phishing

Detected google phishing page

Checks computer location settings

AutoIT Executable

Enumerates physical storage devices

Unsigned PE

Modifies Internet Explorer settings

Suspicious use of WriteProcessMemory

Checks processor information in registry

Suspicious use of FindShellTrayWindow

Suspicious use of AdjustPrivilegeToken

Uses Task Scheduler COM API

Suspicious use of SendNotifyMessage

Modifies registry class

Suspicious behavior: EnumeratesProcesses

Suspicious use of SetWindowsHookEx

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Enumerates system info in registry

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-05 15:11

Signatures

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-05 15:11

Reported

2024-02-05 15:13

Platform

win7-20231215-en

Max time kernel

40s

Max time network

150s

Command Line

"C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe"

Signatures

Detected google phishing page

phishing google

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{CEE85791-C438-11EE-8C96-56B3956C75C7} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b0720b1d8642c344adb870a2e917866400000000020000000000106600000001000020000000d5c4e0bf4cb87c2b382461068815ff65e16933d186baecd8be5f52c83174749a000000000e8000000002000020000000bc03e0ac6e48ae7311858b1a0dec731851edac85acbe5ae66ec386047a3528ef900000006343c6a619e3e2bd97fe317dd3bc674986c4c5ccc79b5916b6d32a2ad42457f49a7684036edc07e64131a783d7dd7247b5bacc8a42a223a6e98fb6a9d9410f8415d82aae766c054e88c1d662e6d52ab677a6bcb7c4de1365f7ee37ed6bb642def6c041934a2025bab547ea933d4326276544c67aa9e73c08c1f703d9676d87758441ce99c25b272b57edaec1e5ae280340000000c0afb1ce5362d95d0196d3ad8d06bbed780a384a7e3c82f764b14d345f135e04b85822aa069905fb92a0f7c6ac426fd729c1714916adc03c2a2ef5ff0b65918a C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{CEE5F631-C438-11EE-8C96-56B3956C75C7} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff5600000000000000dc04000065020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2260 wrote to memory of 2328 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2260 wrote to memory of 2328 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2260 wrote to memory of 2328 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2260 wrote to memory of 2328 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2260 wrote to memory of 2320 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2260 wrote to memory of 2320 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2260 wrote to memory of 2320 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2260 wrote to memory of 2320 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2260 wrote to memory of 2720 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2260 wrote to memory of 2720 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2260 wrote to memory of 2720 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2260 wrote to memory of 2720 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2320 wrote to memory of 1968 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2320 wrote to memory of 1968 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2320 wrote to memory of 1968 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2320 wrote to memory of 1968 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2328 wrote to memory of 2744 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2328 wrote to memory of 2744 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2328 wrote to memory of 2744 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2328 wrote to memory of 2744 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2720 wrote to memory of 2692 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2720 wrote to memory of 2692 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2720 wrote to memory of 2692 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2720 wrote to memory of 2692 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2260 wrote to memory of 1164 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2260 wrote to memory of 1164 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2260 wrote to memory of 1164 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2260 wrote to memory of 1164 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1164 wrote to memory of 1596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1164 wrote to memory of 1596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1164 wrote to memory of 1596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2260 wrote to memory of 3064 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2260 wrote to memory of 3064 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2260 wrote to memory of 3064 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2260 wrote to memory of 3064 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2260 wrote to memory of 2128 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2260 wrote to memory of 2128 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2260 wrote to memory of 2128 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2260 wrote to memory of 2128 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2260 wrote to memory of 2996 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2260 wrote to memory of 2996 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2260 wrote to memory of 2996 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2260 wrote to memory of 2996 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2128 wrote to memory of 2976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 2976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 2976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2996 wrote to memory of 3000 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2996 wrote to memory of 3000 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2996 wrote to memory of 3000 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2996 wrote to memory of 3000 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2996 wrote to memory of 3000 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2996 wrote to memory of 3000 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2996 wrote to memory of 3000 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2996 wrote to memory of 3000 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2996 wrote to memory of 3000 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2996 wrote to memory of 3000 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2996 wrote to memory of 3000 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2996 wrote to memory of 3000 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2260 wrote to memory of 2896 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2260 wrote to memory of 2896 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2260 wrote to memory of 2896 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2260 wrote to memory of 2896 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2896 wrote to memory of 2564 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2896 wrote to memory of 2564 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe

"C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/login

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2328 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2320 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2720 CREDAT:275457 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6759758,0x7fef6759768,0x7fef6759778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/login

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6759758,0x7fef6759768,0x7fef6759778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6759758,0x7fef6759768,0x7fef6759778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3000.0.167177619\972502375" -parentBuildID 20221007134813 -prefsHandle 1164 -prefMapHandle 1104 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f2fcfcb9-adfa-43d6-b4f0-ec9ed6623663} 3000 "\\.\pipe\gecko-crash-server-pipe.3000" 1304 fad5858 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3000.1.2342650\244159669" -parentBuildID 20221007134813 -prefsHandle 1492 -prefMapHandle 1488 -prefsLen 21610 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {51c8019e-fd5d-4481-b629-adfd9c1f3dab} 3000 "\\.\pipe\gecko-crash-server-pipe.3000" 1516 d70058 socket

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1156 --field-trial-handle=1304,i,2445848275959500406,9743102982663760828,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1088 --field-trial-handle=1376,i,516257967208339604,11577396215271094791,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1128 --field-trial-handle=1280,i,7983863820119538307,17498215304602214477,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3000.2.2105673950\201488496" -childID 1 -isForBrowser -prefsHandle 2088 -prefMapHandle 2084 -prefsLen 21648 -prefMapSize 233444 -jsInitHandle 824 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {58a35fae-2a2f-4450-b27a-ba71ebc76e85} 3000 "\\.\pipe\gecko-crash-server-pipe.3000" 2100 1a1b2958 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1540 --field-trial-handle=1376,i,516257967208339604,11577396215271094791,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1440 --field-trial-handle=1304,i,2445848275959500406,9743102982663760828,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1608 --field-trial-handle=1376,i,516257967208339604,11577396215271094791,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1464 --field-trial-handle=1280,i,7983863820119538307,17498215304602214477,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2320 --field-trial-handle=1376,i,516257967208339604,11577396215271094791,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2352 --field-trial-handle=1376,i,516257967208339604,11577396215271094791,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2708 --field-trial-handle=1376,i,516257967208339604,11577396215271094791,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2712 --field-trial-handle=1376,i,516257967208339604,11577396215271094791,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3000.3.1249265595\2056683756" -childID 2 -isForBrowser -prefsHandle 1972 -prefMapHandle 2384 -prefsLen 21754 -prefMapSize 233444 -jsInitHandle 824 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {363cd98d-15a0-4872-a3d3-8512008586db} 3000 "\\.\pipe\gecko-crash-server-pipe.3000" 2068 fad6d58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3000.4.446581531\1169122751" -childID 3 -isForBrowser -prefsHandle 2604 -prefMapHandle 2608 -prefsLen 21754 -prefMapSize 233444 -jsInitHandle 824 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {081d2a41-e913-4979-bbea-db499959d3a5} 3000 "\\.\pipe\gecko-crash-server-pipe.3000" 2592 1b173058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3000.5.1623672434\768926683" -childID 4 -isForBrowser -prefsHandle 3036 -prefMapHandle 3040 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 824 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7a808ed0-627e-487a-8d98-03f6db09db39} 3000 "\\.\pipe\gecko-crash-server-pipe.3000" 3024 d61258 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3520 --field-trial-handle=1376,i,516257967208339604,11577396215271094791,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1472 --field-trial-handle=1376,i,516257967208339604,11577396215271094791,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3000.6.1998243910\986084822" -childID 5 -isForBrowser -prefsHandle 4028 -prefMapHandle 4024 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 824 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ee52bf70-6b3a-4a96-b7ca-a10a32fa2038} 3000 "\\.\pipe\gecko-crash-server-pipe.3000" 4044 2000ae58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3000.7.1638092724\207424531" -childID 6 -isForBrowser -prefsHandle 4172 -prefMapHandle 4176 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 824 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {aa418d09-e14f-4b21-a709-032cdcb04668} 3000 "\\.\pipe\gecko-crash-server-pipe.3000" 4160 2033db58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3000.8.6274604\862211085" -childID 7 -isForBrowser -prefsHandle 4224 -prefMapHandle 4220 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 824 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2b1c9fb1-043c-4753-9bdd-17aefd8f09a3} 3000 "\\.\pipe\gecko-crash-server-pipe.3000" 4228 20224858 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2352 --field-trial-handle=1376,i,516257967208339604,11577396215271094791,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3000.9.1225400765\1238047493" -parentBuildID 20221007134813 -prefsHandle 2704 -prefMapHandle 3664 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6093cbaa-169d-44e5-b8b3-22b482cbc6cd} 3000 "\\.\pipe\gecko-crash-server-pipe.3000" 3652 1a6fb558 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3000.10.1740507498\1016982942" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 3360 -prefMapHandle 3380 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c39586be-996c-4860-9684-e7ef1ca80430} 3000 "\\.\pipe\gecko-crash-server-pipe.3000" 4712 202e3758 utility

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4412 --field-trial-handle=1376,i,516257967208339604,11577396215271094791,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3000.11.1578924992\454614915" -childID 8 -isForBrowser -prefsHandle 4928 -prefMapHandle 4924 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 824 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4f44ac51-3cff-4ae5-9178-624626334713} 3000 "\\.\pipe\gecko-crash-server-pipe.3000" 4940 1a10e258 tab

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 172.217.169.14:443 www.youtube.com tcp
GB 172.217.169.14:443 www.youtube.com tcp
GB 172.217.169.14:443 www.youtube.com tcp
GB 172.217.169.14:443 www.youtube.com tcp
GB 172.217.169.14:443 www.youtube.com tcp
GB 172.217.169.14:443 www.youtube.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.35:443 facebook.com tcp
US 8.8.8.8:53 fbcdn.net udp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
US 8.8.8.8:53 fbsbx.com udp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 172.217.169.14:443 www.youtube.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 172.217.169.14:443 www.youtube.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
GB 172.217.169.14:443 www.youtube.com tcp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 44.227.167.82:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 34.160.144.191:443 prod.content-signature-chains.prod.webservices.mozgcp.net tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
GB 172.217.169.14:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
N/A 127.0.0.1:50081 tcp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
GB 172.217.169.14:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.180.22:443 i.ytimg.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 i.ytimg.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 142.250.180.22:443 i.ytimg.com tcp
GB 142.250.180.22:443 i.ytimg.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
NL 142.250.27.84:443 accounts.google.com udp
GB 163.70.147.35:443 fbsbx.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 facebook.com udp
US 8.8.8.8:53 facebook.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.35:443 facebook.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.213.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 163.70.151.35:443 www.facebook.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
N/A 127.0.0.1:50092 tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 216.58.213.10:443 content-autofill.googleapis.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 163.70.147.35:443 facebook.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 rr2---sn-q4flrnee.googlevideo.com udp
US 209.85.165.199:443 rr2---sn-q4flrnee.googlevideo.com tcp
US 209.85.165.199:443 rr2---sn-q4flrnee.googlevideo.com tcp
US 8.8.8.8:53 rr2.sn-q4flrnee.googlevideo.com udp
US 8.8.8.8:53 rr2.sn-q4flrnee.googlevideo.com udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 rr2---sn-q4flrnee.googlevideo.com udp
US 209.85.165.199:443 rr2---sn-q4flrnee.googlevideo.com tcp
US 209.85.165.199:443 rr2---sn-q4flrnee.googlevideo.com tcp
US 8.8.8.8:53 rr2---sn-q4flrnee.googlevideo.com udp
US 8.8.8.8:53 rr2---sn-q4flrnee.googlevideo.com udp
US 209.85.165.199:443 rr2---sn-q4flrnee.googlevideo.com tcp
US 209.85.165.199:443 rr2---sn-q4flrnee.googlevideo.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 rr2---sn-5hne6nsz.googlevideo.com udp
NL 74.125.100.71:443 rr2---sn-5hne6nsz.googlevideo.com tcp
NL 74.125.100.71:443 rr2---sn-5hne6nsz.googlevideo.com tcp
NL 74.125.100.71:443 rr2---sn-5hne6nsz.googlevideo.com tcp
NL 74.125.100.71:443 rr2---sn-5hne6nsz.googlevideo.com tcp
NL 74.125.100.71:443 rr2---sn-5hne6nsz.googlevideo.com tcp
NL 74.125.100.71:443 rr2---sn-5hne6nsz.googlevideo.com tcp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.46:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.46:443 redirector.gvt1.com udp
US 8.8.8.8:53 r4---sn-1gieen7e.gvt1.com udp
CH 74.125.173.169:443 r4---sn-1gieen7e.gvt1.com tcp
US 8.8.8.8:53 r4.sn-1gieen7e.gvt1.com udp
US 8.8.8.8:53 r4.sn-1gieen7e.gvt1.com udp
CH 74.125.173.169:443 r4.sn-1gieen7e.gvt1.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.212.234:443 jnn-pa.googleapis.com tcp
GB 216.58.212.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.212.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.212.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.35:443 beacons.gcp.gvt2.com tcp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com udp
GB 216.58.201.110:443 play.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.35:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons4.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.35:443 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 172.217.169.14:443 youtube-ui.l.google.com udp
GB 216.58.204.74:443 jnn-pa.googleapis.com tcp
GB 216.58.204.74:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 google.com udp
GB 216.58.204.78:443 google.com tcp

Files

memory/2260-0-0x0000000000E20000-0x0000000000E21000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{CEE5F631-C438-11EE-8C96-56B3956C75C7}.dat

MD5 6683dfbc95152aa5964785a60a744068
SHA1 d4f5dddaf392e806aa08b71f619f4cf8253172ac
SHA256 40f58e63c719a987c71ac5bef62d534b97cc74626542e9cf4472c001abf0a868
SHA512 2b0967de98e1b8ffe04c82dad6b1694d052ee14bec5ea5b9c93ccf4019ea5ecb0f7ab7a5a2627dbcf3a7d05b7dc138fe331b2bb3310c55c4b188fe9fce0e7f7f

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{CEE5F631-C438-11EE-8C96-56B3956C75C7}.dat

MD5 d928e283e2141af407ebe7a3da6312db
SHA1 b95b2547f2661ae63651ae6553dce6b03607a10d
SHA256 ee093b84260c9d35eb14a8ecf091bd55578eb18aeb0f408db0f5e5d7c736c4de
SHA512 95add843fda222f37a230275fb8e276b09c929be8b63dd8927e037698686d693a81a93090e8812ee5436ddb0bd5c478d7d3d7f1473511aaf15a97c7eba129528

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{CEEAB8F1-C438-11EE-8C96-56B3956C75C7}.dat

MD5 f63d970de457f03eeb4e3e62bcc53679
SHA1 e89744054338e8cd4836e30655fec5851a3388af
SHA256 ba2f5b27d8741c5808531a41fab70d808d6a21707846d929e5c4f115eb3a0f80
SHA512 09cb4bc7c5347127504f66d90e5709ba1c7e67e7b0914f6f366fb42bde9bd3751b4d713ad8c5b3da4e2247df251cdd5804a2fcf3f05e37a11ea43fce83a342d7

C:\Users\Admin\AppData\Local\Temp\Cab57C3.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 d022364e647540f82682adbc0be0a7dd
SHA1 f03fafca1c5741ee1a6a705b07ee7ce918c9ff94
SHA256 b9a18d9fd953a2f69b1e7d3f47b4a73e26b8a14a8c56bd9ac12712b331fe84f5
SHA512 a7972e9c44792ca783aa741ca4a6c03a10227dc9838ef82af6023ea9efefffa93d7a458b1baed00d1c5bffeb1d7405e90cd6498751d40723ab0cf7974d5cc912

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 85d22d189006cdad125d1a60316750c5
SHA1 393d9135a78de7493ce31eaf0a3907e23cf229bc
SHA256 32ed36c8167c5a2e35603832bf4bea451a634c5b980a1e75afe4c328e80af160
SHA512 29128892278831557d80ee461dd415b02e4fffe21a545492dd2d41b13bcdad58894c198d5d809e9a8ea51b70f42abd7fabd3895f1d55a39cfba17e505a088273

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 94a06e573577132c451987aec7af0334
SHA1 ed698ca4a17ae9071333ce63b40af89b7a542708
SHA256 46530848f50ac2a87541a01d9c84114e8f301db60847ce958d9b5d4da1e9d8fa
SHA512 8d6668ffa28471dbf39a2d257e303cea55232458928f527d880b192d43d16b8b8af37e79636a2e7fe6a35950b3105314488b41c24db34095bd6d574a071daeb8

C:\Users\Admin\AppData\Local\Temp\Tar5871.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a5df3998dbad48575ca14f27c2c2a700
SHA1 167b8dcc0ea8b067de2a1ec6b6f924d6954527b4
SHA256 cf3015adbfb293790336e85cb32148069949e623335b710edce806b0323e9799
SHA512 26c879962dddd04a92debe3887c102dd410c021f6d6d9c45f14dcec03c84ee890802dffba428b40839a0f9e19c40b9f003dc4d84a8bba3556b9bb38b71fde8fc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 3ec8c91132e095b075fa261b244b1ed4
SHA1 d95329b380f1524fc6dbaf87e3c301c7d0e0d095
SHA256 6e62e8c6f8f8d27640799164e879273db0d2ff543f7941bb0b0aa605eb3f6a03
SHA512 03861f7f78d83b56bf159af29d7f320a5b2ffc19d2f33a467db6e4f7a734041247594a854e98a530d71cca4d62d495ace29ae041cc2e5fc1b44de9091f0d8243

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bd4a8683fe0a42fbc27ac52700feded3
SHA1 0f219dd38727a5312760328e8a5013f26df4ec7f
SHA256 817fd3103d2efaef7050b1713a58e623a30e670984eac0fa87daa5cec4ff200b
SHA512 bc0f5decbd6098f25993fa651b78dcb0b23a9710b85a872fe25adb8c28343ee8a1cdea0580e0b85de9d22d15b0490e562ef411a2b964eb225d51eecbd2aab314

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 256cdeac6dda6c648bd55a5bf3ea5848
SHA1 14288d46996d92bfd3968d54f8391764ebbc588f
SHA256 0c59ccf89bc45838cb0b8dcd90af60980484e5e8e2318fe420fec4eada912e12
SHA512 b58cbc433cccc497ca96f1816fe53b43e7d75ce8e60b852408e9a6f1acd0e6c85d78b3ce3088b8d1a03d7418ed83a1b97adf1f086451797a032baa1ba366ddd7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 9443fc8cf2dc5d1e14873c8249a5d69c
SHA1 e6b1733228d0621df190c8fa95c961cb9a40ba64
SHA256 de3c1dd36b91d18f1e3842375a59fca4fddd3a880f112cd21ae3316d1e013562
SHA512 dee6fbdab0ed68a0ea3f92b8710643bdbf7d4ad66d230cc34e6f95d28fe2ab52993064c332ddb4259174479e264ad99358dfa2b8bc667d67022da88009d56444

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A89I98IL\favicon[2].ico

MD5 f2a495d85735b9a0ac65deb19c129985
SHA1 f2e22853e5da3e1017d5e1e319eeefe4f622e8c8
SHA256 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
SHA512 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\f9yyw0t\imagestore.dat

MD5 d73406ee3a2701ba9e187e7df995c8da
SHA1 50b08b0edc2c7065298b4db23f36d178da2cc241
SHA256 cb5406dfb943570ecb43e70a3b8078a4992fbfc0258ea4d274efa35087c20abc
SHA512 d30e984381f983c8defa4e9409ab2b55bdf8b6fdc30b9f89ba54f9cc9c6b33c5d5a4686d3d90f9345e57a295714ded9cff212dd5a89df5ac347f832465caecf3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 85aba89c53bb7c2a4f540128473bc3b1
SHA1 493feea8df0a909b5b0e0cdc04c86b193fc76f27
SHA256 98e383259fd9f2d438b50930f12b97f0ecbfc10365e78cc24bb6154e2ca888f1
SHA512 08a64ec7a30d04da12cda38456315e19c1816f9382de4dfbc9646a2a755d7eb8c299334246b3831d63c2d668b369e1c2223ed3a570e0fb10537272b2c7402614

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U1J1BPYJ\hLRJ1GG_y0J[1].ico

MD5 8cddca427dae9b925e73432f8733e05a
SHA1 1999a6f624a25cfd938eef6492d34fdc4f55dedc
SHA256 89676a3fb8639d6531c525e5800ff4cc44d06d27ff5607922d27e390eb5b6e62
SHA512 20fbee2886995c253e762f2bb814ad16890b0989deab4d92394363ef0060b96a634d87c380c7ba1b787a8ab312be968fed9329a729b4e0d64235a09e397db740

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\f9yyw0t\imagestore.dat

MD5 f9b36f60f308ff6cf1414f54b76060bf
SHA1 9d9d104eb7d8ccb457a2d47d4ea99edc7f646699
SHA256 7af808950ea500c8166192a7b79449645d001349e449dbad8f12570a3abf9add
SHA512 ae7c63d3f24c202db5971567dbf4d8697cfa6730b2c1ad2ea888c71a3b52ed9cedb56cfd1c0492e941b632a0dda50bfb370b24af4f0070b05ca8c71e32731769

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E1CCB52I\favicon[1].ico

MD5 f3418a443e7d841097c714d69ec4bcb8
SHA1 49263695f6b0cdd72f45cf1b775e660fdc36c606
SHA256 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
SHA512 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\f9yyw0t\imagestore.dat

MD5 460ac9b9a88df55afb974b2c44c725c9
SHA1 af311549fc99edd2e8e9d264972ca275d4cf2d56
SHA256 9da47407a83b9fafd79689e5f79347052b4add2d42910c32c47b1b49a8535df4
SHA512 958c7f8f2e3a58845c8f69619daee384d4380d7283a13c8ca407b9c752deb4cd1e258cda8e35a5e2479b74d14cb525c4b7a8657a438ae8663cf827fb5ca5e860

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\REEU5L69.txt

MD5 2b561228ea7b069bb2ae150f5324b736
SHA1 936383fb2dae069639af449750e4bc9f437c940c
SHA256 3510ea55fa24d262f462c5a41736ac7551d25c0763d67c290b38516d01e1dfa2
SHA512 03f115243fa2c91df745726654b6c16bb82cae0ac7f6c8872523c3c6f9b584f59a1aaa9c1c8a87caa1577d518abc3682574270244f9570ee317a8104c5b9d24c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 7d10d6a2d05142b2f7de42728ab93a9d
SHA1 dd26f063d2bf4688cd996ea46ec9c79f9702483a
SHA256 a06c2f6ee0ae9af14551ac19e95835bf20b775d835b558529eb5979d474f0919
SHA512 74738a2f5fea62431113b09022d031000ee1ee3fd15d0c02dcce313c1f67d7c9176d13a715653d1fd23ed10c8c8fbdeccfe09bdd17511e3f92e218ba151e9139

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 3ccfa48050ca389256b43d6c573c28c5
SHA1 1c36606678a42db701cb2980145169e2c00a02c4
SHA256 cc585f332edc8a2f34bee83e8691db1278ea6a38321dd94ab9dacc3dd7a3a4f6
SHA512 c78c124bdd1e247dcb2fce185da3211d061be23e5665a87972da9f28654c71ef8b7b5ac8aa9d3986e9256922250d672d9374b9080465dc1d47b620026df4c14d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 688589a603c586ad34d1047c1b992e1e
SHA1 433b3aad2c3179619a148b4770c421bc07f2d26c
SHA256 059764c047aef103ae2bddbc787ecbf56a4e37f56e71ecfa8b850c7216252cc5
SHA512 c34ecdddc45b09089f309b7f1723657cf7d8245c70ace5498a0c437dfb15151f3b457f180ac2842b80e06c0eb27ff1bf7f103361603c4b877ea0f5e74a55d40b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5df97d704eee5ef49cbf7ce25c5da9e8
SHA1 bd66f97476790663d719bdbedeeb4514592aebe9
SHA256 862ea83a7141fa82b6377dd4f46af2d2f12e85e1c5e730a0b2f90a56a2510975
SHA512 d839deebd681575bb29381172fe31eafeaad1cd403fe3ba77c7843f490ed5d970f5705e333f4655972fb70b75c7573984dc786c90b4b7ced237d939b33a0781a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 51a1d86e59263b046460274949666cec
SHA1 5dcbe8bd2dfc80b2bb22da4838524e4cc6182e26
SHA256 ee3845487949c4664d54831cf00c605fa4645bf5137c268bda58a72b3fe5bbd0
SHA512 dbddaf97c31a7e55f4b53d3477a739e3d86996655f17b80fbdd8ba59af3ef33f5a53476c0db2766b3ad0c4660f0d045f4e3a79fd8b8c13f4b33c0673b5c00524

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 303e24ffb085e0c2a2f54cc73934a9bc
SHA1 f35a7e65a88ddde512664f72603c63da63911cec
SHA256 c7a3c2624e08e4ee6058f5f2e0e689c9982141cdac9659741d7458f69bf2445c
SHA512 018de48cac5cd8b2937d13e3f4cb772e3802f472b3975f9930328e1d9ad836a995c5b252a71d1d3cfe75715e42dde6c7d35c4abacf3f14b250c7733e0a36d5af

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7dd69129044da26df213312206f293b2
SHA1 bd8f11edee2bdc75462b2244b20860d0e6ca67f7
SHA256 630ff685f56563925e6298a9503e7cafbc183fa90a49771dd20035863a3c1903
SHA512 d1e63d65a5bc474b266d367159c36db3cb1812149dc918dcb7a84f4d0d61a934926a510e9e0999c06b966b24aa7d0b364dc4992ffd5cb56fcfb89920deae8514

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d9b18e8488dac1a332ff3c58a2b2b0a7
SHA1 b8233a13ab31a7bccd679bcedc21eb05d41fd372
SHA256 4aa8f3303756030a4865e15cf1fe3cc49a0782218614bda89254ce07877eefeb
SHA512 ca96eaeadda2c0c7ac0745433ce5a599a6906b735b82dece61bb81f8190721927f0c767ab8d325fd4097eb871c20fe61062b09b825a144da4d3367dd1b761aec

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ebd417995b017db5c9b71e0439e05a61
SHA1 f6a4e93b2b710ac635108ed4a0f6a1e511b63bca
SHA256 b1021fb844c2f942e81ee9e326793c94f87c6b5e90395e148992d1cbec50661b
SHA512 c2e37c237ee26a647d1f5131e71e98505ed0d302bdb585a4ffe5a9dd47f3e18faf105caf2434c8eb819e41bdd6bb3bad0e27ac4e62febe64a24811f39bd3f0e8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 78b660d5c68f4f339a3acccf22f66e98
SHA1 949d37e8566dc9099f0adf72c0e39e5ae3d90983
SHA256 edef62e3bdfdaa3390c8b3b675fa6facdb1ecb7f1d5f9376768d5a313044253f
SHA512 f4c494dfd019d4d3678028ea52d968e2dc53b4581f074f91acb2f2deb77fed16ce98936f8a1ba4b20fd111ca9b30d8a8f6f0769bafcfbce94b1b6275b7d82dcf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9ca852ee184272e43bb5c1c5861950e7
SHA1 2e58c77a15c63d3f17fe3dc31461d072927ba076
SHA256 e1c782ed43a8375bd1cea68a90bced91d5e8abb27c2fe50811b95c203cb23814
SHA512 96fd573e4a18ff5f5100ead09d41f2cb6f1daf13dc49b332b092ca5e0335d4bc62deb0cfe4a88eb4aaa5563d88e18b2092d3b713aa0579d3252f75f77a409255

memory/2260-832-0x0000000000E20000-0x0000000000E21000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 39ff684cd3d1d94c2fb6b46100f307d8
SHA1 132f5fb5a6dcae572dbd0ff97eb367dbbb9c87b5
SHA256 c872f03f360cd719310fd2303105d47b8ab815561280819e5fd03241e8029959
SHA512 419b717a78bfa29fc5f8d45515e1c50cbb2afb8702b5b152c9833c63b25f951a70eb0f2c7b32d6ea1ca747175753e853d62629ef51eddf91ea59072f6e8a0cd5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

\??\pipe\crashpad_1164_VABGRHDRXEPLIBKP

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 8549c255650427d618ef18b14dfd2b56
SHA1 8272585186777b344db3960df62b00f570d247f6
SHA256 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512 e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\83b7194e-3ed8-46b6-8265-58c2cb973347.tmp

MD5 c5507c1aa4d60e1523cdfdf66661f12e
SHA1 762cc181cf775a94e3109b9ed812dc7d6219cc17
SHA256 4db6c8afc9f5f1a30483b72017d6905dadf72beee830bc966d31f72d2d0278b2
SHA512 db983d2b141a232851984b65e1525e03766778907264a60891a4087c96df192673d7a6571f1b42dd1ead18216761c2f09295a795db9f8ebb54d6719c8dc64440

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486

MD5 431af0f76e82dd8d64cc909255e76c14
SHA1 6399adb3deb46400d978512eec7d6f693d6b07b0
SHA256 af7a83a07eebd9b4deece7ea133a0e066ccad1e826289a9f741f65b70f652294
SHA512 69acae12325cf3e238a9c5ac31f36e2d2deb413b689a701f875f291cc3a4f7bc0533766678f9059cc96729476c7ce6034b1ca0551014cb9632be153960ee0949

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486

MD5 96c82d2222584ec88da4038af21a9599
SHA1 db827ac23754e4c3b35f2c9ad0e5b9883eeb31fb
SHA256 8076ef95d448eb63da0c302b06901921cd28ec8e2b954a62a35cab365d8c705c
SHA512 f5295ecc4619e096488cdf1804b6d6e78e07ce3a4dbbe8c6b132a0e99a55e9b1c313cbe85d5bd824f100b84534e0b311af66a5f5c866c4b7bfd5c0f48e783300

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C

MD5 258e8dc832e449ea3fa33950a9710c0c
SHA1 a1507f84f042e48ff765efee44219319540e48e3
SHA256 3da27904623a574ef63478aaf817bca42ca40ae1cfcc56c5beb5acdbecb88309
SHA512 bb076b72553348ac58596490d91c4dd043c94a416e4ec7b06078ea1e8e48e14f8340edaa288466eea9b25bef68a99433846a2ed70ceb6a8352271a3c7e83daa0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C

MD5 6b5cc191e4404e1787afb240e0ea44ea
SHA1 03362321488aec760d301dd180c8569f05645dd1
SHA256 058f955957af07023ac0bc2b07813ae03c4c05d6a915d23a0d7594093f719a50
SHA512 5cdac7e2b2920052467d7a6cd68f9cbc5e3724b0ed743e2b2d4f01ab817a458029518f8e16f486d76efb14d7ae37be465e0368adb56d623de2f74939b8bd512f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 1b369d1ab564a08026fb5b75cb960653
SHA1 7fad1567e369e42eed469aeed3c7d37199d124ee
SHA256 9040117cf8119d6ba62a77382d2850fba369c7daa521add92e4e8b115a6107ec
SHA512 9bb30c5e443e5d2bf7c2a4b77e1f26ab622c38cd3ae05fb1e490371cbbf85c6cb391a16abc8d5c9990d62823cd26018fb8abe10ff29051f9fda1e5be9475916e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_E0EF119F4DBC1E07EE4ADC4F4CC7AB93

MD5 4fadd05fa114c91b5e390a602b6cbbdc
SHA1 cb18d78bc6e42cb0b42fc07ca2d9d546872f2cb4
SHA256 1d67f115724b019fc5e8f62fa59faabb9198aa3b8642befcb01e19f9eeb35885
SHA512 b6bab5b0b03743b927421e82e7622345e772dae51610915c07cdf0c97f0a7be3e0b00f028c69d4a04c25a2da8405574f0f667751168c87148911c62c8a5c08e7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_E0EF119F4DBC1E07EE4ADC4F4CC7AB93

MD5 c2100146ebffc522b7a425180b5fa3e0
SHA1 51b017260793a58a1e860c7abff7c47aabfe4644
SHA256 0bfe100689a47c19657336d16a139e2c5de722d14a151a38414d26522468bc17
SHA512 b0d58e482d3ca81ff121fb7546d48e6868b064c71df6a40057ca0257df20e96138fd1f70f95f7d31c9f7a13f08e97cb69a3c4e2733d289967583308d234e72c2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 9613d86d16668d367cba8e4fbefef1e0
SHA1 4f5f4658c554fca0ff959fc20431f3d17c2b5f21
SHA256 cbb79764c688b7fb079c05e6f8304a7718f8a482e4e55733405eb1c29268140a
SHA512 980446f1679cbc22ba15f95f195078b10e162a1909a71ef585cb7e66d8f2d2b66e9a0fab1a686a21eb160175b894fdaf5b870a827472887d023017431b27fb8e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\datareporting\glean\db\data.safe.bin

MD5 cc05afd225072db966b30a3ec4155810
SHA1 55b1522ea485eda354f83bae7927fbd7e19fdfbd
SHA256 0a1c94f4726c0a9bba3f224ffd38d62baa695c8cc8c178e5c7affc1ad9af0c88
SHA512 8eb49f0da299914a1c4b46552f639d22273a32fefff7d2b62281234fc00158bd8f14fb0de953df464399f7fb2a915debd34770b484d7b4cdca81d923f5ec658c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\datareporting\glean\pending_pings\eccbe9f9-9355-470b-99e1-752b70eda2e0

MD5 e21fa9a3dc5931daee742ea1fd98a855
SHA1 e4349a6b39fb4333920a8b95e1c8609714501d6d
SHA256 e2db0bdadab6abd9ef835194e521471dda9085a5a85f866fd361392146babe6c
SHA512 39e1cf92ced51235b2bea03e7f962292226a36e94df7e7b850456629ad889b6420dc3bb47b3efc5c799990634a45ecafe757b32daa8be8686a7aba4f304ba198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\datareporting\glean\pending_pings\4342104f-2c1e-4996-a547-4c88eb45c7ab

MD5 1d5bdf3801c80b5a0dc7541ccec930ec
SHA1 3d86b6546753f782e8f37ce017cef00d6cd3aa8f
SHA256 633fe99280bc76544898462e24cd6dc15efbdbee60bd8ff7c6465d2d6705315e
SHA512 224eedb5a3926426b18f25a27800112cebafceb9e93d6cfd08c04619ed8e9cc0ec12c8c5794b34f650f4c0d218e68de872f657f24f496a75e487d1ff40b704a6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\prefs.js

MD5 7fa93849d45d10f29f2dbb8c9b733d11
SHA1 080118fd5cb9545f00e64e0949d808bf99ddb081
SHA256 4eb0166b84a25aa60fb9c19a045e15cc0d287ca277e855c715ff5dc8ab3d1ea3
SHA512 0be7de6f88eb0636da7801cbfbfc1346c2f7cfbbd5a2bd4486b60541d3e1e7831db7efd3c5241981d8df24905f4cf0c6ef4a8bc1dc1522a18dd35942d93e3f46

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\prefs-1.js

MD5 8e73e764fbca922642fc1413aa5e9918
SHA1 24cd93131b51e98d043c1e304356ed3acfb7ba9a
SHA256 43f7db6d4299083dc8179a877010f104f371ca4b6f7bdf8ee6ae883a30536a74
SHA512 89732f48530d070f2dcc17af41ed473c2e738b3493dc03f7d6c0b3c46fb8a04c43f6d773585b1bbfbf21989365dbd35d7772cb07a90208d485ccef4aa5f34c96

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 1a3730d2c03dc5dd6ca328fd31ffae25
SHA1 ea5ee0830758e5e374b9b6f4ea53c70e988fd1df
SHA256 012dd7b1a2c6393f6d04e1dc1a0785c8bf243fc9afe8f36c1ed5915f164e6579
SHA512 2643624c1f3dd3f16cff9dba22b70f926e2aa24478d90bb8392cb563d401ec20cf7377a2d8bbd2f04f662abb7271d1167a064a5813fb58175ec2cb352d6ec5fe

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\sessionstore-backups\recovery.jsonlz4

MD5 d21c8c9acfd3c4969b85a3f68238f9d1
SHA1 d4e20b21819c25169ff05eb05b61dcde07fb8216
SHA256 ee7b7a908da2ad89743863ae44d9bf4b3e71cdc869086b000983206d11265968
SHA512 04a8b3d4cdafcf89ae268ad7a4b23930b54027043f4e5ebdd365069d263fa77abc6949d2a1c76852ac4f6625d909c3ab7ccfb6d1bbd53cb4fe223bd9c0c2a6be

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\prefs-1.js

MD5 8c77e69ddaab1b7b3430e380454dca61
SHA1 bf0d1a0341dc9930c10789a0e3b2db8b698a7121
SHA256 b08538ebc2b12649f9330d8aac98453c1042899d2a6042b8af34e17a2ac31876
SHA512 f826665000b29929969e9d9661f3bdfbb97632f803099d7a9e93f8c6b60a53f055b465fa966d3a38819f72de38214deb66757c3f5d3f72fd5bd79795b8a585d1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_1C8038BAE9D4E52C4463A14FAB50BBA7

MD5 1767fb4bf4a586991e55818433de8d20
SHA1 e6d5c9dfeb100b35bedee6ec58849133f712d217
SHA256 6e454ed6e4d49d896e59d3712f5873ba950f95b4b2f58802bac434dfc4cdcdd1
SHA512 9c091f1fefdae83f188572800526d102892a07ecf7fdfc3261a62104a12ac4c6a695936be4ba4eecff0fd28c6380ade3a43501c5f775796a4cf946c587592e24

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_1C8038BAE9D4E52C4463A14FAB50BBA7

MD5 5866fa24d142039d06af1b4a678c5a3c
SHA1 d3eee63bed68bb0862a54285c4145daad414d1f3
SHA256 4dc60689142afdfcc094116d9e68c839dc387ef3c635a662814da489fc4324a6
SHA512 165a228c9057c6bc8d877094e1cf5c990c9fc55bc7fdd941c6d675cc05a8633c958649059b1842dbea130c7f17911506c60433824f2cd9c3694f35ffd79a9b4a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf770925.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\sessionstore-backups\recovery.jsonlz4

MD5 6f847d6d598199e30c262b25ba205dd3
SHA1 169a1c18d2f71e750caa24239d8afc5efa2c6f7a
SHA256 de4d2bc75a77bd67f962c7c0c65c5ea60408585fd4e7d69c3e3b901c6c4b3b89
SHA512 7a4ada9eac600401633b5d7f55490275ac5c6ef9e217ce50e3ddaabc4208eb347154f8d022f1ed0bf765ece0b8c57477a32a5da319582270eb951de60e217a7f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\storage\default\https+++www.youtube.com\cache\morgue\143\{5f953ded-36c1-4ed7-a3b9-496f9ba92c8f}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ece73997b78d35abd1170e7b7f3eca84
SHA1 939f66aec1a611e3622f390552f5c44215639777
SHA256 bfd530b8da149396ea08acb9e4591f328a06ede08fb02ef6d7c0a2858b32726b
SHA512 1497753a8d03507cba4359a6c40ecf8adaa826bb9e84d46051eff2e32c6b8e152cbb4b95be6ea8baeef79a04aa98d4005c6c7b3ad658844bf9804dbf1a7a8e0a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\storage\default\https+++www.youtube.com\idb\1783613902yCt7-%iCt7-%r0e7s4p7o.sqlite

MD5 82e7556e24bc3e749d2ae9b88e357138
SHA1 93f3d05844bc618729f639649eec6de879d0fcc0
SHA256 e019a71da47fde9c295af081c1a8f7edac27fac6673a30ec49dff2d8ec5c74d1
SHA512 26753995e66b62c77911c2a2901fc89db4386d7f97a1dcc44e7ed23a0cff81a2d159cdc7398e9d55234d1e48452da5f0211adbb594a752d4260dc87feaaac557

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 1b52a9f51bafb39212bd494e96e68b76
SHA1 9ab1bf7da1506048cf0aeb7a8394f02c8be54d54
SHA256 d7d51c28212527464c43d2afba45275f22c77005e4331289f107a3c790092f3e
SHA512 c769a63959d4ee011fa553d0ac5ffb464393e20db96f65b39f2bc478d110f3977e5e8d09511745d0c625452aa1bbbfc4918f4983a3d3993f01b95d292b0848e1

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\prefs-1.js

MD5 11997b568e92f32e8aa084d54d052060
SHA1 aa694b81741d81dc8cf14ab3424c216a20861b0b
SHA256 efafef823479b1acf28de69ea7a43fe2364391725010a5143a4c6ae084e97ce8
SHA512 3407ea7e05105b4df0fa2c832d39de7d41c624943d07a47c6969c53918ee3bef0e82a45332e17b8606d30fcdbb59b3ca3bad6423b79162b91548e8f766e8e7ed

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\prefs-1.js

MD5 c8b2de459740e843f8cb976056597815
SHA1 36490a48f31b0bf2db1f072baafd2ff0cf5fda28
SHA256 dfc97233f3a5ce141ed119c3c6d2edf27416545ed6664f7fa4bf64c79d83cf5c
SHA512 55e7267323881faf6ac11abcad299c5f427e3c66cdc9ed8d803dc8d2ee951bffeaef8370b5465ad0fda0d8ea56d1824a418ffeed4e713298a01bda89552a7854

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6d78a27107a10e594c38754cf78401ed
SHA1 daeca8bd26f054eb935da1b2c840e3a2a5970dfb
SHA256 a0c6ec3de80ecdea92fca55b57c101a43f2ec9ba9159b29e8ea4cb85bb06da67
SHA512 54b30b3987a8aef78ed23c91981a2cbce5c69c67a0983db276cb93567011423c43b4d6ef945dd79725481b606120d174adc8a7638b18c6b8781192fd58bd1b95

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8377b82e8d2e8ea3a0aef152db3057a6
SHA1 83a304379f0e6b4d0238e4d0031190ae654ae0a2
SHA256 a7d7196266c1c362906950ec5eb1058511a4bca9bdd2e3fc581fcd51c5c17cf3
SHA512 746d4ad4f703cc507174d25cd0671d4674723658e8b0ddf325c73b0884e9efbef7fe845f86f2abaed423ad4f5386a5309f5aa54144ce950459a182a794c7dd50

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f3cb632778a4c0c4b9171e757bfe3692
SHA1 e7a229c6bb386947b97dd4250f80e12351df2e87
SHA256 f98b2b4127bea6871078114ce1de362a25d60c29f90feb69b77ae90b09f56536
SHA512 a98e30ee626eb3a0e6b4b271de19dbec71eb6475d4e488904b135262495801c92c6be85210ec167a54191cceb9713da4d999f2362cea41d5b5f23a0c844528e9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 92bcec466fc7e0a1753757e616ea8ef3
SHA1 97e057f8cbb25862508365a4a8e5123c91d848f6
SHA256 83f9e9149d195704044f528b77198c47a9d5116dd622fb5bf8b205cb95bc69fa
SHA512 dc4fd54f33a20d4971ed0b238e2115cd703f94acbbf6034df3cbf8680eb695f295e68aadb17008777baf89dab7d314649ac744095a165ca787de7bdf50009594

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7b60afc8ca4392522a873eecd90f47e6
SHA1 f7550663d128fd9b60e6672690669d36d24561bf
SHA256 fb9e06867ca05109a55d57d96cd81ed20dc738db489dfb24cf3c1502f581ccef
SHA512 77dfd4f3b5ddff16853e27b1f8bc3aa7865c6c7dc8338e619381cf83aefa840ebcf19cf71e2feec368ea8860b0823cfe4af890c73f8626310efc71a414c94542

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 eb9e8ac1531f96732987a3f218c4040e
SHA1 56d7bd709aa3b122a875e857086aadc014cd9614
SHA256 381a9d9c0d064e372ffc92a31c5cd61ed52dc1ffd19452079eeb138382b237c6
SHA512 47124ca9ed9cde051c05d996d600cd88addd369a5d9bf91f53eef217c1672094cabeb16366c35d5c22fa61fa28ee6ca923e7165377c4147f6fb9a8a70e9a8f18

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bbb2bf91b657b701c37e743bc8d11279
SHA1 a16e6c71230ec77cfe28bb5178d18c8937c19dda
SHA256 a7c9fbe74036fb5dbee5ed16693d535a573d94a2b4d9167d06e82ba5bdf8e342
SHA512 e7db177049870bf2930b38f52515f5f9eeb7f76cd857e839a4c884962723a5948c16bd63e3ceb57cea5c8739527d5ba8b9e0c0a38975ef926dedd6e5003d959c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 96cd31c02b2fa096e574791d80cc057b
SHA1 6e24fa03ccf75033ff874a12f26e6a78e86633dd
SHA256 683d2a45f35a4cb066289af18a6ac20a9dc95dc5125ab91fa67dba55f7c8e53a
SHA512 8a231cd7442912744e4bba468b3e7b2af68106a68fa359be7ad773e480d8a2c60e0e83f630c61d53e2cb66570e9cad2a05b88e8f5b0a67d42211f2fc12ab7df6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 6ee40d3f727ab129a331569d54b01855
SHA1 3c6471cf61aabc1f241db791942cf58c4ecf6329
SHA256 6f5b11ec8561dc12a0bd6365f9942b04a1e89f1ee4d410f0d412ec53788140f6
SHA512 81dfcdd11b0c9cdcbfb8f7af5a204e8af33699f9d67ca0fca5fc0f9f0790f038b3afbd20adb8b992d3e34f31ae6230d44b1f614632dd388f3cd52ebc3963aaa5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 610577bb0bf733ab9da8450fb440f1c6
SHA1 e49deddf3793b7e09a383cd0b01b5fc07e660683
SHA256 e4154076b10c41a53b2ac19233889e6686991a30fb2eddaacac67caaf0d06ade
SHA512 78244dc2c64dd56d5995e27a0bf86797a71a3f9669025fcc6281e7de12c1ce7035f5e40cfdf3c001031f7b0cf333f062b08792e9b62c56ca5de5571a33d2833e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d2d6599909d7923d6eb7c65a255a6286
SHA1 d09dd2f7089f4dbb3ae60e767d794e299b80869b
SHA256 38d31c401008ed914b97f731cb6cb201892d7e432b6a90bbe861ba36488e517c
SHA512 ab7ae0cf33856dc5590f918c6497230a6fca9d8ca27c55093e715c56405bf0ec6cf1d999c12e4613481ac4152ab0f6333608fabe0521d7ee95c10d5ccb3c21ef

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4719356c256adad88418bf41ee8b1660
SHA1 1537d97bc5402d4e9c86c7db74034bef2864a2eb
SHA256 f27d6cca2c6299c66b557474d1a6517e814613278fed0d3473f203ef0f8b679a
SHA512 4aaa4c099359b1cf0056c96dab26bdce1d5bd2a717acc0a64ab6aed8d25f21b2bb9c990a6da6e6caee61e50993ec67f9ac5037e7aa40ef71ee130b142f9a94ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\54f845fe-e554-4096-9764-34ef423a3350.tmp

MD5 286c2de2a32fe2a71121bef8310c4840
SHA1 0510c6dd23b8fada0c049e3006965bcf4d7ac015
SHA256 54519f1b9206ccff73ada8066b7f0b7af225a0e01846e3d78b88bab7d9fa72b0
SHA512 26f15a8dd1575b702d73e213c19a7d224420a222a2fef7b0f689fd7e20a265e58972615e9db4c4adddeba206f29d385f36f235f6ff96b1869dfe816b7f9adde8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6367f3ed2676ee6db6c24811f53ab45b
SHA1 8a6bc7e4109ec06dd96941385c5e42965f52d1a4
SHA256 4734a53c1269f454388f2e45e4260daf80cac0b4c7436d5aa2ff45e864a9aea3
SHA512 961469f6119024d6e8622b1fa56508f35803b14b2e4e243b1eb1aac4cd6cf3bb8bbc191c87e7c2d1afef0daa0272d1e7720f69099f843acfe96ec9973286643b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\storage\default\https+++www.youtube.com\cache\morgue\80\{adaff45a-895c-4db4-9df8-1b7e8f1e0750}.final

MD5 d0d1672cc7d147f9f802ebefdb01e914
SHA1 22ed7eb147f695ec1df8ae6f43cb7787dd0ea652
SHA256 62efa98b135e5ef8779b99489ab8200b60026a5b1000ff3c997f3be230febe2f
SHA512 7f8ef8af3f57a6aab90ccda6ab1079e43630de11d14a780786a1b0f1ab057d7cfd5ab512b53ecd8ddd1bcc669fa56a0c260b2df421db64e3855dee7d63251a68

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\sessionstore-backups\recovery.jsonlz4

MD5 5b99ae9f3caf71077497677535bd3221
SHA1 e9c05db4479e3bf6cbcf630f63799938bb719d1b
SHA256 f97e6e1d043f352b67ca706baa7eb7a48544af209253c0139dabcd8ffbc8d8d4
SHA512 31b14d57d99bf529a41c55dab1bc1e21c1f6d7a04b3a0c7b86837ee876f40d3b282a319359f709ab25c6a5bbeb3b421e77de639458aaa4d8b757b3baa863ec3d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 78f53c19af93b366cfa4e8656ae60b31
SHA1 e329de15034c929c67b3d72c9e9ea777ff4c2df0
SHA256 753a7683ca545af94647f982a5dab476533cb18282a4a8c8da6b038bd41b465a
SHA512 258ff5aa0839982417cfbc05d00e9f1c7ede8a8428057ef34572ff66879d2923ca146cfabe32adbb51b1e86de050911c6600b825d78056d9b9ec4f7f1ed5846f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dd13e25c7f2f37da86290ad7c1779403
SHA1 1797689cf35bb77cb0cdf0660c7784f350a8e8d5
SHA256 0e5dce241eac8ba28a14a0d05499278d3b36d65ec5ba84f788e67ab520d7fb9a
SHA512 5d1615b47a8fc2b2da39d2b33a1e5f337079af5e686a1ecdfec1a649df82bd54147d20ac57eaac4b80ae11212b7db8e0d314648dc9fc32e3a605c4b75b4d66a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ff8e5c6be4c9a9edcb3b4218cde72ff5
SHA1 2d524feec851365d23a3aa9d1d424e71d69d5912
SHA256 d42d7e5387211007ddf0ef7d0bac3c7ba386d80825a0a8829fb57fce9d745b21
SHA512 7ed89cda53db518e0a10b0f2ace384f8f6ce13ab749c9dc7e45e2d259d22c52131b3686afc3c81aaad9f2c8332f83b10c7fe0d5dab0c46a2bca2570112b64d7f

Analysis: behavioral2

Detonation Overview

Submitted

2024-02-05 15:11

Reported

2024-02-05 15:13

Platform

win10v2004-20231215-en

Max time kernel

149s

Max time network

151s

Command Line

"C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1497073144-2389943819-3385106915-1000\{A8A3CA46-977A-42FB-B227-2F529D23D297} C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 976 wrote to memory of 2420 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 976 wrote to memory of 2420 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 976 wrote to memory of 1396 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 976 wrote to memory of 1396 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2420 wrote to memory of 4668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2420 wrote to memory of 4668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1396 wrote to memory of 4536 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1396 wrote to memory of 4536 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 976 wrote to memory of 2972 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 976 wrote to memory of 2972 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2972 wrote to memory of 3800 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2972 wrote to memory of 3800 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 976 wrote to memory of 4336 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 976 wrote to memory of 4336 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 976 wrote to memory of 2148 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 976 wrote to memory of 2148 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2148 wrote to memory of 4468 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2148 wrote to memory of 4468 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 976 wrote to memory of 2208 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 976 wrote to memory of 2208 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2208 wrote to memory of 3020 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2208 wrote to memory of 3020 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 976 wrote to memory of 3184 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 976 wrote to memory of 3184 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 976 wrote to memory of 2144 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 976 wrote to memory of 2144 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 5112 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 5112 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 976 wrote to memory of 4500 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 976 wrote to memory of 4500 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2144 wrote to memory of 1220 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2144 wrote to memory of 1220 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4500 wrote to memory of 4612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4500 wrote to memory of 4612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 976 wrote to memory of 4984 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 976 wrote to memory of 4984 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 976 wrote to memory of 808 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 976 wrote to memory of 808 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4984 wrote to memory of 2532 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4984 wrote to memory of 2532 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4984 wrote to memory of 2532 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4984 wrote to memory of 2532 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4984 wrote to memory of 2532 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4984 wrote to memory of 2532 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4984 wrote to memory of 2532 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4984 wrote to memory of 2532 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4984 wrote to memory of 2532 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4984 wrote to memory of 2532 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4984 wrote to memory of 2532 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 976 wrote to memory of 2632 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 976 wrote to memory of 2632 N/A C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 808 wrote to memory of 4640 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 808 wrote to memory of 4640 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 808 wrote to memory of 4640 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 808 wrote to memory of 4640 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 808 wrote to memory of 4640 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 808 wrote to memory of 4640 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 808 wrote to memory of 4640 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 808 wrote to memory of 4640 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 808 wrote to memory of 4640 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 808 wrote to memory of 4640 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 808 wrote to memory of 4640 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe

"C:\Users\Admin\AppData\Local\Temp\2144519ec73be891c93d29ae30a47c30925dceb2c9bd0719f40a4a04f65d0a23.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff8c68e46f8,0x7ff8c68e4708,0x7ff8c68e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff8c68e46f8,0x7ff8c68e4708,0x7ff8c68e4718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff8c68e46f8,0x7ff8c68e4708,0x7ff8c68e4718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8c6789758,0x7ff8c6789768,0x7ff8c6789778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff8c6789758,0x7ff8c6789768,0x7ff8c6789778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8c6789758,0x7ff8c6789768,0x7ff8c6789778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff8c68e46f8,0x7ff8c68e4708,0x7ff8c68e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2060,12309836490871903523,3901911427125492007,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2744 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1924,13130007693332847423,9729878235812876759,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1944 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,12309836490871903523,3901911427125492007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1924,13130007693332847423,9729878235812876759,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,12309836490871903523,3901911427125492007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,12309836490871903523,3901911427125492007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3896 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,16600029531117211113,1231220607413648918,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,16600029531117211113,1231220607413648918,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,3953352458081715827,4433746614911596925,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,3953352458081715827,4433746614911596925,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2060,12309836490871903523,3901911427125492007,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,12309836490871903523,3901911427125492007,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,12309836490871903523,3901911427125492007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3912 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2532.0.498007541\1010858043" -parentBuildID 20221007134813 -prefsHandle 1852 -prefMapHandle 1844 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {28c147d1-9bf2-4b22-80ce-1301f837a25a} 2532 "\\.\pipe\gecko-crash-server-pipe.2532" 1944 2b3c2cd7658 gpu

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0x7c,0x104,0x7ff8c68e46f8,0x7ff8c68e4708,0x7ff8c68e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,1581134170798244105,16203609204377732308,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,12309836490871903523,3901911427125492007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,2796646755202396119,7297895753594483556,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 /prefetch:3

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2532.1.2047056683\1280375982" -parentBuildID 20221007134813 -prefsHandle 2400 -prefMapHandle 2388 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {437c53f7-7a25-4daa-a28a-e4853715b22c} 2532 "\\.\pipe\gecko-crash-server-pipe.2532" 2428 2b3b64dfc58 socket

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8c68e46f8,0x7ff8c68e4708,0x7ff8c68e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,12309836490871903523,3901911427125492007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4432 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,12309836490871903523,3901911427125492007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4216 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,12309836490871903523,3901911427125492007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4588 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2532.2.1175223155\47355324" -childID 1 -isForBrowser -prefsHandle 3260 -prefMapHandle 3048 -prefsLen 21603 -prefMapSize 233444 -jsInitHandle 1144 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7cd0c01a-0a98-4db3-add2-7251322aef8a} 2532 "\\.\pipe\gecko-crash-server-pipe.2532" 3044 2b3c6906258 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,12309836490871903523,3901911427125492007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1716 --field-trial-handle=1920,i,15864077877782424691,9533550964601017768,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1924 --field-trial-handle=2008,i,13804870364331894081,15649702401729927172,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3112 --field-trial-handle=1920,i,15864077877782424691,9533550964601017768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3128 --field-trial-handle=1920,i,15864077877782424691,9533550964601017768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3784 --field-trial-handle=1920,i,15864077877782424691,9533550964601017768,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2532.5.1989691113\134313390" -childID 4 -isForBrowser -prefsHandle 3032 -prefMapHandle 2916 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1144 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {078a23e0-d225-41e6-b3b4-a6e5ee70e8ce} 2532 "\\.\pipe\gecko-crash-server-pipe.2532" 3056 2b3c6a8e758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2532.4.1989472576\327491146" -childID 3 -isForBrowser -prefsHandle 3944 -prefMapHandle 3948 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1144 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a2d25cd7-5b39-4b01-93c0-c9b08331277b} 2532 "\\.\pipe\gecko-crash-server-pipe.2532" 3936 2b3c6a8e158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2532.3.1204687854\1048277246" -childID 2 -isForBrowser -prefsHandle 3792 -prefMapHandle 3796 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1144 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {72d85c4f-866b-4baf-b49c-aa660f7ec82b} 2532 "\\.\pipe\gecko-crash-server-pipe.2532" 3652 2b3c6a8db58 tab

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1904 --field-trial-handle=1972,i,5420954351733628017,2422502010592614023,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4884 --field-trial-handle=1920,i,15864077877782424691,9533550964601017768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1788 --field-trial-handle=1972,i,5420954351733628017,2422502010592614023,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4048 --field-trial-handle=1920,i,15864077877782424691,9533550964601017768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1720 --field-trial-handle=2008,i,13804870364331894081,15649702401729927172,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2072 --field-trial-handle=1920,i,15864077877782424691,9533550964601017768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1796 --field-trial-handle=1920,i,15864077877782424691,9533550964601017768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3880 --field-trial-handle=1920,i,15864077877782424691,9533550964601017768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5108 --field-trial-handle=1920,i,15864077877782424691,9533550964601017768,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2532.6.2097794552\1231330688" -childID 5 -isForBrowser -prefsHandle 4644 -prefMapHandle 4616 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1144 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {189d5972-86ce-4ccc-b24e-b98efba389a5} 2532 "\\.\pipe\gecko-crash-server-pipe.2532" 4656 2b3c8382158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2532.9.1797203639\1000656818" -childID 8 -isForBrowser -prefsHandle 5912 -prefMapHandle 5916 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1144 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {04469574-0477-4c2b-ae34-8443e82c9381} 2532 "\\.\pipe\gecko-crash-server-pipe.2532" 5904 2b3c9b86558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2532.8.1030049419\516130877" -childID 7 -isForBrowser -prefsHandle 5720 -prefMapHandle 5724 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1144 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {aee42f24-934a-4851-be37-6e2e3aa07e4e} 2532 "\\.\pipe\gecko-crash-server-pipe.2532" 5712 2b3c9b86b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2532.7.1037706734\816157062" -childID 6 -isForBrowser -prefsHandle 5568 -prefMapHandle 5564 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1144 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {427ee107-60d8-41f6-b187-30c9de04a2c1} 2532 "\\.\pipe\gecko-crash-server-pipe.2532" 5580 2b3c952f558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2532.10.347539346\1813982973" -parentBuildID 20221007134813 -prefsHandle 6244 -prefMapHandle 6240 -prefsLen 26381 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4a970917-f621-42e3-a169-690790d5a7cf} 2532 "\\.\pipe\gecko-crash-server-pipe.2532" 6248 2b3ca590e58 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2532.11.526115653\921617953" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 6368 -prefMapHandle 6364 -prefsLen 26381 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1dd50b71-6d92-436a-9282-1453406a2e31} 2532 "\\.\pipe\gecko-crash-server-pipe.2532" 6380 2b3ca4e0e58 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2532.12.1193009204\1831145183" -childID 9 -isForBrowser -prefsHandle 6528 -prefMapHandle 3940 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1144 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {350cb6b3-cb83-4146-a65d-3e9f7f5584c9} 2532 "\\.\pipe\gecko-crash-server-pipe.2532" 6668 2b3cac19758 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4996 --field-trial-handle=1920,i,15864077877782424691,9533550964601017768,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2060,12309836490871903523,3901911427125492007,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6564 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,12309836490871903523,3901911427125492007,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5820 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=852 --field-trial-handle=1920,i,15864077877782424691,9533550964601017768,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 133.191.110.104.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 172.217.169.14:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 14.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 35.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 83.177.190.20.in-addr.arpa udp
GB 172.217.169.14:443 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
GB 172.217.169.14:443 www.youtube.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.204.74:443 content-autofill.googleapis.com tcp
GB 142.250.180.22:443 i.ytimg.com tcp
US 8.8.8.8:53 227.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 22.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 172.217.169.14:443 www.youtube.com udp
GB 142.250.180.22:443 i.ytimg.com tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
GB 172.217.169.14:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 23.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 44.227.167.82:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
GB 172.217.169.14:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.180.22:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.180.22:443 i.ytimg.com udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 82.167.227.44.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 142.250.178.4:443 www.google.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.180.22:443 i.ytimg.com udp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 facebook.com udp
GB 163.70.147.35:443 facebook.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 fbcdn.net udp
GB 172.217.169.42:443 jnn-pa.googleapis.com tcp
GB 172.217.169.42:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 163.70.147.35:443 fbcdn.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 172.217.169.42:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 fbsbx.com udp
GB 172.217.169.42:443 jnn-pa.googleapis.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 42.169.217.172.in-addr.arpa udp
GB 163.70.147.35:443 fbsbx.com udp
N/A 127.0.0.1:56656 tcp
GB 142.250.178.4:443 www.google.com tcp
GB 216.58.204.74:443 jnn-pa.googleapis.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 rr5---sn-4g5ednd7.googlevideo.com udp
DE 74.125.162.106:443 rr5---sn-4g5ednd7.googlevideo.com tcp
DE 74.125.162.106:443 rr5---sn-4g5ednd7.googlevideo.com tcp
DE 74.125.162.106:443 rr5---sn-4g5ednd7.googlevideo.com tcp
US 8.8.8.8:53 play.google.com udp
DE 74.125.162.106:443 rr5---sn-4g5ednd7.googlevideo.com tcp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 106.162.125.74.in-addr.arpa udp
DE 74.125.162.106:443 rr5---sn-4g5ednd7.googlevideo.com tcp
DE 74.125.162.106:443 rr5---sn-4g5ednd7.googlevideo.com tcp
GB 216.58.201.110:443 play.google.com udp
N/A 127.0.0.1:49354 tcp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 18.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
GB 216.58.201.110:443 play.google.com udp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.46:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.46:443 redirector.gvt1.com udp
US 8.8.8.8:53 r4---sn-1gieen7e.gvt1.com udp
US 8.8.8.8:53 209.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
CH 74.125.173.169:443 r4---sn-1gieen7e.gvt1.com tcp
US 8.8.8.8:53 r4.sn-1gieen7e.gvt1.com udp
US 8.8.8.8:53 r4.sn-1gieen7e.gvt1.com udp
CH 74.125.173.169:443 r4.sn-1gieen7e.gvt1.com udp
US 8.8.8.8:53 udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 175.178.17.96.in-addr.arpa udp
GB 142.250.187.238:443 youtube.com tcp
GB 142.250.178.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 172.217.169.35:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 35.169.217.172.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.178.10:443 jnn-pa.googleapis.com tcp
GB 142.250.178.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 43.229.111.52.in-addr.arpa udp
GB 142.250.187.238:443 youtube.com udp
GB 172.217.169.14:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 216.58.201.110:443 play.google.com udp
GB 216.58.201.110:443 play.google.com udp
GB 216.58.201.110:443 play.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.14:443 youtube-ui.l.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.35:443 beacons.gcp.gvt2.com udp
GB 142.250.178.10:443 jnn-pa.googleapis.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 4d6e17218d9a99976d1a14c6f6944c96
SHA1 9e54a19d6c61d99ac8759c5f07b2f0d5faab447f
SHA256 32e343d2794af8bc6f2f7c905b5df11d53db4ad8922b92ad5e7cc9c856509d93
SHA512 3fa166b3e2d1236298d8dda7071a6fcf2bde283f181b8b0a07c0bb8ba756d6f55fa8a847ca5286d4dbabc6dace67e842a118866320ac01bd5f93cccd3a032e47

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 bc16ebe41a9fc2938c4060992a92b0af
SHA1 1719af3e339b187d984a76437eb80cae5dc50e6f
SHA256 5874dbe9583546eb24cfb2b237d58f97ef186cd72866dd224df82e62817744ae
SHA512 c78d4be86a3f35ae07375b37fd39f869d317a6ec6699d7673731e6f9b255d7bcbfacf58ca71c3f51baac1e2b2bbee7da58603efa5bd51a31162c481aab7a912c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

\??\pipe\LOCAL\crashpad_2420_BGVDLFZKMMJXEWNL

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 51254eed5a453f48cacb0d2e34914c6b
SHA1 70ccd79dab7fe41e006dc7a442f0401553b54308
SHA256 a567c9bb2939b9439044b3f220864197c1fa47cdccc2f399075e3da18f8dc13e
SHA512 f198d3300f98711bc8ad3bffa8bc8ab042df9acd152b630238c02234febd8f0dfb7118c76a4f69df8a87e1396bee97f2314686c6b3b3acbc54c5c81ca556d04f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 364b2828b6eb24bbbaff6aada35be16f
SHA1 085f640286daa389f2aae5c729c4b66ada809ae4
SHA256 99f958e6288bf632cf82c9475888f070c5d1e47ae3b64618c072f9d1a8af9296
SHA512 ac1a0b802660265ba13f301996e3d0976ce0549a767bc83c9097bd39c81b83f96b85e077888a1a66e911104ae9de44b12d03873801681f4ea7b423c04fd4dbc9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 33557219d50ca31f91c5422d9ef9fe3b
SHA1 b566871b7c45d153debad5fad55e4a93ba9b672d
SHA256 18fe645246a9078d50d08cbe977e96c344af26273298649f387daea4151bd6d3
SHA512 0d3e1ba3d13f28962aad1c1744b0a197e559f0181af4e1d7cc96249e2ab48e035f1a31c9d2c50b685f063783580f93878c83844f64755c7567cfff2025f93454

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 0bd5c93de6441cd85df33f5858ead08c
SHA1 c9e9a6c225ae958d5725537fac596b4d89ccb621
SHA256 6e881c02306f0b1f4d926f77b32c57d4ba98db35a573562a017ae9e357fcb2d2
SHA512 19073981f96ba488d87665cfa7ffc126b1b577865f36a53233f15d2773eabe5200a2a64874a3b180913ef95efdece3954169bdcb4232ee793670b100109f6ae2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 57fe18114c902fbd93922baf3c1ade5d
SHA1 60a17987434d48dd5149230b58142194ef9c2b9c
SHA256 5e42db154f367cd5b1ac51cd60f81f6227760c62065afa902bcae6d2bd04e426
SHA512 846f044120704649e0587a93a7075fec9f44109570d78f57bc46ef5404c6312b147487c453e0c011d8e25854026ea8186ef5b6734e617aa95e22999d24f647a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3d67b9042c900bcac0aad4ffde55b490
SHA1 b11e22615ec15c5f1bb2c864aa7bb5324500c51e
SHA256 6ec8f7b7a2c337245c9c9d8643250edca7913da644655fdabf8dfb0f69eff001
SHA512 7226dafa211e530323d1f5f0735f91049338ef4f55be475db20de23eb3fd779d3d70be250df9b4a5a21cc47824c17f22d4a0dfdf953fa47a66ac8245f2dc61a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5136afef776b50ab2cdc6161bf67a3be
SHA1 bc068d25a3df8f2bbb2b83070147ef9f511a7d84
SHA256 da502caaf51e41c27816cb8fc7aaaef406a65d1e573ff9146dc938d2cb784964
SHA512 4798cf898c6023ac34a9fa50f9cf3b02d77013235e77c70f07ffda30f120331c10745d1cd9f5541405bc13448aa19fb3c7c513a336ef7848327a40398dc602ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 753a1cdca8e07d09d67fca5c332a916d
SHA1 54a990e9add504b50efea4e769fb63b9195eeb32
SHA256 054091334352db28206b4dca089445713aabc2d666012d82d87fdc5b3f63e5dc
SHA512 12b54275d3e06d2b117a3755a69a252ab8976a2bb2ba5268b01e9485118ebe236a18732b2cef411c71b78064a58f8e225d88a61630c61f8532bedddec83ff127

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 65805262399ed915936ca8570fdc56bd
SHA1 7c960fb75a90f4438ae94ed6feeb3b59c04e8724
SHA256 227234fc81b1b2af85af49348f9b214da2664208f816ab298099348f0f76c5cb
SHA512 5e475222ad4776ff52d5acc1c3dc81d833cdc8ba39746ebcaa2e9aeb76e1578df931ba184beba2ccbde6439c6c58274cf79b4212ee79a2d92ee87fbe3a3da475

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 265db1c9337422f9af69ef2b4e1c7205
SHA1 3e38976bb5cf035c75c9bc185f72a80e70f41c2e
SHA256 7ca5a3ccc077698ca62ac8157676814b3d8e93586364d0318987e37b4f8590bc
SHA512 3cc9b76d8d4b6edb4c41677be3483ac37785f3bbfea4489f3855433ebf84ea25fc48efee9b74cab268dc9cb7fb4789a81c94e75c7bf723721de28aef53d8b529

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\datareporting\glean\pending_pings\c573e8f4-0a75-4b11-a788-0166173c4eeb

MD5 fb51e47c4cc692bcfc3da7fca1718a4c
SHA1 ba8a20825f3185926a2c6754cbdd41ee1a5c9461
SHA256 1eebfe0762bc410dba6c5510d68c9d9e851183d9a9f28544f8ead8fc8432ccad
SHA512 6259c78be26ab3124861c214c4cb240884353edfc6f2089fa63ce4756a992585178b500f48a45c2983ce604aa11ace73d32a3d9ae479f1ccf039e39eada0d1b0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\datareporting\glean\pending_pings\d34c6bff-9233-4fab-89f3-a25da663f8e7

MD5 896346119d226e18999f38807c3ee557
SHA1 e724e2efdbc9cf9ce200441b77f0e2a4bf460413
SHA256 10f3438e18dd0c6d33f962e98fbc3a419f72a3087f97017e41fc27a3f725d735
SHA512 5e11e25388456b48ab9be4bdf8a89a306986f99ff4574567ce3dd9126e3784983a38ee98ab599aa86d67facdfecfbafeb385fc90a30b9e2edf3fb3beb8e4e8c4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\datareporting\glean\db\data.safe.bin

MD5 d5eb36128c6e741ea09e473cca9a6b09
SHA1 ae3ac612594ea1e16b0b53012debcc052cd2644a
SHA256 694f58f46dfd632dd03a50e5d668f16c8df6240fa6110f30f6f82ee24beb8dbf
SHA512 ddf94aaaeddbf7c111a8c3d0525814f278c3faf4615b7b89c710af991d6615169768e0a213a3315cfba2bd9ad15d1fa73503094cb28383182bfc739de31b2cb1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 8eff070195653e2a131a916680cd18c2
SHA1 7f5dc88fc5d5969b25d5e75cccabd37362b31a94
SHA256 61c22934bcca9275d3aa4a9548828b028aaa84a0c1d977d50daeb889e02dbfd3
SHA512 18ed6beca1a23e74571ee365b3c5e1b92686188178fa5481d41dd4c991286d5b3599613a870a8d371eb886f82b1b5e35be10ae82b0a95452a53f9cffed73f507

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\prefs.js

MD5 18fb2f6330a9ecaecf185a96b829f048
SHA1 9045b3140eb754ba6b35b5bf5eb890065c0c5787
SHA256 bc974cb96cc603b3d4e505cab48da67de05b3f4b5d13f68b25a23c2c1760ecc2
SHA512 dc2f718c9a4797c8fe4036c1b62655c62753c8ac11b768690a87444d69206eac408213451e0deed481f5c50b9c8f28dd9bd1abd1191f6538c51815ea7873a9b7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionstore-backups\recovery.jsonlz4

MD5 68744d7470fcbb07c1c6b57f43700aea
SHA1 0f0917f6a738684d500820e4e96b45f1da7ba7cc
SHA256 97cda97c5375db453be469e4bdf61ea5954e506c5bb2bd6a052de53f12077be1
SHA512 02a4cf5dc1510dd3cdc6a7d35f03c96c7e360d784d29c6768c14d2728628f0dcc3e24bb6a211d5e820eae1b7eb6a579327fe7b162de31d2875c4060a336ef854

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 d1a0d8504b6a46215e2a4cf521ddb7b5
SHA1 3d6e16808a1e17ccdaca99f37ed30468391c62e0
SHA256 cb357178d5e09917800b0669d958b5517c4f8b322c01f2adeca3ea7fa4e707c1
SHA512 2ee68d71b04a78e1bc353f66daaeac1ab9f2e1119d7b6974571f8ef1a7a20fc1ea3903f3d90f3feffe7d820339abed4a26cabb230ddba3baa415309daad2d570

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\92qyi9k9.default-release\cache2\entries\2BB62A5F508187291BB477E79601AC81B652604E

MD5 ec55ff62e25489ebed6f595df70cf255
SHA1 32dca363f42ddc7a2b86a6a4b516c19e84d4d5eb
SHA256 818ec19dfd1a001465816441193005f1c98cec6eb7445864ea9a7491cdc569aa
SHA512 aaf0f45a81847477899aa064b554244f6232d3a9132f8412d84f2957d152a5ac4eb90d570cd1ee7db538597756762a7960b443be81882ca580f90855939b38a7

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\92qyi9k9.default-release\cache2\entries\F96A1A8368D3C3DD1FA81D170326E6C1C65D342F

MD5 f478a071f54d7b3d5c76e12de95b0415
SHA1 f33c381fa8dd6e343aa551ef85a27b01cd71c19d
SHA256 db30cdb99c018aa264880f2d168788159f0cb662bbe9ff6e23807a9ff0d2b03e
SHA512 6eb63d22ddb54fdaa3e447589d959adbc02d723d0d97127ba47d80a7495eb117c99c39502a734adc9794f53a37eab2aa13ba5444face8a1af3deb346e7faa7df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

MD5 7a204d478c8dfe822bf86f9103bbd9b3
SHA1 7114b36ea1588d9372d730b2ee5dec7a3aee36d1
SHA256 d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb
SHA512 f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\storage\default\https+++www.youtube.com\cache\morgue\34\{379c3d0f-55c2-48d2-9f38-c0285aef3122}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\storage\default\https+++www.youtube.com\idb\2151137500yCt7-%iCt7-%r0e8sfpeo.sqlite

MD5 4ec915e2fb41def27d9debe6d40cddad
SHA1 0c6c911ac0143a4bb184b17aebb33353bb67c33d
SHA256 e3a1b1e21fe06964ba4ab4f4d1a8926872f0952d3ee2d514e826171e78d8264d
SHA512 2c4a84047e7e4988a4475632c45c8fb1ef31063b5f0957ad1a577c2c47834da111a6f86acc8ae1e6ec2dd67996805b6c3e7cb7a189bee0c7bbf3b5dfc73f8bac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 9f50c4422c8cb8f994e05f5216ba58e4
SHA1 b633b9c2aa8a228baf70d7ee7aea7832ba9c2130
SHA256 5d7526e3cf8b8f325c2e6642906c6c92db4e17d4b39ddc8ccf8b05f264f26c36
SHA512 e23e015ddc5685f84f2c24b1db658cc3b2c73bc1e8b2eacbe852a457e125d62d1518e05dd6b8461cedc1f971eb7ee039cf3c2c7d0fdbbb2b493a428199d9c9e4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

MD5 c9e9e7c575c62582432f0a182dbc3a59
SHA1 759f00b176a11b59af4a4618a0cd992e760e6e9f
SHA256 22806fbcc9e20d0a5fa377b2915e2adaf86e8ed3ab66220f1ad27e00b3107b25
SHA512 e5188285b531bbf830026c776ea115d360c78ac0936b313adeac62d6534094b2ccc5df60f0c98b3f1ef40cabe5f2de87d7a3f626f72be95a813a1aee15837f43

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 386366b01ae52b3a9df526a4a19a55a1
SHA1 b6319e6dfcd02b0eac2f5a65a8da9da5a1956e40
SHA256 8e26de402e725f95eb7c0c1e09d0e71ade2d3b052b13763e444688bcf7232f12
SHA512 f40f57a7916fa23a87d30bb0282492b73f4441ea1aefbb9f2cfa398e04add86207ea30083400941fc2c5b2f4024941f6ebf983d65f001c3261b2473e32293e66

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c679f36db395cdf7d1b921e6bc50699b
SHA1 a0353888cbd043351c3ac600d75b2a142b4f82d4
SHA256 4bf8846e7b166057fa8190e340b5520ae2867489230b9cff2bf96a1a411797f1
SHA512 a5d028b9c29184cc3de255e7aa80edb7f37cea45a9f03e88c1236417aecc8d6644a54d3427121329629bfc91c6538112cd9d49f140d566a56e345d752caa1ede

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 c2ef1d773c3f6f230cedf469f7e34059
SHA1 e410764405adcfead3338c8d0b29371fd1a3f292
SHA256 185450d538a894e4dcf55b428f506f3d7baa86664fbbc67afd6c255b65178521
SHA512 2ef93803da4d630916bed75d678382fd1c72bff1700a1a72e2612431c6d5e11410ced4eaf522b388028aeadb08e8a77513e16594e6ab081f6d6203e4caa7d549

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bc036c7b6416de6b21030eee84ca89f3
SHA1 d9a31e561d08de020ae2e5937d75258df3b2a0e6
SHA256 8b7b95966bd5c37fb1dc5c94e4c9aa84017de779d562aa1f35efaf2cd15f2b8d
SHA512 b28e82ed1ae57c08472a11f650cb729cd5ea09a04dab76eb90c421184bccef3b1819bc8f14fdfa8a1b51f75c12a4f055c6ad8bdacbf079d81b80331f98bbc00a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 85b2f70f7cca6ac183b1c48cb0198d98
SHA1 b9c226a60c83280f96ac76c3fcbfcb7547fbacf8
SHA256 c8cdeeebc42c8dd3140e12b64b94f1606d9960af22b6feaf834f4eadf8e1ea33
SHA512 79cb317cad7739b3f23988e3f430f8f9ebb4fb42a1fbb3c8672a835fd343c5588e6f912c2831909a1bf0729ddb2c820deed51d7dca050c303975230664570b48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6a4d0519eafff29b7cbedab9e5457c2c
SHA1 7681fdfa2d89f7ca274a6ae1380d41e0a4b8c641
SHA256 a87a03e18a8644900c421d47cf13daee7f61afe784fae18c6fc577d6dbe63b91
SHA512 1a4ff984b3d8f4358f1247a4de5a350633ad0399d7206438aefe7dda73e94e60b850a1819b3e925176932f9dbc2402f9be21616a6009d36738d0f70b223a6496

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

MD5 2ba277bbbcc8715291613160a997cebd
SHA1 e64ee67165bbadd3b8bde989c3e5b1d2540cf09b
SHA256 00ffe000f78ae3c8c8d5557e3ab0089e29730ed10b2a190bd2b7a569812afd96
SHA512 c0f7840f181ad991c45ed1be0fcc0d90be100f8bbf36c54418ebe66f46d776652447eb5b7eaffbd2eb07c04455841d8e5d74f404eddf3c22daa34269d842435e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

MD5 7de64ee3e0d052079161ca100c797ad9
SHA1 3135abc12042890b8e6e567afed168e981f18775
SHA256 3d62caa23fb0401f551a9f8ce3f492aca9ad3fa33a7b86924bd85843b025bdb6
SHA512 2d8dbf225d60f5e75f935f714b118aafee02fa23a862e083e08c19eff02943d237f68c0c9d4f4ed4143adff08bdaf30cce5a81ac64fcfb22faf1fe67a09756ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

MD5 d8e56edd91e6a8e254c9df3c3619f493
SHA1 e5bb299b458c95e5575da0a42ff7b49969b880b4
SHA256 8b598d7196aef8cb9eacf393e5b2520f5387f125552e1fefb6f373be30f64e97
SHA512 46d3bb6eeba235ed9e2621cf6bf89c10c78fbbee1bec31d59347532d9d242de4bb533911d0981d3c1af85a1d51226ca694ccbcef178adda1fb71e9634820027b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

MD5 57ae6558fd495a4c05692113c7315b1e
SHA1 edcf35929545ae68664779e0254b67e720e1a0b3
SHA256 fc01d1f63650df9b53e5ed7f8ad20f8ca46a194533f72ab431ce862d1f310b63
SHA512 51fe9f8eee096ecaec21a1b1ccc72ddefa178627cf8809daf12713c70edc075bd1b03f277a505b2357076a278afd11a4f853132d8fbae53361a36438fd8951f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

MD5 55abcc758ea44e30cc6bf29a8e961169
SHA1 3b3717aeebb58d07f553c1813635eadb11fda264
SHA256 dada70d2614b10f6666b149d2864fdcf8f944bf748dcf79b2fe6dad73e4ef7b6
SHA512 12e2405f5412c427bee4edd9543f4ea40502eaace30b24fe1ae629895b787ea5a959903a2e32abe341cd8136033a61b802b57fe862efba5f5a1b167176dd2454

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

MD5 beafc7738da2d4d503d2b7bdb5b5ee9b
SHA1 a4fd5eb4624236bc1a482d1b2e25b0f65e1cc0e0
SHA256 bb77e10b27807cbec9a9f7a4aeefaa41d66a4360ed33e55450aaf7a47f0da4b4
SHA512 a0b7cf6df6e8cc2b11e05099253c07042ac474638cc9e7fb0a6816e70f43e400e356d41bde995dce7ff11da65f75e7dc7a7f8593c6b031a0aa17b7181f51312f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

MD5 621714e5257f6d356c5926b13b8c2018
SHA1 95fbe9dcf1ae01e969d3178e2efd6df377f5f455
SHA256 b6c5da3bf2ae9801a3c1c61328d54f9d3889dcea4049851b4ed4a2ff9ba16800
SHA512 b39ea7c8b6bb14a5a86d121c9afc4e2fc1b46a8f8c8a8ddacfa53996c0c94f39d436479d923bf3da45f04431d93d8b0908c50d586181326f68e7675c530218ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 01ef159c14690afd71c42942a75d5b2d
SHA1 a38b58196f3e8c111065deb17420a06b8ff8e70f
SHA256 118d6f295fd05bc547835ba1c4360250e97677c0419c03928fd611f4f3e3104b
SHA512 12292194bb089f50bb73507d4324ea691cc853a6e7b8d637c231fadb4f465246b97fd3684162467989b1c3c46eabb3595adb0350c6cf41921213620d0cff455b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 73026aa4759fb510b46894cad6d8ea14
SHA1 ce76be2783d91d33a553dbdd51ca45adde4e5238
SHA256 1eef94ffda770c10f75c7a53a955bd250287a9fe890da0b65adb89c2047adb2c
SHA512 d90677d907f1561b766c0e001dd2dc2b19ed10066adfbaac9360e01c69cffae3f82878cab852ea8569dc19a856c2a084a31a248e709bca3528e0f31977d5626f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 bb2c64b2a6f5e8b078a8ec6ac0ed8c0c
SHA1 1b1c4f920482f05cb045d27b9b71a3122fad0fea
SHA256 9addba0053b84cf97a3264017e5a8557ac68a45d8d53bb74af1d6222bbfea2ed
SHA512 bd82d709ba16ae86a16f1764529c3d9be8629561350ac39122dfc3967ddb5d6132abc31f7cc2b985de102c68336d6fbf928993da7101b99bfe4546d06320289e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 99c2acf9e15685105b07887aa71b3f37
SHA1 94c3720bb5e9f4e380885fde4d1be41d0155a598
SHA256 62e5e335ce7598210567b4810f0d54c4648cd4c9b9716b26ee26079da299b7ea
SHA512 aada31060c37736332068d14725889214dfb228b4a13022e0bf6215bd8eefd9c0c62ffd8742aba3b97c9e14a4826513c8e3bda779512ebbceb2410d50df0c0c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 44804253e5511136f2099d8faddbb517
SHA1 96b1be0e4b316409b67943fe50eaaac543254f62
SHA256 af85389bb4a4f61f33f8a2de8ba0a83967b59039e087b3fc0ee0ef016bd1be58
SHA512 01f4a09ac869acadee089d199caae8cc61ba6b9a2e9b2a0d19ed5350e479bfe2be3cce38cd5e6049d4094ece4d000e7c19110335b0c1bae5cf8876982b099b1a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c1d1cd1bb5a732e5c42c7889feb91ba9
SHA1 eaa98f872dced76bfe51793b955ebe79602b8eb2
SHA256 7be1957dca28c5c7a1336c8cb0f3d47ed9f20dd8377921ac93293dc6627a7c4a
SHA512 0f4345819fa1ca61d19783c63414a31a61ae856a5b3dd174284652f94fa6fa26d2fbb1332a9ead8c216f8722db1c505af4a2f0aefd8504206a6ced72ce4611b9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c26984cb69416f03a6134f1e7a36b239
SHA1 04d077de55b47ddbb0e3d1b34711d983d0374592
SHA256 b1342ae0270b5ead943fc08c708f85666f9a4248ddb1cb74890ad9f643439689
SHA512 daa361d1ff0195e6b0e68bb5c4389fe0749841135bcd04f3625f183fd7b8e0bd09d50b18710939b50ae0ccc8a7825c6f2b96cd981a78631050bab7a1dae0d34f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57921e.TMP

MD5 f0ec5ec3b4b6d615e1ff8d546a0c6406
SHA1 3560e287a35ce40647a42f38d75e0470a63ac63d
SHA256 069adbad45561809a64a1a0f5c42dc635a2268e7eca0c8234ccac1160ba18673
SHA512 341267250a1c59381e7763a563365af1cd9eb170e39e42403940702fa600d20c0367b1d8d468a80a7740cb52908ddbb31240c4d2b5373403eff692fb768e8f55

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\62fb3508-a79b-4025-b634-d88a60903ef9\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7c1346ec7f6d58fb4a55106ea564ae4f
SHA1 c4eaa93545eadb217cd73396665610e43cede412
SHA256 61f8e94ae88aa7da81d2b6c3cc2c2c4000f5acc6700f4a366b3e62a048e7de8b
SHA512 1c0907449841f3b7783931705d34b449fd9ad301bdde3ebe99b673407e041a90f67a6f579d701302bacd4142ec542775c2bf4c4aa523a875f17509bfa9bcc899

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57a0c4.TMP

MD5 c69dfecfbb88f114a70dfd1fd4d73004
SHA1 e2f056134afafb8da17442a10d07eed5e7d3be74
SHA256 a160d673ddbd396ad02fd55b8e011c4c9d338c4d250ef9277d8d9f53808943d3
SHA512 0b32c4e99b54a5572e3bf2dfa4c3d5ee7518a641d18fe40bc59c8a54eb207e070f2c3194a3d427c83eb31a05116ba7c12dae57a6ed486d09165bd93cba8f292e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionstore-backups\recovery.jsonlz4

MD5 3789accf245aa2d07decdab2858f5f09
SHA1 555a98b37cb2ecf84696c44eca8671700c4b9dfa
SHA256 0d87370de99d8bb6897707f53a48e548d0b477e1790520f9acee25a892dbeab0
SHA512 b010c122f5c0d83ee0a5772a18c5acdf4c99ab33387b2e1148aa9a3655767c1740d6a9dab4de2a5d1f7f13dc011eee2d0e16e12cb3bfd5e97bd69928070ac877

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 81ac05c6d01d84d913a56c11909cdc7d
SHA1 55f6bd5429c5a35ed53caae2cd50d856edcb7883
SHA256 b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5
SHA512 0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 678d2a22c595e8ccef6306f26bb1775e
SHA1 755e0fab178200e4659c9b8fb418099b8319214f
SHA256 b13e783e7fc6408cb46697d1178103c340ca06b0c0ef968db5ed290912ef1d11
SHA512 091e619cf3d940e2c35c1a593696ca3e688d00487305232cbff67db83a1bf329936c1478f4db8cc85c470d632f50f1ff660053cb38ad266b8056de5d7646a895

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dcadf26c8e13007fa5a3293fb3f7e2bd
SHA1 dc8df8e89fc8f9c8749d4cd9105db2b93afcb966
SHA256 ba4683b973866a632608b323e643302118d3a9da14c740c427b89b10cca7092e
SHA512 7835ec941dd598600ae25627eaf55e317f0e65d26606892025a065ec1bdcedb74766b229af4ca1bcbfcc6a7e36b416f4008bf69bf2f270e10308e67cfe337201

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\prefs.js

MD5 75a14c705960e938f8d74f494fb5cb77
SHA1 9f72a3b56075fc7c69945bcea5fc66a089276f28
SHA256 cd676e6e961e5db3a4a5686c794ba5da4d04f9c799adf91b99a9fc54104fc28f
SHA512 4dd291b4cff994b46a0be73643a62e15962cad2204f81bd9c92b7f81c2331f0afe6509961dfb4b63d30c8706ddf9ba9e9c8bab642dfb5d0224bcce5c2dcb7cbc

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\prefs-1.js

MD5 55053b7dd97537e7b251585fe5b67667
SHA1 6b63c37117c38902abb7f8e025e5fa9e464b95e0
SHA256 5b986950011852105317986945ec2768f538ebbad1240a2fcdf662225fa9039b
SHA512 970e7b50a977282f11b5f49013fc83d3538cc4444e7c20c10d57aa99985c432557eb60ee68a86b998e4a8716ba568f5b153881c39031b235b747afb0e8f6a36d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 65710cd77a14bd9db78e9bb8be2ba075
SHA1 b6e26cc607fb7ea8f51ff12044aed0132079f5bc
SHA256 056b9fc1176e8ffc4a3967866f74ad17197cbb75705704866958df108a4282aa
SHA512 427e8f3c971908f026b012757febc643d31419af053fbe80d69d8f91afa1aef5fcbf272ad0e84bcd892f3f893c82c14f1d4728b4aec5f72c8384b60186474b86

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 b21a1cd98c4f128a25dece30548fc1fb
SHA1 465b68b63ebaab98305911875c5f8655e47e1f86
SHA256 4cf80d766e86f3924a01feceae0eaf606b5700dbecfef96e4c871a6f9a304a95
SHA512 60d111eda0816f48189261cd7e3eeb2a22d6d3eca963ed7cdaa79495efb99445c686c3371b1acccb9f1b0cdbc1e51f2c165689dd30b927d58c7adf9cd4fde20d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 11ca1312017178aa1b1e7fb12d5ca0e6
SHA1 ec6fafa22541286720f0dfc0af90f1c22f873000
SHA256 38836f438400da8fe0067778953d59435e2785462eccc7a4180230e0ccee831e
SHA512 32e45102d372238147366986375f4e6a315512eabd30bad304552bc948f8ae67b1cc6c1bef401238993f348433dab8f2391d6fca25ba80c91ee963a8398f9b2e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 1e3ce1e0897c1a89a450618dca38dad2
SHA1 4e82eae41c292737217e4ab341a0f5f2225de3a1
SHA256 2004c49fb3cbf8054158cc92568caf20bde0ebeae8f1a8c7909477d64954b038
SHA512 86ba631239115470723e1b926ba4a12fe1e7b9a68b9bd55f680df11f6ec232776ee9088e23076277f1312afe971b3e162451d9e68930accb19305f5c063b4407

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57ec25.TMP

MD5 e589bc33a8aac41848e661434385454c
SHA1 47308d02bdfdc84ed9a28c0dd9978199d6e3ecbf
SHA256 664dd896f1bb7923ae369ddb771a2a09615912cea193fd3184232d3d5f1074c5
SHA512 06114a6018eae2d0a13a12b3b7e5f545fa202300f05b277617189badfdc8a04a96685908b1c7e9aa8896a87b4be72dc5715cc16ec80adca395ac2bc1a09662a6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 3ba7e6919bc260bb6ab523197f2be3e1
SHA1 ce2d7fe3aa42d99d733266d023f6aef3766e7785
SHA256 1032fd6f298c16aaae3f1ae2059591f2f5d40e839de4f22a5bb6d41c38a39818
SHA512 2806c96ff57678813e20abc51ffbcb8ebe8986b3775df5d42812be6b50c905840503486d1b963d1fcc6c3de572da4bf9ee175b802032753785d3de69fb0768fc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 3b2df667a176193cba046f74787e731d
SHA1 0525109b7a249a66df8c8eb7d24b49852cd076cc
SHA256 f38e1d77aa0173d1c110ebbc24f55704f74d28b33c70302f1170c1f4213f611e
SHA512 f6a90da9852126be776f2b7b488e04d8ff3cc6e0f4b222e1d9fb7aa2c938d586d4c88150dae1fecc24606c5a80270eb7c70ca4286a0efd2c2478aa2701056ebf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a3cbc1471e37caceff3c2140567f667e
SHA1 e457e793410a15c115de71e0888c3b0c52447f6f
SHA256 97732658b6f651743219843ba45eb965d927e204264ca45781975ef296ee8e9a
SHA512 2b7a4f32dfea363b9b1a2fc97fa79aea2e01cd4e281ebaba2b908b1d9beb9d1c1eabff2b350a6822fa9b8639452a9df9abf4f232f26097051e39f9651b3269a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1bcaafc5752b3459d9f7c80407357318
SHA1 5e4b6b7906764c4ffd4298c6b6de9ae28c67848e
SHA256 8fb3c462624e031d9d0b366c0ecf0865271c0143f2497032bdbdd1615fce4d75
SHA512 8053e92692fc728436dda5d1205af49528344e3cc6b4c4355d23a048eb8788a27d299aeba15a5143ff8f6beba240e010906e41f3e613ee3ea3dae61476c9f175

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

MD5 bbac7bb99faedea9a0cb17dfcad195af
SHA1 409312e9c3a5eaa03f2c8227a3693e8a6dc850ff
SHA256 b286f84ee8d1ad423d6c6d681d44ec338a542abff016773fd133db9eecbcb3a3
SHA512 727cc47adb0225730fa4dc9b2a791fc9b88660082bc9ab4e2bb65633a666772a75bac12cede3feab5609fcbb3c4807fad4a3b499d5633ab273e625b3650e2e5e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

MD5 aaba5e872ba07d60f556b78df854279e
SHA1 93d1494959f4027195f527db143e5aa89d60925b
SHA256 0d950d310c06f5df42df4c095f087e9e04f1df621baed053ad73b6c526cdb75c
SHA512 fb9f3fe53d97caf3624a5cfc952daa6fc486e153f9fb33a3456c7f86c655214b520432d150286dbe383bb30fee251f1f63e89e6bb5b45618a541ec03f8a94346

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 07cc617817bab0ea565a412901ca64dc
SHA1 12a5e3b59529b2c70c01ecf30c2f1fb7c43fff8c
SHA256 c1a3e063910512420d97f758c15f32746bda9dfe4875e484e46330919918e48c
SHA512 1456ad630a5b5d49be15ce1f6b9badff85a214287971417d973e83fa097e229b113f4579499459db4b47b07e1c2a2b055a7c3528f5ceec69f72f16acefd1599b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe583a45.TMP

MD5 e944237b3b62c8d45cf5f7aae5b5fd93
SHA1 93fcbaab02c99b25e9215a48f00e6f2667005379
SHA256 0612803157db814e29e56a15cfbeb897d1d5d7eeaa9401d110191413a39bd9aa
SHA512 72c5c6ecb46c3c7ffbb4bf5c211859c203fde54226d09ca6b4663b6f6b82e84a992db86d082cb8203dd263c0bcc917df60d52b98d6ea4f56707031b58d642b6a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 eb065c44d481192f7dd6d3499b63a010
SHA1 074d52099d7d4a8e83d090c9a568376315f8dd9a
SHA256 43102aad63966f350458c01a36eed2ede49684defe36073b138efb4f25a634a7
SHA512 be3586ea8ecc6d2b46ba54eb6674eeed6b15285459999ca51eb79afa20c118dfe77f6834a35d5bd11aaf9739220e21e5e80e24cdba7d3babb85630d536603737

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 52bcedc14982520d216186958d73d1e1
SHA1 062a5b6fed444eec7a0772964762911456ea48ea
SHA256 d85852644ade4bacb68161ad426ea8c20d96e28d3379bf1dbca153d6f1b9d824
SHA512 723748089a5844024b50b7a925a9adbb6b4f7eb4a1deb302c9490998ce76a5fc629e590e32ab3d36cc01e2f672e179a77479185306b90d40ac20c278046fcff4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 226a94e0f0fcd178fd58a8495c3eed40
SHA1 c5ad6544934be1c486792199d942e477f9d8ac9c
SHA256 bdb204e65c1fd2f78e305c76d04aa224a510252fb65313904049fe4fcaac4feb
SHA512 4c8d76a2769a867870e67729937656059074a4840d8b0bc1fccb015e1efa5254248c870a620e2ea29a7c738417ee140718a95edbab98037f4722496d861cf079

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 77359a051fa06ac630d2b8b4b4995ffb
SHA1 4d21e6364f5b6b0b13e355b13b653159da826724
SHA256 87ef32b38fadec3e092d71f393c165535d4f5e4f3394282cd1caec94d7806422
SHA512 d2b38d11825df985072bd8b5adce2f8169d72e46eb2cc3e40a69909a1ac8e480663fc90391a03d094c3957841f5fb318497ac86a3a77b5d13013e40c51e21746

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 5c673c0de17e765f7da1f9a1baa1e771
SHA1 e8208d83534d62bcc972a50c709cb1dafa7021f6
SHA256 7ce200ee22b606b4cbb2e0577f6ef6bd26adc685109a883d3d20ecc62765a286
SHA512 602a9522d69111f7ec9dbce19d69ba6257d0022c1a920ea6f064a3e2fade2014a3284f4a6f2638f96d8040814f84080a979e75600696cf25115ca49f638db41f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 31b770908b4b494b0695ab4d206b426a
SHA1 274616f69d114b5e4b295e71ba9988ed80845e6c
SHA256 ed52d0c02dc75dd491729ff2a691c0c01b969c756ac21d833a206302ff41d867
SHA512 57f6ffade930e168afe2cfe94ff1aefbf26c1b4d706c2696def5ce1fa6beccd7155288860c3ef557b28cfcc7a9f8fd2035c4211176518a7abe9c30200026b41b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2209a81e77ff40de768191178d91a18a
SHA1 c51087835ec4a031ba9937fefd5e0c77be05a082
SHA256 c43eb1d7ee2c5ca439044bd0b0b80ab33454757fe10ca61f0d50085a39bea79a
SHA512 d8fced511358065ecfea5d7715d13e9d660522186f01d8785c5af89d6fe28e8807686043e7ce7fb5a799e2233d639bf270ac5acf1614a004b66d89433b9d37af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6f0ab457af749c03642ac7163655e3d2
SHA1 242e60948eb2a0e39514cc526c9adaee278f0308
SHA256 4b82bc84c6af30112541fc3b22b0197f90842b3571fc7f1db8d21a9d18514f28
SHA512 db2bbc8df74e60f9882fd92d7749ee729f428ae44e5f02941f97c1fada2b6b6fa511e8e207b8c8e561251ce5d6e5249e2bbe66d3d4aa70053075a33d5d216723

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

MD5 e337014ceba65092b027bdeddc48b00b
SHA1 98ad97b8adbb411d6d4623fab506924aa6772304
SHA256 c8376c9fa189541da0b65cbac556fea079eba00755803b97808f79b6d2b07c95
SHA512 24dc7ea8954498d7eb926f6ff07d245d82dff98ecbf77093b717351328434306d37c0a95aac208f711c8f3bb901ffa05daa974aa719518eeb14bb844df5e3d6d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 23e2cda7d8a4dd38340abb81a62ead69
SHA1 0a836b076156dbe5154ff9eca6aecb82bff17848
SHA256 1e0b9cd5342a772772dff930ac2c630cfed4a28be54def6ea7d5fbcb8c1e467f
SHA512 62a526ece00e20a910a943bb39f56e3db94613b379a59de4b97d2ebc2662fbb603a9cdd22ce45489869b1ce31ade9c2b8e8fb5ab4ad7ad0a888636aca8c4edcc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 01bfb77c83df94d5aa93de3f4c8bccec
SHA1 c809a460bcffae9f47075567dacd6a60596ca5ab
SHA256 984894334b809f7b2811e928a98abacb45700306fcaa1928f19162fe466a8896
SHA512 388bef199724b3d6405f4ed0c12e9ce2a04df9950b5f3b9bd8e3bef7d858d014ea0f953c1d0912086550bf8f2e2c779f6c8afc7d77e849939417eadccef8d7ab

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c968cf240f26a017a0f353a8744afcf1
SHA1 6098a8ab5f42c750c1355282470e08b94cf1fb0e
SHA256 e797f7a6fe6acfa871e11c1855801c3f06e1b45ee23ea6a5fad6966af02544f3
SHA512 8fc06925c4855f21134a7699e3aaaaf5b7be43b0ccca414acaca7fe41b013a4aba73bad6c5e490c184e3e9cda42be24394e8876cbfc331f47e981f709f2a18a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9085c23abed92f812513b76638675796
SHA1 1e77bbd9537f236a712d0812bdfdac119989de45
SHA256 e510ce5daa5a9d9d065c6c1fcf08d1ea671f76c4d39e3ba30cc0301c606c5b43
SHA512 2923a8481a256d2504fd11fd524fc34e961a2a852998d64f626c28787b102420d2423b6ae7b734438d36010af7f8ca3569298de1f53d1d8ad5af81ade19cefd1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 885e71a3312b96598e311c88e79eace1
SHA1 c513a113e174cd8c1a80d27a1988e2885ad4828b
SHA256 863932d16421b50e091cd4bf7c4ff01b1b674f738f3b930ed7f2472a7b00350e
SHA512 10b94086c0b068442e6b529bbf7d6ca9540c799a55c13e1eb1192d5d0e6c925df3741e3d4b39fb3c460a9471a24336092b663081d573edb32ee40a635b645424