Malware Analysis Report

2024-11-16 15:51

Sample ID 240206-m1247seee2
Target 7b7bc9c3d4f928be978ea3c8e4e83fad
SHA256 63aba47a62c9290618931c3d8fd217575f1d880334729c975048598292be4380
Tags
google phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

63aba47a62c9290618931c3d8fd217575f1d880334729c975048598292be4380

Threat Level: Known bad

The file 7b7bc9c3d4f928be978ea3c8e4e83fad was found to be: Known bad.

Malicious Activity Summary

google phishing

Detected google phishing page

Checks computer location settings

AutoIT Executable

Unsigned PE

Enumerates physical storage devices

Suspicious use of WriteProcessMemory

Uses Task Scheduler COM API

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious behavior: GetForegroundWindowSpam

Modifies registry class

Suspicious use of AdjustPrivilegeToken

Enumerates system info in registry

Modifies Internet Explorer settings

Suspicious behavior: EnumeratesProcesses

Suspicious use of SetWindowsHookEx

Checks processor information in registry

Modifies data under HKEY_USERS

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-06 10:56

Signatures

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-06 10:56

Reported

2024-02-06 11:04

Platform

win7-20231215-en

Max time kernel

49s

Max time network

154s

Command Line

"C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe"

Signatures

Detected google phishing page

phishing google

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\DOMStorage\facebook.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{27EBB571-C4DF-11EE-8F35-76D8C56D161B} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\DOMStorage C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff5600000000000000dc04000065020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 2025c4fdeb58da01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{27F300A1-C4DF-11EE-8F35-76D8C56D161B} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a883829c536588438b4279b7bc6c1930000000000200000000001066000000010000200000004a00fe7b41df7d3176de7c9982d4081dea882598f4ce392d86d6c60dc131e641000000000e80000000020000200000007bf5ba149aac3c9e330fa945b7bef0cbdf46a6d55e77ff84ef9080afc1ad742820000000de384b279734b772c81e1f3507ffbfff8f636fbd07c8876fb32333d341e87c5f400000005b9b0549901c6c7de13b4404006edf4b720e9d7901946ce2c0b63f3fdc03c62abffef821b077a50e94890d27e3d293eb45d390f8c3798ac69660323bb2437abe C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{27EE16D1-C4DF-11EE-8F35-76D8C56D161B} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2628 wrote to memory of 2740 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2628 wrote to memory of 2740 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2628 wrote to memory of 2740 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2628 wrote to memory of 2740 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2628 wrote to memory of 2400 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2628 wrote to memory of 2400 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2628 wrote to memory of 2400 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2628 wrote to memory of 2400 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2628 wrote to memory of 2780 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2628 wrote to memory of 2780 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2628 wrote to memory of 2780 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2628 wrote to memory of 2780 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2628 wrote to memory of 2816 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2628 wrote to memory of 2816 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2628 wrote to memory of 2816 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2628 wrote to memory of 2816 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2816 wrote to memory of 2612 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2816 wrote to memory of 2612 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2816 wrote to memory of 2612 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2816 wrote to memory of 2612 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2400 wrote to memory of 2224 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2400 wrote to memory of 2224 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2400 wrote to memory of 2224 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2400 wrote to memory of 2224 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2780 wrote to memory of 2668 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2780 wrote to memory of 2668 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2780 wrote to memory of 2668 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2780 wrote to memory of 2668 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2740 wrote to memory of 2220 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2740 wrote to memory of 2220 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2740 wrote to memory of 2220 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2740 wrote to memory of 2220 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2628 wrote to memory of 836 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2628 wrote to memory of 836 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2628 wrote to memory of 836 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2628 wrote to memory of 836 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2628 wrote to memory of 1752 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2628 wrote to memory of 1752 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2628 wrote to memory of 1752 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2628 wrote to memory of 1752 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2628 wrote to memory of 2032 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2628 wrote to memory of 2032 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2628 wrote to memory of 2032 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2628 wrote to memory of 2032 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1752 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1752 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1752 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2628 wrote to memory of 2040 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2628 wrote to memory of 2040 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2628 wrote to memory of 2040 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2628 wrote to memory of 2040 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 836 wrote to memory of 1604 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 836 wrote to memory of 1604 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 836 wrote to memory of 1604 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2040 wrote to memory of 560 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2040 wrote to memory of 560 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2040 wrote to memory of 560 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2040 wrote to memory of 560 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2040 wrote to memory of 560 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2040 wrote to memory of 560 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2040 wrote to memory of 560 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2040 wrote to memory of 560 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2040 wrote to memory of 560 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2040 wrote to memory of 560 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe

"C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.linkedin.com/login

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/video

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2816 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2400 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2780 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2740 CREDAT:275457 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef7159758,0x7fef7159768,0x7fef7159778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7159758,0x7fef7159768,0x7fef7159778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef7159758,0x7fef7159768,0x7fef7159778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="560.0.1653616162\1902170581" -parentBuildID 20221007134813 -prefsHandle 1236 -prefMapHandle 1228 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8f1a5874-7019-4a0c-a311-5dbdd0fd304b} 560 "\\.\pipe\gecko-crash-server-pipe.560" 1340 110d6458 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="560.1.275440108\1015823194" -parentBuildID 20221007134813 -prefsHandle 1520 -prefMapHandle 1516 -prefsLen 21610 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7a2620fc-e42b-4165-b6d8-701c8f26f5ce} 560 "\\.\pipe\gecko-crash-server-pipe.560" 1548 f4ec858 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="560.2.1054258202\1944150784" -childID 1 -isForBrowser -prefsHandle 2000 -prefMapHandle 1996 -prefsLen 21648 -prefMapSize 233444 -jsInitHandle 780 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {10fc5ec3-29c6-4ad5-929a-57f557d899d2} 560 "\\.\pipe\gecko-crash-server-pipe.560" 1936 176b8558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="560.3.173097520\566167508" -childID 2 -isForBrowser -prefsHandle 2764 -prefMapHandle 2756 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 780 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b2167ed5-fadf-457b-9162-5375b90436d4} 560 "\\.\pipe\gecko-crash-server-pipe.560" 2776 f68658 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1516 --field-trial-handle=1376,i,7328084361287292661,16130301770963394031,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1092 --field-trial-handle=1376,i,7328084361287292661,16130301770963394031,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1616 --field-trial-handle=1376,i,7328084361287292661,16130301770963394031,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2148 --field-trial-handle=1376,i,7328084361287292661,16130301770963394031,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2168 --field-trial-handle=1376,i,7328084361287292661,16130301770963394031,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1208 --field-trial-handle=1348,i,2398192050743721179,11349081662885819277,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1476 --field-trial-handle=1348,i,2398192050743721179,11349081662885819277,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2680 --field-trial-handle=1376,i,7328084361287292661,16130301770963394031,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1160 --field-trial-handle=1328,i,5554489219706651971,8959646595152049847,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2836 --field-trial-handle=1376,i,7328084361287292661,16130301770963394031,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1500 --field-trial-handle=1328,i,5554489219706651971,8959646595152049847,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1472 --field-trial-handle=1376,i,7328084361287292661,16130301770963394031,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3680 --field-trial-handle=1376,i,7328084361287292661,16130301770963394031,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3300 --field-trial-handle=1376,i,7328084361287292661,16130301770963394031,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="560.4.790532038\1678693273" -childID 3 -isForBrowser -prefsHandle 2992 -prefMapHandle 3672 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 780 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1525ee3f-5f04-4cc7-84d9-49e50fd23258} 560 "\\.\pipe\gecko-crash-server-pipe.560" 3752 18d14158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="560.6.1686262586\322537582" -childID 5 -isForBrowser -prefsHandle 3968 -prefMapHandle 3972 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 780 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2a529318-219c-4757-b1dd-92867471d637} 560 "\\.\pipe\gecko-crash-server-pipe.560" 3956 1fe2ed58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="560.5.1959130263\737267625" -childID 4 -isForBrowser -prefsHandle 3860 -prefMapHandle 3864 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 780 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0d505446-e6f3-4298-8469-444575c37735} 560 "\\.\pipe\gecko-crash-server-pipe.560" 3848 1e716a58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="560.8.1540021855\678282617" -childID 7 -isForBrowser -prefsHandle 4348 -prefMapHandle 4356 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 780 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3b179f1b-5654-4183-b8c4-c5a4a7d0b943} 560 "\\.\pipe\gecko-crash-server-pipe.560" 4440 21076558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="560.7.125366488\628092159" -childID 6 -isForBrowser -prefsHandle 4244 -prefMapHandle 4248 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 780 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4c7e0dad-7bbf-4d4a-ab7b-46d2e001b735} 560 "\\.\pipe\gecko-crash-server-pipe.560" 4252 20f19558 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4184 --field-trial-handle=1376,i,7328084361287292661,16130301770963394031,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="560.9.1876793258\1886919114" -parentBuildID 20221007134813 -prefsHandle 872 -prefMapHandle 1944 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2bc23ff2-b3c8-4dbb-90a8-0ae93dad8647} 560 "\\.\pipe\gecko-crash-server-pipe.560" 3312 1e718258 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="560.10.1862231149\168232901" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 4728 -prefMapHandle 4732 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b7a2cbaf-c54f-4434-9975-09952cf94bce} 560 "\\.\pipe\gecko-crash-server-pipe.560" 4720 1e8aff58 utility

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4536 --field-trial-handle=1376,i,7328084361287292661,16130301770963394031,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="560.11.487871245\1633953009" -childID 8 -isForBrowser -prefsHandle 5000 -prefMapHandle 4996 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 780 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ae5932d6-4b42-47da-aea2-64928e120048} 560 "\\.\pipe\gecko-crash-server-pipe.560" 5012 1cc05e58 tab

Network

Country Destination Domain Proto
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.linkedin.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
US 8.8.8.8:53 static.licdn.com udp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 m.facebook.com udp
GB 163.70.147.35:443 m.facebook.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 facebook.com udp
US 8.8.8.8:53 platform.linkedin.com udp
US 152.199.22.144:443 platform.linkedin.com tcp
US 152.199.22.144:443 platform.linkedin.com tcp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.35:443 facebook.com tcp
US 8.8.8.8:53 fbcdn.net udp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
US 8.8.8.8:53 fbsbx.com udp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
GB 172.217.169.46:443 www.youtube.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 52.10.159.154:443 shavar.services.mozilla.com tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
GB 172.217.169.46:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com udp
GB 163.70.151.35:443 www.facebook.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 172.217.169.46:443 www.youtube.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.200.42:443 content-autofill.googleapis.com tcp
GB 142.250.178.22:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.178.22:443 i.ytimg.com tcp
GB 142.250.178.22:443 i.ytimg.com tcp
GB 142.250.178.22:443 i.ytimg.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 www.facebook.com udp
FR 157.240.195.35:443 www.facebook.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
NL 142.250.27.84:443 accounts.google.com udp
GB 163.70.151.35:443 www.facebook.com udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
N/A 127.0.0.1:50161 tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 accounts.google.com udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 accounts.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
N/A 127.0.0.1:50170 tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 142.250.200.42:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 rr1---sn-q4fl6nsl.googlevideo.com udp
US 172.217.131.134:443 rr1---sn-q4fl6nsl.googlevideo.com tcp
US 172.217.131.134:443 rr1---sn-q4fl6nsl.googlevideo.com tcp
US 8.8.8.8:53 play.google.com udp
US 172.217.131.134:443 rr1---sn-q4fl6nsl.googlevideo.com tcp
US 172.217.131.134:443 rr1---sn-q4fl6nsl.googlevideo.com tcp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 172.217.131.134:443 rr1---sn-q4fl6nsl.googlevideo.com tcp
US 172.217.131.134:443 rr1---sn-q4fl6nsl.googlevideo.com tcp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.213.10:443 jnn-pa.googleapis.com tcp
GB 216.58.213.10:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.213.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.169.74:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.46:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.46:443 redirector.gvt1.com udp
US 8.8.8.8:53 r4---sn-1gi7znek.gvt1.com udp
CH 74.125.108.201:443 r4---sn-1gi7znek.gvt1.com tcp
US 8.8.8.8:53 r4.sn-1gi7znek.gvt1.com udp
US 8.8.8.8:53 r4.sn-1gi7znek.gvt1.com udp
CH 74.125.108.201:443 r4.sn-1gi7znek.gvt1.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 play.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
CH 172.217.168.67:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 216.58.213.10:443 jnn-pa.googleapis.com tcp
GB 216.58.213.10:443 jnn-pa.googleapis.com udp
GB 142.250.178.4:443 www.google.com udp
GB 172.217.169.46:443 redirector.gvt1.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.35:443 www.facebook.com udp
GB 216.58.201.110:443 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp

Files

memory/2628-0-0x00000000003C0000-0x00000000003C1000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{27F300A1-C4DF-11EE-8F35-76D8C56D161B}.dat

MD5 5e1486ca880c7fb932e6429d9da884e8
SHA1 3ae511d36ac518980fce62420c1ae6689e665ec7
SHA256 96f4662f6ec06810cf076f96f1969d813b8f7b51468753efcb47a580253b7539
SHA512 5aaf92b35d4c9b8d9ab90b43b328cdbb8b0d5e1a53bc95586f49fc80e9d789ee05d1b9d82acff3d91925150066b7f9e3ef6ca9aa2d60b30155e947d62f738d59

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{27F2D991-C4DF-11EE-8F35-76D8C56D161B}.dat

MD5 01d33b81d3a85410af78fdac87e87604
SHA1 a38babef9bc565bbc8d8170a8c1f677408a92313
SHA256 3ee8a531c21cbaf59bcf7d8e1adcea79dcf18fd86181394346451f40b473a3e7
SHA512 f9936d62527b935b3b798ecf322f62a61f13ca128d5c6b82fcfbfbb0b67ce82b35c1485bd973e8899bde0da16d45b53626aaed0661b3fad80a745b6ce09e40ed

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{27EBB571-C4DF-11EE-8F35-76D8C56D161B}.dat

MD5 0688446281d5473ced0b92632774d1c4
SHA1 27e1cf233f4f6c6e0149c5236c4ef0bd113d2df3
SHA256 8db8fdf32f017867ceb1f7fe5ff676d10d7f4bac66c97206554d91f6b3f1b178
SHA512 2f9d1f408c90218a6b7936b63eafd6fe4eb5c2feb28357f16c1ac5365821a87d97c08103cce38f1dde1f9b27fe3d86af441a0d5d1adbfc7950075808a537715c

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{27F300A1-C4DF-11EE-8F35-76D8C56D161B}.dat

MD5 90a5e16d22ea95f9df1bdc5d50b4d6eb
SHA1 15e69bedde40d44f4c8c4190c979b0a98cd25751
SHA256 b2c0a405d985fac96b5ca0076cbe301e6fe23df87ca13be459d08f411089741b
SHA512 8787e75ac50b56d5992998a5e3a79747f8173abd9a50747cc03959eb60b605eb120d4861301bd12b23981944af3fac269e5e559fc870fd5e89647d85cdcbbfa3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 5a2d8ca3a32d8aaf53c8d93623177cef
SHA1 d6613aeb0713b27a8aa2e78b3cba66bb8a63fcdb
SHA256 139c22a6599007a0cd1485c5dd5dbd041b2120f9f3c3afc97a8a2d4467016fce
SHA512 ce304de85ace8e0e4c16296b94111f374b5d9a022e0abf42d698a74e2e87e017fec23d4ff6044e2b3836ebe78c14582d0a3992825eb9ef97a9e1c0abd83de184

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 a0b63d315b1a6d763785d33e2b012991
SHA1 6d813b35f7750a138077fa4fd3fc7aeff05c89b5
SHA256 46d505297e9e4d9e7c53422ea4ef00f7428782e779bf5f8830d862c81f144c26
SHA512 6fef92b8b27348bed8b94220adc74173b1d7d1aa995d8404c32051c03fdd2fc4b946a31c60e3152ea17ec045f957d341f92e3bcd222a2662700b71aa83216d3d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 4af1701f799b3a54f08ecc13e71582fc
SHA1 0ccb08423c0d5163b2317cd7adc994ad8a3efdd4
SHA256 d9f18d82b6707108062dee0a1700b3e68e7c345c947bed2a90666f6c26877e33
SHA512 03fc9c413dd23790a1340f91a127348c2826c42354a3ef82aec2aee77b413803259e14d58090ed7de9accdd4130027ace00ffa9477966ecac0dee5a82f07ded6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 432f86da96f6eb5b8980cd35e298ed52
SHA1 1b0e84ac6c0c7c2703d27f6230c80d6d57dea3c6
SHA256 390bbb602611c7347d216f873765d72a60a204acfd68642f7f0f8727c0deb1f4
SHA512 de9f0d0db807cf339fa5012e7ecb797e72c1a96879dfa88ea36276be339d8ec813ff715e1559845d81764524d5011274466fb20b075fc6d7c0a1da76e2275bde

C:\Users\Admin\AppData\Local\Temp\Tar52F3.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\Local\Temp\Cab52D1.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 66a15c210c43f0055f404e61efe65a25
SHA1 1303ff3afaa12f3e7d8e59391c1de8cc22679233
SHA256 ff3d802dca9c22c2b671697074f9b48a876f1c3656f85fae1ec11e8b39a93353
SHA512 79b3fc52fbfc06793b9b4818509e1ab1900a1a45dac70877821501319e392f62285b5c7dbad8408b24e2231ba43ce6fb0155823b41865221542eb8aeb265ee93

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 628c43d32176890c598d085826d854aa
SHA1 271f85eba55006e967caa7e1a031747f149cd6fc
SHA256 4ef123ddd615d1faa59f771edf660db4162d699e25d8d9c1591ed7eb180227ae
SHA512 7430fbad356d2c0dcce5ad74b4dbf2ffed26e0e3528710a01af5063a49bff0da99e86e49204f7e95939fc4d3ac03f1cb88e326d8e1d954a34dce1ffa0d67d945

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b1e99f6fa315ad3291f2b8278e3d92d1
SHA1 b28b05a455bbebc7658dd8651e04afb9fd861ef8
SHA256 293d0a1fba928045a190ab435365dfc6399408db955a0d02a4078ab878e48fd5
SHA512 b0606db56de28d36bf898f916d4df0b014253d75e46f6162ad6f33b049270380b013feef77f174a69994d41eec4467ab29ed8e53dda5f5d575792ca9cfa69fa7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 85aba89c53bb7c2a4f540128473bc3b1
SHA1 493feea8df0a909b5b0e0cdc04c86b193fc76f27
SHA256 98e383259fd9f2d438b50930f12b97f0ecbfc10365e78cc24bb6154e2ca888f1
SHA512 08a64ec7a30d04da12cda38456315e19c1816f9382de4dfbc9646a2a755d7eb8c299334246b3831d63c2d668b369e1c2223ed3a570e0fb10537272b2c7402614

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 91281d189198957c22c5c381b9f92d05
SHA1 bea06fbbf24d511a7cb5aa11026a90caf3813605
SHA256 679814cf00c1109b9074fc06c8b6b8eaecf6e16da746be8de6c17a6c5949e6cf
SHA512 57f221b88dd34234ed6a70c8954c344274489f401b1b62629bdad73e046609a2937be9e84954162259627423d5453f6ce84aaa15911daca3a551e2647acdeee2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 55f3e16bcfe0b6bee0762f6aad817e4c
SHA1 6a9df9fd6d5443efdee5a4827733fd56857863a2
SHA256 e72661e69bfc89b796a411a8ca841c0fd8d2ec7275b2316cc9360f3ad8b3a6a2
SHA512 ecc409c1057e8c6c1ac6564ed868b799bf6063e3e0c5e35a1be4c26f68943e49738f107b39c41d20fea0827dcf4715d40e15903d439080f1d3f6b4f6895804e5

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\d151rer\imagestore.dat

MD5 97e5ff53683e038b93f76f6622e95f3a
SHA1 642447e9db18a6136c66dcc371af08822435e6c3
SHA256 8cee9bc9be52c27d591a00caa25f24a0ddc1f3e8d0d800098908fd83c8822793
SHA512 6d35b79cad3603abf3ec3ad21440d3301bb848f352b9f5c41fc7c876f752a136ed7080b41f1eeddfe478da245721b58857d98675780cdfd2df7496a843ce10b9

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6MCRSFJ\favicon[1].ico

MD5 f2a495d85735b9a0ac65deb19c129985
SHA1 f2e22853e5da3e1017d5e1e319eeefe4f622e8c8
SHA256 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
SHA512 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CFHPCFFP\favicon[2].ico

MD5 f3418a443e7d841097c714d69ec4bcb8
SHA1 49263695f6b0cdd72f45cf1b775e660fdc36c606
SHA256 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
SHA512 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\d151rer\imagestore.dat

MD5 9050e5454f17e0b26cd0a058c0cfb030
SHA1 3d52d9f694cd75c7f7281462192d311d78795ef3
SHA256 22c7bb0e6a06dbde3a8a5acca2d756e11a0e5a1eae9f7ce69a583dd3bac2f6c2
SHA512 fe5fc1b4e4289b362e9ded5f0750485b7a483481d7136c0573959691a5b4aa2cbd8a83d23c1cb5bd2584d3013a03d6e98cf04ee87643f288c3db35928bcf4f2e

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6MCRSFJ\3m4lyvbs6efg8pyhv7kupo6dh[1].ico

MD5 3d0e5c05903cec0bc8e3fe0cda552745
SHA1 1b513503c65572f0787a14cc71018bd34f11b661
SHA256 42a498dc5f62d81801f8e753fc9a50af5bc1aabda8ab8b2960dce48211d7c023
SHA512 3d95663ac130116961f53cdca380ffc34e4814c52f801df59629ec999db79661b1d1f8b2e35d90f1a5f68ce22cc07e03f8069bd6e593c7614f7a8b0b0c09fa9e

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\d151rer\imagestore.dat

MD5 32a9213e216d3b28790030aac30e5b45
SHA1 1bb080e3e9db4c3720fc25d76be66b5fde42f764
SHA256 93448295119cacb60e084f16731ca4f265b40871bf0d68d3d46c2188ef9981a5
SHA512 662354ae6cbceccc6a68d63bc6c18ed63811d9e088b77d98cbecb9c8476588012256128cc652622a54459a644ea99dd6c0ca4a55422f51fed51fc092c206fe8a

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\HQG691I3.txt

MD5 4be08f6b19f986f473b41a0aa0800687
SHA1 7020a072ea97cdcedcd14a4b871e6c137695fb03
SHA256 491ad726536982ed943d63136e762c800b708c12ed836a05fd60371826a942e4
SHA512 37b458f7d77b32839773528a21dfaf4324dc41f28f3c451db9a03f1bd27dd4f0ce96afe2d7ea793d57f0084486e7959852a061f5c7202cd18fab2a552abe50b2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 7d10d6a2d05142b2f7de42728ab93a9d
SHA1 dd26f063d2bf4688cd996ea46ec9c79f9702483a
SHA256 a06c2f6ee0ae9af14551ac19e95835bf20b775d835b558529eb5979d474f0919
SHA512 74738a2f5fea62431113b09022d031000ee1ee3fd15d0c02dcce313c1f67d7c9176d13a715653d1fd23ed10c8c8fbdeccfe09bdd17511e3f92e218ba151e9139

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 bdc0b7110de9c3ca631a59cec64e6b1e
SHA1 4b9c6bd1584b913831a0bf92c90f93747a8382ca
SHA256 b88c3097a7dc782260fa14f843638ff044322bc9ddc73c1cb33512ef3d14efd1
SHA512 8afb5f4be7dc9c7300bf20c3a871c1bbaeddc3b34126144454177a859da06347c0dd9a29bfdd3ada1cbc297eb5e42c40ee526af2e6d1a7321fd480c64faba1dc

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\d151rer\imagestore.dat

MD5 f209d33710c5cb49948ba69f2b2d08f6
SHA1 356c2d4f7d74441f599474580f636b5075a8d175
SHA256 dde99fbdc0a0bc65d0e9ee9b1e88a83a2ba7ac5a3438ff254970f736b8d28032
SHA512 8dd8d0ebc95395903d8996209dfc219022a72ae791f7b9e377a030a833faf59ebb823c2295c0cf6d0185919f9c9539319da149d5173b5a5af8f20afd7a0e684d

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTTGCPI6\gB76kJXPYJV[1].png

MD5 389dfa18be34d8cf767e06fd5cde4ec6
SHA1 47b751cffab47d076816c63ce08d3e84600376ee
SHA256 3c45ce612f41b1e7936e7cf5b235047344fd3146d1630e342f186d1d1e8e00d5
SHA512 c4db18f636ad85e87f93a208fb4b02b528659ba367e51cfa6d7826ac1159f445a85fbca8d12ac67556e8fb5208dae24ae309e783d50feb088ef0e9f47ac19430

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c79940f8baccb1daa7e1b5e86b7b83c0
SHA1 cb278289ed8b0a3baa8d47f5fe329739f248ad63
SHA256 8cd97d30657b6227ba265d5434e5f7b7dd2939e6b98aab08767faf5cb51dab98
SHA512 533f141d425d0db12226fef0bd2a733fb43f38b989e940a0ca5cf9f983e03dc79a5fbcab81b0c8705d74a57445490ac06f260c95e219dbe537761239da31758c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 eb430b544d75ec1e3104acb9ebc98c22
SHA1 84c1c6b81f813064526f9264648d4748bb86437b
SHA256 e99292837e082beb0ce5fca128cc290a588822e0bba4fddb1d57ab34bb44755e
SHA512 f38b91b96d98aac4c7d44ce1e7073207db0114d40eeb10142afc2ad09f4f75f86109f0b39edb27f6de9c1351e9bdb530c61b1a4b453dff26c94ec3e8a01205e5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c722727157bcb31eb406c4bd30057f7a
SHA1 cbe1a21d7d39301514075ba277516d75a45ff91a
SHA256 b36804367151fb578050c08e30c6acea2e6b636ce9378b1cf2b3a10d8297548f
SHA512 058035444245e1b5a568c45354455d37d908a6360960c173783608f570f092eff18b5a64f7d5689abd66211fa9d5d4e5faee8017c9fc2c4415925d3910b082d9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ff7aa6052ff5aea146b31cdeaad65946
SHA1 df2e3a6e1db629ffcaa475df85c556496b958ca2
SHA256 cd760340a78122d3663073d8efc9cce52bfb6d7e30d12d9d96fb07ff8d2fc2c5
SHA512 b140cf47c6f1ba298bb5590fc652e6cff6b2f948ea4eb83f89387fed15ec0e811456680b8bc2ddae7856f9de629ac547416cf8fa94747c6b6ae6567388ee4526

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 897720ce472cc9b0c2f9751ffa8ded8b
SHA1 139f98ce07beb73348531c2e07172a334134e1e8
SHA256 9261e9e169d3e8bf6ad398e5d4ebf4451445da526ca6bc30a93b53a3a60634f5
SHA512 acf7e40fe59bd8c653f2fd3adef63d75b9f365bb3b48fe4b13057e08b8d05cdd3741977bd4356a9374714ece2b706c76cd8edda966c771ce51710388aa29653a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0886a59d05d53f7aa26f66118bf2e79c
SHA1 e4028e733ba862689b47f7a03bce43afb4fdc434
SHA256 b34d813249cb9462980fb9a56928a2ac92bbe72e498141ec4a866068c5b1c07a
SHA512 de49004f95c892a0437309a19211680a7a020815a7823da4a06756a72c3d708202ddfd1e4f7575af23ae0a13813853d514e6f32f42bc43ba2f1d4a9de4220705

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cc72a67adcee4c8aeb19e679c25bb05e
SHA1 4d7b3bef660fb67c93616550bef726fda94659a8
SHA256 a7afa9280c7ee0aa9da604c68ae29a5d8c3791892d674d643ede818c9c58eb07
SHA512 5057a6086a6daa14f7496eb31ae63f2d1f2c308e394ce9ab724469b6b9a74689e5f65d607ed77901d58387e0bce6ef666718afcddf4bac040bd1780326af0927

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5e5c35dcb521152fdae4ef1f6835bbe9
SHA1 b953a845c66c6cba4e8f0d05c73d64ab3fb8535b
SHA256 3d36c5383e20557cd74e604868c0c9836ab17e41c67e667ec2ffaff90d653e29
SHA512 7a789103af93976ce21d5772821fa4e0f1354f46abcaa01c3da5d6e419a347fe8776243880afd5ee600f2a36fe070e7e1a32c4ac4409f887e12a043b1329e320

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 386c885561b637b7c5bff6a835d45494
SHA1 7ecf0199219f3b9122a41872a46e3f500ef46c8b
SHA256 2a224e2d270cd98ad806b38f27255c879d86fe39ad3f3b61e6db54cdc5c0bfcc
SHA512 5509143ba4f5901819d78307544bbe14c3340b5e31e58841a4aabc8bfdb7fdf25d705ddd334e928dbcd438f9399690005319ca6e387c6dd7cbe485170e22eba3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cd91dc033142a0a93de128e7b5e724dc
SHA1 2e0059c75313f13a2b76348570de0b89b80725d7
SHA256 f9b66be18dd0c5a89d6d71379e3aae1a4cdf431cb063e5e4d90f261fab296169
SHA512 4c8ed897e5f79e6adc98cdb632ef7cd2fc05a5c37feaa1bdef58ebd062b84710ff6e9207f4a6423c307b106226b9d0abe41cbae0e912156e2942790e81649790

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3bbea481fda5066069f7d1d6d7154089
SHA1 3b69affb2f70577382e1bf5567dc30f4fa4e4f60
SHA256 620a4be19af7ca028a8ff3469c2f35483a256a733ba6da81d11c224a9d06484f
SHA512 6c5fd4e4195cf2b94c2dffa0a526fe954acd00705862df0352bca369e540e9654731aa4de109bdcb5836f22ebdd44e56f5c85181cc987b60f0ff3aeafdfcbc28

memory/2628-891-0x00000000003C0000-0x00000000003C1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 6992aa2d747756123be1c5b182f9ddec
SHA1 ca793310391afb6484938a731839ef59a13ded93
SHA256 89563071fb7bb4205206469f561504c6b36e764dd658eaaf8d02c0901d7dee26
SHA512 022312f898dbc857d3d9bcfec3b8661e61e46bce311ea4b885b30527c05b739fdc1b3c0a0bab6f6fc0b0d972f1dc03a7ed1027b7bf649bc6b46d7a73ccd4e864

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\datareporting\glean\db\data.safe.bin

MD5 7ec22689b847ff8bf94402034c4eccc8
SHA1 63b03434263e8dda562f2807a58a94bdb6d63980
SHA256 7b96a7edadce9993c6cfc8e3229e2f56e70893b2e2e78058c90c511f2cb515dc
SHA512 7d714519131450ed727d1a67bd8540f0a5fe9b1fe3118c1e655867c56f85f1ac864a9d66c66a69cc455b071e07c836149911aa4fcc343cf4ac2ac21389791f13

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\datareporting\glean\pending_pings\822b4b1b-1c8d-4126-8149-653efdf6a163

MD5 427d0a3f7a440dc8220964300dbfd6b4
SHA1 6ede159b7a81c5c4a76aa3f57be3e8df0fbd8835
SHA256 7174a0b9eccccc8e76c6efc9e9bcec5c1d31809724ceeed60368d00d5cec699c
SHA512 db1ce93528031d28f9c2667bb77e8ba9e87178b58e010ef40ef57daaac42452f70934f84a3810cf7f12e4efdf4e8f6cfc51a2616e5a170f67c7cff895e151d7d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\datareporting\glean\pending_pings\bdf70c94-b627-4657-b3f3-d93b492678f2

MD5 05ad9cb682258c7ba04802d0f1aac19a
SHA1 3e43d7c7230f4de24d4d0d5b7cb7ddbc66a4ba1c
SHA256 a55e551cb994950bc55ba8a86e6b8114cbb8bbd5d36b3af8eee609e1315fa556
SHA512 85047f2d24a1af3b81b86ce5db4b9a46ce28046d6650cf2529de7e8440d86f4b235835075c0f4d38494f4b55a71c74c28287565c5c676468a2dbe9a831b10f27

\??\pipe\crashpad_836_ZSDIUXHKMQKPJERK

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 8549c255650427d618ef18b14dfd2b56
SHA1 8272585186777b344db3960df62b00f570d247f6
SHA256 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512 e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 0a924dfda91bdb101aec507f6d222304
SHA1 3d67d4488a876426e78db197ea53b2bf56f29896
SHA256 de9055f9e2f2260d81f16f3893c5989a5ab294386fe6c2a4622e4e721096b477
SHA512 cfd2c797c05147b1440e6edadea585f1913416811e4c228eb0b69bc6bbde218cf62e0597a650d1a1f16e2086713f73da1cb857a8ae2a6d05e568fe358af41b84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 265db1c9337422f9af69ef2b4e1c7205
SHA1 3e38976bb5cf035c75c9bc185f72a80e70f41c2e
SHA256 7ca5a3ccc077698ca62ac8157676814b3d8e93586364d0318987e37b4f8590bc
SHA512 3cc9b76d8d4b6edb4c41677be3483ac37785f3bbfea4489f3855433ebf84ea25fc48efee9b74cab268dc9cb7fb4789a81c94e75c7bf723721de28aef53d8b529

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 489f27852fdeb6fbb2804b53035835ec
SHA1 9f9028bcbd61e2c553f9b87a4c7719258f0c3d41
SHA256 e1959893bb9e107a2e0c8d09da488aee5829c8cb953627ba1051b0b6be483c31
SHA512 52d8b80224e22298e506c205604e0e2f367ea86360c40981827f0c87afd847b685282b2a3393376497aaecae68aed9f6ca4816ec448d87606d9af3d991036756

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4765978ea2881f3d6a67be45c2d2123c
SHA1 efb40e6d723de965093b68d4ea1fd2b8a071b6a8
SHA256 99fde8e58d5d3b3da605b9a392ddb2b9960f0d293a98908d03a6562c30dba41d
SHA512 6a1768c3e368697e34456768acf80f7dda9f20034d467f14d0976644f2610768224368904c554e78ce3b8ca6964012745b6a9b28607cd4d57463248cd3c8233d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\483ed0a8-b533-4789-b4c8-c2aae532aa80.tmp

MD5 451e956b01c089e02db02b1ac6aee9c5
SHA1 2e8676e124ffb6b2d58ed1b149953baaee31b152
SHA256 869e08dd9ed9442e74d950f02d113705d37ab2673bd2ea199a8d88259272cc9e
SHA512 0bcde524c5fee4b52aeeb82a59cc69ef1405da02989299e4bd86376ec89e5adfa817e0cc2f300a82ab8f75d6450bb0cfd13506666652722c6159b40b45c7f4ed

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486

MD5 6a741b97050b7e3eaff6f97bb334a02d
SHA1 5fbe6b01fdb16c55627ab8c5d035b83f3b8ca5aa
SHA256 2f2056888cd04f3403b338daf2ec8c6f6b8beb2d7c2e23e5b995ce66ba1bded0
SHA512 49fb4e6cdd3055ca2a4e38850a5abfb85f7877a0f48e3ac48621bac20394a3a18accb0e7fbd220f07d85a7d085f522beb28b04fa955c1283f86d74131bc14e9f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486

MD5 fc9eb8fbeb925604f8290a68591239e7
SHA1 3bba85572abc82c2871733f6a81911b04b4e10c3
SHA256 e41006f36440c879f9f0580bb1c750fbb28f129cc8650b9514a6b3f8ca223bb5
SHA512 6f8c3be1c8c276952e8d505e388a74937202d7646cebb06bfacd97099811dd01e9513d8978b2bf580082835c7dbdbc92be15bac68f6c81a9a1bc260f84b83be4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C

MD5 6b5cc191e4404e1787afb240e0ea44ea
SHA1 03362321488aec760d301dd180c8569f05645dd1
SHA256 058f955957af07023ac0bc2b07813ae03c4c05d6a915d23a0d7594093f719a50
SHA512 5cdac7e2b2920052467d7a6cd68f9cbc5e3724b0ed743e2b2d4f01ab817a458029518f8e16f486d76efb14d7ae37be465e0368adb56d623de2f74939b8bd512f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C

MD5 54b3c1d59063c0463e7c4048476665bb
SHA1 b91433d525dd92b6c008b7f56442a400e82e26c9
SHA256 b0f5e8780f5525b563fd69139daa42dfa97acd71572b9b9da1df3faa3fdf534a
SHA512 6a3486183522e57652d098d6efba00cf6eeb424c09f187fa83f3cefd2e8afe4f2071c08c9dedfff5d5290e8fac461b33c269597b79006b64ba79cae30a4d2f28

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_4D5101BE24E3D91707DD60953C1BD871

MD5 971f6299dbb70c19b38ca9075d9594ca
SHA1 eabd947e9b2869a38f6ef5ba32edf32a00b4bcdd
SHA256 602254a1a9e7bc59aebac2236b855a4b3166416ca1caf57109bc66aa81bf19e6
SHA512 3bbf449dc69550fce1e98b48127a171bd38a78949ed90d9e1125ff7e2fa3afe8918687f1fa21b812ad528415cb941c76d685bd1df29d573f67827593815bfcb1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_4D5101BE24E3D91707DD60953C1BD871

MD5 4e19edd8e2760064febdab2bc262809c
SHA1 64558297570ea73be8dab778de06df317d545429
SHA256 bc370076d18375ef16aeb03dced13a78421c06c74a730fe16a65eb4bdbdc119d
SHA512 6fb755b4b52dc57e563e5a2c7a5105c8f8108c4369f7f4f2aa17b0676a9b23f882283403ba771451d06bc45425aeb96acad6a49a873a6444de08340a54782c16

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 9613d86d16668d367cba8e4fbefef1e0
SHA1 4f5f4658c554fca0ff959fc20431f3d17c2b5f21
SHA256 cbb79764c688b7fb079c05e6f8304a7718f8a482e4e55733405eb1c29268140a
SHA512 980446f1679cbc22ba15f95f195078b10e162a1909a71ef585cb7e66d8f2d2b66e9a0fab1a686a21eb160175b894fdaf5b870a827472887d023017431b27fb8e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 922db7fa8aee3ece344b6c2df43df340
SHA1 16c842041b3a2292619660975170119196d7d376
SHA256 410d4ff852101408ed3a13c3b0f6f451500cbab93ba2c90f35ec4058ea8a7bee
SHA512 ae4d5a3b003cba80fab1b276ec620a237342806604755fb5601cf63ba2a50443ded51ba8517a48c098b7b5bf1e4927883fa9c77ad3096392dc67684bd9768263

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 051afc2b075dc7c9d9c0870a1a092ab2
SHA1 20dbc7b234463abb698755a71626a1c1fd8f86ea
SHA256 8d3467d95378ed85b3491cd293f00e3970bbf3df2b6dbb88740bf1ab88fbbbd6
SHA512 fcd008eec027251145836847af8ca8619fcacdc2f492a103693f62002430e6c2118b67338ddbaf5c726e8e9ac92e29c6c406816d3c989cddb8216c938ca0d323

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\prefs-1.js

MD5 ea934923fd9f6ad7f8e23abf4cbb2af9
SHA1 f7368323b7ebb2f570eef2f1deebebf01c083cc5
SHA256 43a26c3b67716cf78ea44bdfc4ac1eadc27b4779c5c2efb2e8ab83357f5e81d3
SHA512 9894aa6d5beeccba88d428d4ba5d38d0d3ce00a2e2492e254527832c67f66225d669226bec2590671266fe9288d9169ca2faaa3cdc879f502602c6df26a8e641

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\14t8eq6w.default-release\cache2\entries\B244729BC80B4AC34542A2CF7ABB28C54E8B5AC9

MD5 990ce79460d9a99ddcd6562a0f1193e7
SHA1 b7474feb9210c78540f288c7e151bd589f7beafd
SHA256 7959a440deb1020c2da5356cbced001f333ee3f6eb6d53198664f91f8b2fab6b
SHA512 f19d04f57073e34e9b1d0ff3b39c39f1096cad003276a629a660616800f4952bbd18fcbb9ac603cbd80721850af5d7557359b097324d28a09137e9af49edf30d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\14t8eq6w.default-release\cache2\entries\5386253589D09F6437E215B7DD9D35AC8A9667C7

MD5 4eb403aff348c347354d546b7ee3bdfc
SHA1 629dae53266f86584bed91edc58cda17525a6cb6
SHA256 df3a7a6503b4b66a3bae5c2d36c21f579b231144685050e10ea515dd23c9d736
SHA512 280d744b294486a616dad1ca1e43b3aac6a01569758a09356f4a3eb10068d62982e5598cf36226cbf42725483446c7db426b11de5a4a92b613972b49842476b7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_1C8038BAE9D4E52C4463A14FAB50BBA7

MD5 5e9a5952755a3fc03bef03e6fb5db4bd
SHA1 429618a18d621eb805d7da1104044997ce260c84
SHA256 859ed7ed6c1af0d3bb56a68e4cd59431137327c5e2573dbc62df4b81050e345a
SHA512 104f7cb6256f8286ae9e27cb148ec09df252090065e536b51d5b9e1e8afbddc081e12d150e6b1e30092d5fde1560117293bca3b79192e702593726bc70844b4d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_1C8038BAE9D4E52C4463A14FAB50BBA7

MD5 6a897a5deab12af510522e2ab3b40ca1
SHA1 f88abb9e87d3fb5944df0cd5255753e4cf6ac4b9
SHA256 e57877fb6e4ef723eb7db862edc267336af839599b2d1c19e880766820352899
SHA512 73619605407bfa55a36d274e5ff9bb3f0ebbb1b3718b0ac74308a2e2194517531d4dc94c897082d30e858ecd65516a65940be50a57377053582f32124488276d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf76e5cd.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 a2e2b8c15133f7ed54e941b7607acc6b
SHA1 eeb8fcf9aa5ec59e752e1ece4c31827227057d68
SHA256 faefec2e26414b1dd731859da34e1a85c901609222ea1de71c613c70e7a9f291
SHA512 629523caab26fce102eb30cd7b18e7b7034db55c7504e91592987d2cf2e8cdafdef9fc1e8ae8759fdec02cd202d924ae9aced664c102aab2f2c00231de83dd9f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\storage\default\https+++www.youtube.com\cache\morgue\21\{c52bdfcd-cfd7-435f-9cd8-8a1857584215}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\storage\default\https+++www.youtube.com\idb\1407957231yCt7-%iCt7-%r2e3s6peo.sqlite

MD5 df57bd0338865c2642b1685decf77322
SHA1 fb69b25f27c1acbc35a70cd1712788ace63c32de
SHA256 7c51fe4553fd3f69aaf0fca80a8f4431f819658109678db739d623ab527e4e21
SHA512 16e11871ca58f08d8c130948f575e686e6839a81d44ce885f672166e68ad3e3a7e37cb0697c1caeecebd008df3431cf3077c8e8fa99f57b021b58ddd98dbd3d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 b588c90173768f0ba5d15f8f5b1c405a
SHA1 dbbd6a710b6c078e098e45f40de2d5e7e8caedd5
SHA256 3423bee20ac0c9e7ffe69d37a289b343504d9861fc8e5c3f776cbd55b8062304
SHA512 db8a54cac486e4e25459ae0c4c68a7824004355f5b8b82fd6cc6a7f057adac44cbdd8ec79977e4c0007b6faaf6e5a0c3b8bc2ac8bb8cfb3f9a46b62fe4dac282

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c39d0ac8c7c1a4162a3a38fa86e27d44
SHA1 8c56b495015f56f8a4511781fdce22f8f9cb20d0
SHA256 6b3c02f1fe74d15998989f417124a324009c4ba31754792ac16454bebf84b8b1
SHA512 8fbc0cdb357265a0e5fa351fad6bd2a1e224c56f059b4943c0b322e21a947d61cd7ae42890a06d5115f8ec99ba00301585f1d078b20807e27f70cc0da1aff6cc

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\prefs-1.js

MD5 47ffc5ccd8c695f637b6c2f1de9001db
SHA1 bbb6120bf2ec7e3d1ac8a5a3ec409590e2526350
SHA256 af5cac69de0ac69115282c97ae51613a62b25e18182936ec289e0a521b26708b
SHA512 df27325246ea3c10287af418103a3f2b1d48f9c7f8480b008c9d6faa0bb9315b4a02e2893c4ff9ea64ab56ccda4426b109cae74807fee84f46d2948e9218b390

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\storage\default\https+++www.youtube.com\cache\morgue\212\{e950619d-b7e9-4935-a72f-11f94ec4dbd4}.final

MD5 51bb0fe00991a2ae6707b3aefc583918
SHA1 21ec201ebf41ad57faaab02f7961ce5a746e6dbb
SHA256 97dc140355b2b45b54c3dab1ac66b951afae0bc742402cbc342be117f4424e0a
SHA512 41863cc0f1252366a5514dd62a06f4bba493029b8c7a35e19173b6d7f9114e7098fa35d284623b6641d28f7d7bee1ce99064987afc985dbf0354368f71f9a39b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\storage\default\https+++www.youtube.com\cache\morgue\119\{b1b3eca2-21ab-44e8-a04f-686c5953e677}.final

MD5 45e25bb134343fe4a559478cd56f0971
SHA1 79f18ad0b7e3935c3231ced0edd8ea3c7997ca93
SHA256 dae4dd8e56ccc952312b3b238a1db294d4d7ad4f532c31cd1c2e5f9dee881678
SHA512 9b32b125c4183fe992630bc6ce9a511157959556fdce53f8264aba2aa8fb7b0e53b408b505da2cc96cdec771470927e74cba3bbd6eb71a5077e9f933cdc85292

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\storage\default\https+++www.youtube.com\cache\morgue\191\{ca4b9b52-372c-4822-bcc9-126c254264bf}.final

MD5 5b0f165bbdb71faa1bb5b26c4f022e96
SHA1 704bbe81e0d8370e675246e1cbb347bf8599aa45
SHA256 b95a445bd9d295276e8423f1ad3fc50c740512a634f2115364217544bc87d44f
SHA512 6c521b2c55135ec98f79193bf9c62b73cfb1801cdeed03a9871878f677aacea46cae165a4290682768ca1c1192dff2e87b63c39228164d72d2c7abbe732f8d20

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 27af62cbc15d1a1c3ff1619a1a0b840b
SHA1 32bc2f2180c91de502450dcd5fd09aa3ac122a2b
SHA256 325736f10718877fd61273ff1f0c827c5b4ef981692a989a737a465ad42445c3
SHA512 9f792a059ba53536686665b2c540b0a23390a729f04b0918946593f82d7739c6793e6db2f22e75bc21aa442a23cfc95e72e3720a839ca425d5eac6dbf3ec434c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f2edefe63cb22a1491fb6de30263be38
SHA1 8528f2b90ab7ea215c7eea971c4d3f7ee16a3b88
SHA256 d9cdabb476d3caf5c55f4844d88c558acddc8bf4ea3d2df32df9fbe94f07cd43
SHA512 d8649351dc5c0b07932bd7acd6c3da41bbf5e6c2fd93a1fef2b07c7daf75e9039f6b7cf9daedf815f7081ae91ea705a9c7db306aafbd6d7ca67a70e67d648784

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 f350b679d9908854c3c1e9a836379938
SHA1 f56597749a2ed1dad80dcef73058b232c34b8312
SHA256 008c1cf0ddc6c321fc4b7c42c28c4b4fc2ab3723dd70724e71ef80e2b809a217
SHA512 e86edaf7968cd6a0be761f8a1008ff89ea14bb91c56c904765b9d82aac81ecf527d820273de5eba0f56f8f12069f87f0719099a38869607e824f36b18aceaa54

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6232cdf5a28d87c9ef37ec4e1ef63398
SHA1 97c45097ec93e604ef7efac16c9d76ce1f9f7ccb
SHA256 d789e89b2ae33d6adb1be163b133af9c33024f461368722ca13df371824bad38
SHA512 6e06affbb6f8892e2cda092621eb4319041f3ee74aa80400ce363ea21d6b9fef33d7542001ae1151b8cef9b2d1bcc386c2d641ff7aed58126a78a4317c4bc9e3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1e8ffb3e5712519653d4813f1c2b916c
SHA1 7b00510ae33ec1d1336a354983011727ab4a75c4
SHA256 2e877b67331f46390c246e95fd617047eb319cfae5e42df83db9ec5488402c68
SHA512 59e1c3668000e12755bcaae49e8ceade07efc51e929c01a66ffd8581ace4ad1e281ca825e121618210aa1f2a484e758ccb0538697c4fef1277976611ff703f07

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7f65c7d345ff7abbee289d0765d601e9
SHA1 3663b051a74850a13f7563ab268fee78451556d2
SHA256 e64e5f1d7fe837b1e34e89929914fe1d55b168c93ba4db1ca5ef15c073faf9b0
SHA512 9b6edafa3528226864ef194f1c908a63b8b41bb83ffc549000afc82284b11398f2abb4273f408b2bd37cf2c57f747b65344bbf7e4aacf1c5bbc8be10714453f4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e863e39c5d7e9eff3d753cc0a958f249
SHA1 2cfbe0e41d99a774897d0a2987c1e3764311717d
SHA256 95598fe4f691ea95102ebe4bbbf38e9cb23dc586e74464a88f106a020c07f8a7
SHA512 3355b41ad4d3f169f82d6cd2a4e7d7a19a187cbbfd6a712b6a127bf995b9f7af4953b05a8b61ac3045533bf56b0ebdcbef50f8d877f7a24b44bc548c3ecf5afc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\d79a4d6b-424f-4d00-a101-673f17639b26.tmp

MD5 79fe00d0be129529393c29456495da68
SHA1 3f34ea97a30319e0026d64ec1deb8b6782df9fdb
SHA256 defc18fc2bf23d9e8058e50b6bdcc5101a2c45132f3a3a231eb91969a13e56c6
SHA512 edbaf8eb3ae704f01d8e9f0908cd008099a71ff7a856636f66821c56c231cbbf0918f9c0ba0f1ea391e3885bf52352ec36cf381b9d6a1533ca855ca20a9c98c0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d81a61e706fb4968c59150fa5c318837
SHA1 70558136b7a201cb565b47eb6ced2ffd377e4b02
SHA256 47cd1c6839941c5f1f15cd6a3fb96c394b682b328600a781b4883b018435315e
SHA512 39bc1106986848141f78c657e745a063782d711ad7873a892c640326e0bc0f021e2b487a541791f5010bf2f7bc2f789a8892c6778e2e3292e6f7527dd48dd651

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 545bee5180c309a107e3218f9e58ee6d
SHA1 7e41483f6b25718de21251b11c36a41c3a77cea3
SHA256 cc9cfb272cf784e09994d26e5aa05c49e4e73ce4d425926796c6589318770282
SHA512 1cc9f4e1a1633e39d79edc434d1fab69192b2cabe5e4dfba86e25f2850c777ddf7f0996aa30c8e7787cd18540dd55a8ccec367762a0e1779c4eeb588f926d2a7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\prefs-1.js

MD5 462d9b2731aab95ff51ecd7e8a028330
SHA1 304c613ad07b9062a38665cf0dd8092341b462f0
SHA256 9d7755d5e7a1eda17ef68286f40a156a035f6ed439171ea8f993a1087bad6654
SHA512 0ad043f6765a53ed1666ea9a6fd9bd77a4d38cddf3b542dc3ee8fbc132865d9e6efea45d48d310b35c63e4a0f0e64af95b9b63115bcd712e5581ead9d7f15ec4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 702c7f1103b6ec9589ce0a251f85c56f
SHA1 4b683433cf800a1dc0c2ae1b8620ba6f1b9e7208
SHA256 652ec9170e87a40018745d6b0f3bd39795e79c76166d03b3f9eada31d824f218
SHA512 8a85f8195c438a45f008f10fd06c76ba0b30c4130649961202fd012803b147b32beecab7ad4dbfc2da72db2d93d79cbd09ff70ec76095f7ddce891a8b113439d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c01e2167745d5710b3097322ce7327de
SHA1 dbbeeff173bca95703f2a1fc25112566ec11f8b3
SHA256 eda7392dca9ef7dc0e884204371b1884cea02cd38657703f271912b7141c2120
SHA512 25a6ab2ca998093c419db3846ae016eeedf31abecaf67262bf1212fb3db626678733f944f2de48c2e02c09b29470332617683d9bddf82343e3d6ad569c4c720e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 431cd6c9b537eac6519417254f59d3c4
SHA1 b9bc9d0e1db85e61efcd9ed2891df9348af36793
SHA256 9cf77717abb6e57a8cc5d5de1cbad078d22f397d350a2b4ab88e99313bd582ee
SHA512 341652c5473495e47002bca88a26c1f2a0fcfa880292ee7b26aab5daa26281f31243f667e2c853c303707b69e73221c8aa30016e5f2638de7577e5dfe7c2db15

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 9d0b701850252198831c10919c0dbfdb
SHA1 29144c15184237fc075d08bfb37a9ef478e3f95b
SHA256 c9adf3d3d715f346afd04717c8b1dab6c189ca97e95ecb81750c36703df64e97
SHA512 8fac426e34c1443a8689d806ae943118e5f44cfd1131f5e2719e3e36078b56297e6d6956f390eba8a0a2956f8e3741ac13627932c7f13fd1809fb47ec9295c59

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 57988c3e1195fd8d45ba621b368acbfa
SHA1 206bf9f5f1187c57953c67272c0fb99949bc3981
SHA256 901c4cda7b43927754297207fdaa4f0570a16396231d660fc72c488c460960b3
SHA512 9cf642afaa11266cc781a41082af1e7f7c6a528ccd8518ab2e6a704ee74505a32019ea25512b744681b7f2669240ff9b01ff07ba961849ca7c93913a09fa9b5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e72c3fb87ae316621ef36225e85c0394
SHA1 9f391ec00d71c9f67be6773fb847bbe7c5d64725
SHA256 4002d6fbf75169beacc877cabd2fd9e162dfee95d51bd8ae1068ee2ad2798cab
SHA512 bb59da8dd37b98160cf4fc4a299b32e3c8f685bc102f1a4d852e4177f4f45b91612ab2501ea48700f8de8250f12fde2c919d5b7b0d625bf3439adf5437fe020f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ddc89fd7148d61644190a39d759a0d85
SHA1 e38400488d2e3fb14c6a6e440681523a3ea39f04
SHA256 067e14c6ed049fede0fb1d087acde2643ed658361bd6963f25dc3beb6719d854
SHA512 b71a3b298cbfd2071ad5d802fbc2ec952ccd37e5c8bb0fefd6d22da98187d2e697d945af014f7ad69c6c1ce781b4cb874345be2a9c7d11865ca32e88d670068d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8b0ca3b2f0994fa3e375cb712b4bb96c
SHA1 d5e29b24eb1a5e88d11bdeacacb25e9375658f9d
SHA256 aecb2af708141e250f11d3c3494ce3b4ca5b094d1e580534de994194c58ff898
SHA512 be7d58dbf9b63038ad8f3125c825a79e81ce38af2024dd07b1e94916e67589e7f5083382525e249f8d0f56bdc0223daba2ba11b42f366568a21c025b0a02184e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a3daf0ec0732eb864ae330c9351013ef
SHA1 5551124230d598bd64e96923a086db80f5ac678b
SHA256 1932fc3beb2e80fd4f018ed8fad074fae782b24507f790337023ca6c348b0b2d
SHA512 9ebc5b759a400f9f705a3547116796059aa12d801d91630cf283a325ec4f2016a647bc48862a9a2ee2692b74a4e450cb166d93e3473d2ec43aad0c6b301d6f9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 afb4926a367bf7a927892c3962ea6ca3
SHA1 3f0fd14ad8c302905f22a8c28563e313c7033aad
SHA256 3d555b1f0f38519e9119cfe325ab0a516234f57043ffbefee62e2eb85ed62bdd
SHA512 e9ece844c8db3e2b7cd229a507fe381878d3bc25574437660450ade2714f333e7124db3675860fffc6b6cf8243d06b982d0a58659e0cf204fc85d2e6cff6453f

Analysis: behavioral2

Detonation Overview

Submitted

2024-02-06 10:56

Reported

2024-02-06 11:04

Platform

win10v2004-20231215-en

Max time kernel

153s

Max time network

160s

Command Line

"C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133516909705729494" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3073191680-435865314-2862784915-1000\{0FCBE97D-C42A-403D-96F5-6DB490C015B9} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3073191680-435865314-2862784915-1000\{4D26EFE1-B4C2-4C14-8AA4-EE85BBCE0101} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4564 wrote to memory of 2476 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4564 wrote to memory of 2476 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4564 wrote to memory of 2616 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4564 wrote to memory of 2616 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4564 wrote to memory of 4520 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4564 wrote to memory of 4520 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2616 wrote to memory of 1372 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2616 wrote to memory of 1372 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4520 wrote to memory of 1360 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4520 wrote to memory of 1360 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4564 wrote to memory of 4272 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4564 wrote to memory of 4272 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4272 wrote to memory of 4004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4272 wrote to memory of 4004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4564 wrote to memory of 2484 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4564 wrote to memory of 2484 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2484 wrote to memory of 1896 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2484 wrote to memory of 1896 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4564 wrote to memory of 2768 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4564 wrote to memory of 2768 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2768 wrote to memory of 4392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2768 wrote to memory of 4392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4564 wrote to memory of 3056 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4564 wrote to memory of 3056 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3056 wrote to memory of 4508 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3056 wrote to memory of 4508 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4564 wrote to memory of 2396 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4564 wrote to memory of 2396 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2396 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2396 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4564 wrote to memory of 4472 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4564 wrote to memory of 4472 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4564 wrote to memory of 3368 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4564 wrote to memory of 3368 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4472 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4472 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3368 wrote to memory of 3532 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3368 wrote to memory of 3532 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4564 wrote to memory of 3048 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4564 wrote to memory of 3048 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3048 wrote to memory of 3940 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3048 wrote to memory of 3940 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3048 wrote to memory of 3940 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3048 wrote to memory of 3940 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3048 wrote to memory of 3940 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3048 wrote to memory of 3940 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3048 wrote to memory of 3940 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3048 wrote to memory of 3940 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3048 wrote to memory of 3940 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3048 wrote to memory of 3940 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3048 wrote to memory of 3940 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4564 wrote to memory of 4036 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4564 wrote to memory of 4036 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4564 wrote to memory of 1240 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4564 wrote to memory of 1240 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4036 wrote to memory of 1064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4036 wrote to memory of 1064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4036 wrote to memory of 1064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4036 wrote to memory of 1064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4036 wrote to memory of 1064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4036 wrote to memory of 1064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4036 wrote to memory of 1064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe

"C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.linkedin.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffe353e46f8,0x7ffe353e4708,0x7ffe353e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffe353e46f8,0x7ffe353e4708,0x7ffe353e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffe353e46f8,0x7ffe353e4708,0x7ffe353e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffe353e46f8,0x7ffe353e4708,0x7ffe353e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe353e46f8,0x7ffe353e4708,0x7ffe353e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffe353e46f8,0x7ffe353e4708,0x7ffe353e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffe353e46f8,0x7ffe353e4708,0x7ffe353e4718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffe26c99758,0x7ffe26c99768,0x7ffe26c99778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe26c99758,0x7ffe26c99768,0x7ffe26c99778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffe26c99758,0x7ffe26c99768,0x7ffe26c99778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2032,12037249553783822283,3921977201346590807,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,14923551911641309995,3878785313680064252,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2072 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2032,12037249553783822283,3921977201346590807,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2044 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,562302713168369689,11545130006175604686,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2684 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,562302713168369689,11545130006175604686,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2244 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,562302713168369689,11545130006175604686,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,14923551911641309995,3878785313680064252,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,5791843120173814260,13208589548051204065,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,5791843120173814260,13208589548051204065,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,562302713168369689,11545130006175604686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,562302713168369689,11545130006175604686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3940.0.1956208010\674931292" -parentBuildID 20221007134813 -prefsHandle 1804 -prefMapHandle 1796 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5f12c09f-25af-414b-91c5-1a1b35088d47} 3940 "\\.\pipe\gecko-crash-server-pipe.3940" 1916 23260dd9e58 gpu

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2168,5711653201907724912,13708774061914015201,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,5711653201907724912,13708774061914015201,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,562302713168369689,11545130006175604686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3892 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,12422932817003796990,12947799207676269292,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,562302713168369689,11545130006175604686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4072 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2144,1955927618797512671,11235711637938206738,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3940.1.1179557098\517258050" -parentBuildID 20221007134813 -prefsHandle 2348 -prefMapHandle 2344 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9875aefb-2af1-447b-b62c-b1a9fcea1929} 3940 "\\.\pipe\gecko-crash-server-pipe.3940" 2368 232608e5058 socket

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,562302713168369689,11545130006175604686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4300 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,562302713168369689,11545130006175604686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3476 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,562302713168369689,11545130006175604686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4616 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3940.2.775875111\1880947306" -childID 1 -isForBrowser -prefsHandle 3488 -prefMapHandle 3028 -prefsLen 21603 -prefMapSize 233444 -jsInitHandle 1116 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b51c3c93-8d77-4f90-8729-24496d737559} 3940 "\\.\pipe\gecko-crash-server-pipe.3940" 3512 2326468e358 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,562302713168369689,11545130006175604686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4844 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,562302713168369689,11545130006175604686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,562302713168369689,11545130006175604686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,562302713168369689,11545130006175604686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6120 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,562302713168369689,11545130006175604686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6128 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3940.4.322041814\1082282537" -childID 3 -isForBrowser -prefsHandle 4136 -prefMapHandle 4140 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1116 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {67af67fe-56cb-442c-bb66-c46bf732ee8e} 3940 "\\.\pipe\gecko-crash-server-pipe.3940" 3856 232642b7758 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1776 --field-trial-handle=1928,i,2631950918287627328,11891778495442694805,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1924 --field-trial-handle=1992,i,3789845697205007578,12784447580115324814,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2204 --field-trial-handle=1980,i,13689791958527182188,4606497521987017354,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3940.5.1984672803\1049917962" -childID 4 -isForBrowser -prefsHandle 4712 -prefMapHandle 4708 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1116 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b09736c3-5d22-44f5-8535-9dffd0f49ce9} 3940 "\\.\pipe\gecko-crash-server-pipe.3940" 4720 232660ab958 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4052 --field-trial-handle=1980,i,13689791958527182188,4606497521987017354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4936 --field-trial-handle=1980,i,13689791958527182188,4606497521987017354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4880 --field-trial-handle=1980,i,13689791958527182188,4606497521987017354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3832 --field-trial-handle=1980,i,13689791958527182188,4606497521987017354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2972 --field-trial-handle=1980,i,13689791958527182188,4606497521987017354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3068 --field-trial-handle=1980,i,13689791958527182188,4606497521987017354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 --field-trial-handle=1928,i,2631950918287627328,11891778495442694805,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1832 --field-trial-handle=1992,i,3789845697205007578,12784447580115324814,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1892 --field-trial-handle=1980,i,13689791958527182188,4606497521987017354,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1800 --field-trial-handle=1980,i,13689791958527182188,4606497521987017354,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3940.3.635646068\1870475241" -childID 2 -isForBrowser -prefsHandle 3300 -prefMapHandle 3000 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1116 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e449faf9-9d47-456d-bce8-9738e4870cdb} 3940 "\\.\pipe\gecko-crash-server-pipe.3940" 3296 23254061f58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4928 --field-trial-handle=1980,i,13689791958527182188,4606497521987017354,131072 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x518 0x510

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4396 --field-trial-handle=1980,i,13689791958527182188,4606497521987017354,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5452 --field-trial-handle=1980,i,13689791958527182188,4606497521987017354,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3988 --field-trial-handle=1980,i,13689791958527182188,4606497521987017354,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5856 --field-trial-handle=1980,i,13689791958527182188,4606497521987017354,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2108,562302713168369689,11545130006175604686,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2228 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2108,562302713168369689,11545130006175604686,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=2944 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3940.6.1537515547\115202867" -childID 5 -isForBrowser -prefsHandle 4552 -prefMapHandle 5300 -prefsLen 27337 -prefMapSize 233444 -jsInitHandle 1116 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2232b1f5-9c0b-4b26-b332-219d34cde0fa} 3940 "\\.\pipe\gecko-crash-server-pipe.3940" 5532 23265c26858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3940.7.305610580\557658980" -childID 6 -isForBrowser -prefsHandle 4324 -prefMapHandle 3220 -prefsLen 27337 -prefMapSize 233444 -jsInitHandle 1116 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cfaae550-066c-4a24-b200-03da0c8413cd} 3940 "\\.\pipe\gecko-crash-server-pipe.3940" 2808 23265c24758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3940.8.1448303728\299854095" -childID 7 -isForBrowser -prefsHandle 5632 -prefMapHandle 5344 -prefsLen 27337 -prefMapSize 233444 -jsInitHandle 1116 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2327a9cc-020a-4549-8cd1-2bcf7ffa6422} 3940 "\\.\pipe\gecko-crash-server-pipe.3940" 5740 23265ca7558 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2108,562302713168369689,11545130006175604686,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7516 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,562302713168369689,11545130006175604686,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3480 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4840 --field-trial-handle=1980,i,13689791958527182188,4606497521987017354,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 81.171.91.138.in-addr.arpa udp
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 187.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 accounts.google.com udp
US 13.107.42.14:443 www.linkedin.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
US 8.8.8.8:53 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
US 8.8.8.8:53 82.177.190.20.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 35.195.240.157.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 example.org udp
US 8.8.8.8:53 ipv4only.arpa udp
GB 172.217.169.46:443 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 detectportal.firefox.com udp
US 8.8.8.8:53 prod.detectportal.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.detectportal.prod.cloudops.mozgcp.net udp
US 34.107.221.82:80 prod.detectportal.prod.cloudops.mozgcp.net tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 82.221.107.34.in-addr.arpa udp
US 8.8.8.8:53 23.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
FR 157.240.195.35:443 www.facebook.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
NL 142.250.27.84:443 accounts.google.com udp
FR 157.240.195.35:443 www.facebook.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
GB 172.217.169.46:443 www.youtube.com tcp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 44.227.167.82:443 shavar.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
GB 172.217.169.46:443 youtube-ui.l.google.com udp
FR 157.240.195.35:443 www.facebook.com tcp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 172.217.169.46:443 youtube-ui.l.google.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 172.217.169.46:443 youtube-ui.l.google.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 82.167.227.44.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.169.46:443 youtube-ui.l.google.com udp
GB 142.250.178.22:443 i.ytimg.com tcp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 22.178.250.142.in-addr.arpa udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 227.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
GB 142.250.178.22:443 i.ytimg.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 172.217.169.74:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 rr3---sn-q4flrnl6.googlevideo.com udp
US 173.194.24.40:443 rr3---sn-q4flrnl6.googlevideo.com tcp
US 173.194.24.40:443 rr3---sn-q4flrnl6.googlevideo.com tcp
US 173.194.24.40:443 rr3---sn-q4flrnl6.googlevideo.com tcp
US 8.8.8.8:53 74.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 40.24.194.173.in-addr.arpa udp
US 173.194.24.40:443 rr3---sn-q4flrnl6.googlevideo.com tcp
US 173.194.24.40:443 rr3---sn-q4flrnl6.googlevideo.com tcp
US 173.194.24.40:443 rr3---sn-q4flrnl6.googlevideo.com tcp
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
GB 172.217.169.74:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
GB 216.58.212.202:443 jnn-pa.googleapis.com tcp
GB 216.58.212.202:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 202.212.58.216.in-addr.arpa udp
US 138.91.171.81:80 tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 18.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 static.licdn.com udp
FR 152.199.21.118:443 static.licdn.com tcp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 118.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
GB 142.250.178.22:443 i.ytimg.com udp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
FR 157.240.195.35:443 www.facebook.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.46:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 155.134.221.88.in-addr.arpa udp
GB 172.217.169.46:443 redirector.gvt1.com udp
US 8.8.8.8:53 r4---sn-1gi7znek.gvt1.com udp
CH 74.125.108.201:443 r4---sn-1gi7znek.gvt1.com tcp
US 8.8.8.8:53 r4.sn-1gi7znek.gvt1.com udp
US 8.8.8.8:53 r4.sn-1gi7znek.gvt1.com udp
CH 74.125.108.201:443 r4.sn-1gi7znek.gvt1.com udp
US 8.8.8.8:53 201.108.125.74.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
N/A 127.0.0.1:63964 tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
FR 157.240.195.35:443 www.facebook.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 ponf.linkedin.com udp
US 144.2.9.1:443 ponf.linkedin.com tcp
US 8.8.8.8:53 1.9.2.144.in-addr.arpa udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 platform.linkedin.com udp
US 152.199.22.144:443 platform.linkedin.com tcp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 144.22.199.152.in-addr.arpa udp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
US 8.8.8.8:53 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
N/A 127.0.0.1:58503 tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 127.144.250.142.in-addr.arpa udp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 16.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 11.214.240.157.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 172.217.169.74:443 content-autofill.googleapis.com udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
CH 172.217.168.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 67.168.217.172.in-addr.arpa udp
GB 216.58.201.110:443 play.google.com udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 rr5---sn-q4flrnle.googlevideo.com udp
US 172.217.131.106:443 rr5---sn-q4flrnle.googlevideo.com tcp
US 172.217.131.106:443 rr5---sn-q4flrnle.googlevideo.com tcp
US 172.217.131.106:443 rr5---sn-q4flrnle.googlevideo.com tcp
US 172.217.131.106:443 rr5---sn-q4flrnle.googlevideo.com tcp
US 8.8.8.8:53 106.131.217.172.in-addr.arpa udp
US 172.217.131.106:443 rr5---sn-q4flrnle.googlevideo.com tcp
US 172.217.131.106:443 rr5---sn-q4flrnle.googlevideo.com tcp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.200.14:443 clients2.google.com tcp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 169.117.168.52.in-addr.arpa udp
GB 216.58.212.202:443 jnn-pa.googleapis.com tcp
GB 216.58.212.202:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
CH 172.217.168.67:443 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 b810b01c5f47e2b44bbdd46d6b9571de
SHA1 8e3d866cf56193ca92a9b74d1c0e4520b5a74fdc
SHA256 d1100cf9e4db12cc60cce6e0e2e3d9697e762c219f6068eb55a1390777bf4b45
SHA512 6bbf900b2f7614dd17aa6d5febe3ad1100851e2309ba2cd5219c5aa5af7bf830eec2cc88071d37987aa7e3f527b8df5b2d85e8b21b18fcb071baaab1a2eadae2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 efc9c7501d0a6db520763baad1e05ce8
SHA1 60b5e190124b54ff7234bb2e36071d9c8db8545f
SHA256 7af7b56e2f0a84ae008785726f3404eb9001baa4b5531d0d618c6bdcb05a3a7a
SHA512 bda611ddba56513a30295ea5ca8bc59e552154f860d13fed97201cdb81814dd6d1bca7deca6f8f58c9ae585d91e450f4383a365f80560f4b8e59a4c8b53c327d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 8ae25b226e0662d256cdb32f2777f840
SHA1 39594f82a6dd98b6e4a341648cd56e9efc6aa16e
SHA256 935b4cba7114f9adb0c7ae6acbc8903ec672ae318ac63c5d5e5edf857b4db207
SHA512 e529649b71c7a7fccaabc2833af3cbfc9bb15b66cc5735fc95a2bd741c502bd11af05853946d045a49d823e3f6899523d050fe7d33c485af5abccc8e2ca02e8f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

\??\pipe\LOCAL\crashpad_4520_GYNDXLBVKEQMIBDN

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 68dff65abc3a636b1622217ebfcb355d
SHA1 b4830e0eebb2e90d9443bedd8b46ae0cd9536467
SHA256 48a13f3dfd47c5968672f51dbe2a3104ee9ce6b2d4125abbc856e3c9162c3909
SHA512 5a6e57f35dfd5a1d958d29e9619aa8fc71804ce77bdfdca0ed571569069ba0ce986654855934643f332e63da9ef68ac4d670a44b42ab9041f0cbd7ffb2553575

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\856bebf8-eaf7-48f9-978b-375acb8e067d.tmp

MD5 a9ec61110c2c89d0c0e9023f377c5d41
SHA1 2cc8fc52e9628c77df625cda8bc1ca3e3f907d28
SHA256 041ba80f75a0be70b8fc7bbdf845ffb166b8217c3f349ed5a972c7817d0e2832
SHA512 9158094783c6a67f2521ed2040b4a492df5192955b17d97f7b2bcac64eef535b55543b7c22a5ec91fbf885f7903b4b4f6294dc035e78645d8aef06ee95fbfdb6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f44cd54a829e7ee0ae91f7be3295f450
SHA1 5f8f5c8e4851b7da2024ee2132a93521fd86d0fb
SHA256 ea118af4a52294107dd59fd9b6bfc6907530ea1fe8b47ca54b0ba7feec49bb31
SHA512 abaabe1bb99a0c2c18c70809f41c2fcdf2ddefd9df85a039668ff45994727198b8579d37e757c4ac5c6aee35f59494643e49e9a3ef70efd73be63bcd695800ce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 78bf7153edebefde364123f636f4bf10
SHA1 24f09cf3f43cc0bffaab5779b5e01276a13424a4
SHA256 a7d6f731b5f1fa9e9aabb3bd9d96d1c470498482911d0b4a707188f5e152c03a
SHA512 a1d3da3e077fc2231be5fd635d4cdd00d8b9cbf5ee439730cf6bf12c503aaaf2ef21a4f05c56f214e73e17f78c5aa912dc586c1bd5c977546884e72e1403bfed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 ecf613908a40a631619a661a4eae4b98
SHA1 d79669f393caf322ec4e2e4eb943387e3d06f1f9
SHA256 14648ce0db089dcafcfc9934e1c00d39fb066e778f91a7fd131378d1d6b6b67a
SHA512 fa9aa2015280c03a96325a03b87763185d604a528ca8e20540eda9901361969df13d94e7118ffc563755533c8c10ad844bdd5d91c5b9405a0b78638c35cf4134

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 96935c37d35ebec9100b495e87f70325
SHA1 56649908be09098bccc87f46692d089e6c357335
SHA256 11eb08931c78f525260f93c906e6c73e951f274db8ea340aaed15133bfb839ee
SHA512 dd20dba67221677f67485d7deaeafe184b4364b12acfe8df902cc1311016b3930ca1b50a918306dcdf0a6732aa9ce300e44b143badf38b4a28e0f8c64bf01122

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 24f35e049b0bc0b9297c78e50db8b174
SHA1 09f20b34184f10ace589f2ed872c9e345ecdb5aa
SHA256 9d94d78b2144aa36e87e3bbf45f88e51ee4de301d41f0193c029ab21872d5a21
SHA512 e03184fd17b636606bce5fb640d97d91f6bace01c73295210200b3d974ceb814ffb8893b0e4054707dd3dd6aff2553bf4badd019eac4c5aea21435e30c120bf7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\datareporting\glean\pending_pings\1e648f4c-1704-4312-8fc9-456f73305af4

MD5 44609542dc80807b49e1f10b8dc179bd
SHA1 6d28e9d65b5c927c4072b91f580c0a61ec581565
SHA256 b3ab68aad47876b990328b08221bbe27adb81607a057a79f72911e47519c2ad2
SHA512 3e8b7ded322947ba42b0c2d9908a693391c7635ed07cebc08249a2b827a900a8c1c1a56a264a04dda8b24181634d3d979d8b1f3145593f12c26eee868b52a07c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\datareporting\glean\db\data.safe.bin

MD5 d42431a4fff66b458b2b00dc8a208262
SHA1 7f6e4e10889c4b488cb07c2ca7d307cb665bf761
SHA256 e1e822c2a3c6344de8d374a1f12fd6e915e3b0ac193947c1a94e7100ae2e1eba
SHA512 9e66f1f5e01ab1064674a78bc191fe9f99501e90e45361333753c1843b45185fd65b8557698576a7c1b05a82e7c386a7670509c9b4089fb6619c440ec35ba24b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\datareporting\glean\pending_pings\33145601-c388-4801-83f9-0af68a3bc513

MD5 e5c52a4b2f495b04fdc7d309292b0829
SHA1 8e5ca6edd1f586cb50884c321fa6d8a2ecf26fd3
SHA256 bb672805a5a27c1cfc13071a8b77a647a50ddeea8638c588ddeb11ed1eb45dc0
SHA512 111a9956645d97688f9460fca2c187a59cad88ed484315a492cf126d1d7cc34ad0edd955b437be6365bdf364a2da3d2e4708d4bcff6fda1168cd34417a2761a5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\prefs.js

MD5 3912298cb4403dd813daf8939908a976
SHA1 ef46d6884842763ddf13c163dd384253f7bbe6ec
SHA256 ba41bba6003a34e0a43079f9ec4064ca3f8ec895e5e4f2ff40ed85ce4bfd7d9f
SHA512 c9aba60ec244991cd50580d7e40d27f1a2c7e2bbde66d01f320f3b0ea311607e6c843b178616a21616a991e000db90fe59012378bab21ea6597b8450eb44a94d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 f16bbf73aecaa843bb90c3fe4e966614
SHA1 24ea6801270ce379517667bccbb64a1ce0cf79af
SHA256 69a4c7142042864ba83e9815d0a3444cc6d9c9913bd1f0828142fbe8c69d8224
SHA512 8bdbacd9e64575f1f3aad2f64b961bd0a94ada0d6fe31197489cc37007e230e99177ef61e21012224aa875228688170ff7d2b605fdfa51bdf0ebf82415f20ab1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 76431616f0deae9211f0fa8d47810d6d
SHA1 7bbfe5496d83d299daabde12ed5cf04716dacd83
SHA256 cbbdf612c3f7f487325cad071a51274408a4188b074e7a1b74096987f5269ff0
SHA512 53ed074e6aa9b9d7f102d69ae0dd888645a1a098bfc58e77e5d9b06670f24ff93b62b56d9b20e8748124122cfc46aaef47e76e9a1faf34f9532829af3a640383

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ffedaf256548dbb06b461f4b5b9cfa44
SHA1 6d8c8422747c92a39300fdd765b36801c7a8e45c
SHA256 1a992a66b04e3ede2cb698a7f31478eb6cc6bfdae07b4fef5bfdb19fe76289a3
SHA512 986b83ac5c31ea7aaf7952262887d98de321c2bb5848aad4b45bbe5a363387556e22fb1004180edf7bf3e49f8c937f4813d99068ac60773de63ffc911fb62333

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\prefs-1.js

MD5 bfe6ccfd5881111f356c6f2d05585dc4
SHA1 95a5072953544d53357452ddf39653b440484177
SHA256 fb868f77b02d1da3ecce60f2cb6c9f353d03b2cf80cbd7f94888979c3acb199b
SHA512 1d7c0db4c0cb84a95683156ca11456c23844fbdcd6933f41751030e172c5b9abc017dbd52d9fe60965948358a0d1f2818bbfd53f460bd07b89adf70d570b189a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 8549c255650427d618ef18b14dfd2b56
SHA1 8272585186777b344db3960df62b00f570d247f6
SHA256 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512 e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 32285f43af25cf830ab6440997697e09
SHA1 7efbb132a52d29f46877487f4dd576ace33711b4
SHA256 540030c006ecd189f2853246fb959691cc6d3df5c4634689d07e5df6a6c97f56
SHA512 7bee6e1d00e16821e52f3d85af8bd3f6fc39a92563329ee56e64953fd94696d5931f26948dbea99161a0a3a2f0c080750eed86e7a6f7b84fac06c0494cac675f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 8c42ea88672589ab23149931f618255e
SHA1 f1021e34ff5334b9efa3f7d30402214a52db8339
SHA256 a5b2291e185b88547fb1194045f6d7c87a5af5dcb6ff1db56fa603aa02142669
SHA512 7bfa5e405ee457129319998115171173f1621b9e62724370f18c91089e2e666cd4d78ce61e96cc0a212057647751ed9674738694c668dbc0041dcb35c80d7ba2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0ca4d1dabf8940e1f754fc86e1f69ed8
SHA1 3ccd7d48737e30dbf488c3d18170fcbad81913ba
SHA256 ccba7411103bcde61ea70b42e5ab523c67e9ab9af1f3eff0abab2937915c4bdd
SHA512 bd4a1fded9b7bacfdc021c84c63671f5e0bd3fab2c37cb0ac00d219c2634a28d73c49654a7d5756459269af413b14454ad21aeff0a8d17e583f0228c194af9b3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a0022855e006724ee53086d47e083ef8
SHA1 a2b02095b43f168c6b63d59245ec613db9166704
SHA256 ab0e348bf9bb1255a3afe1580f3380b7cb4ab4b0dff0d5a1c0fd6037423382f4
SHA512 95090ee2192afaa0a28c39b8ff75d48e2e2dcce9f60934f0a52385ec70ef3a067b20e287af6be7811ac66c8ee9f7e4b70d4567a81633be4733c798f8cbe546a6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 121510c1483c9de9fdb590c20526ec0a
SHA1 96443a812fe4d3c522cfdbc9c95155e11939f4e2
SHA256 cf5d26bc399d0200a32080741e12f77d784a3117e6d58e07106e913f257aa46c
SHA512 b367741da9ab4e9a621ad663762bd9c459676e0fb1412e60f7068834cbd5c83b050608e33d5320e1b191be1d809fef48831e0f42b3ecabd38b24ec222576fa81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4a02529f9f28401b96e3485deaa1e470
SHA1 a592dbcd8d699b51e1f4231dfbcde7ea3528dd60
SHA256 66cf70b8e3c2fcacb3562dacaa266b98e5db88d98a80acbe90d1790ffd6b1e79
SHA512 4c34f77cd28ccde2925293cc49db8887e0069c7d855fbd724fac2acf359a0079a28b65dbd418bb951c65b1a7173b36f9b42e21eeb307964ce96be4cc7d4ee23f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 db2cae3ff336d53616a17ac8047a94d2
SHA1 4327abf9ee7c8efe65c9e139bdeea022b7f2b1ac
SHA256 c1db75dd61d8e88ad25fa238d3bbd16249be6bf3064f6be91c9d2f741708560b
SHA512 4954dcf07a50133af18285a37c21a14be397349685d8e2e982ef13e161cd48473b588a9779fab71151738be1f01e5c586a896117397b938a1b5a7510e2c1ceec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 db09efab7be144840e030a660d8d6820
SHA1 4d6197cb0d7f94a37a984e962268e3e61c819e10
SHA256 e6aacbcbd491709573c1fbc1b6b220c0af308a2b6ee7d77e4403f6f6d1363d0f
SHA512 fdb764aa7318ebe91caed7958394020264d801a2b31cdc55d6743c0fd49f4e9610b5ea0166a5ac7ac4805b4892d12e3b6dfcd3f4382bc8db17ad3c0fc4792b02

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe583fa4.TMP

MD5 1718112bcc412f72883312517e065c50
SHA1 1b50e9adad7ecccee3d7a518860cb9580e78e866
SHA256 32dc7ff174ee5eda95a198bd4941762c92e25c0001fb859a99508e7549dddbf8
SHA512 3ad28fcf6dabc370e52d901e88951b7f4c40232f41718237497756becd761ad78efad774b5895a98a7923c70d14a86924bf9646cdf99c0635d512018a4500083

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 31a3b75960739d27092946ddbc7a0bc9
SHA1 8cd73dcbc95b5210dea62839ebe3dbf15329a338
SHA256 1629f38b6ad5af587fdd703a695b80edea570fdf885e9ccb4bfbf47ccf3eafd0
SHA512 2cbba58a0c6882bea18e817b63a6c3d54589781a31661b398aa336f5fff16c24cfa49018ffc49d634af585755a230565a1335edbb8b1a645ec474cf16bc9833a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 aaf9137a451b0b45bf71368df2872c7d
SHA1 1300b2d9d04d438a7be85b49c26f2e87d8268adf
SHA256 95ab08ee6324ac0c88dec7afed292aeacfbb2201fc54614c58a40b75ec74fc85
SHA512 a48151bb9c36b081562bc03b47ef97f697498c668b7606ead9f3786dc2f3c8e884f2ef03d5f3dbd307c772b4e9c4152083fbaa8b4958296320ea5ea9169d6900

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 18e308e9093429b88980dc07a61d0c6b
SHA1 1b1326424b12b0e70c544285128e5d47bf154deb
SHA256 2d040f734b3a9f1a820b1e3d832e258239b2c958f344e4152bbc33eba89050d3
SHA512 4f41abc905542b74f1b52bf7a31188455285b198c3ce35ffc18b46a9363cd47b7d9d38ec4a32ee35b5191187c1467aa594b6da91252a9c3a01fe5fad6c9a4d89

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

MD5 7a204d478c8dfe822bf86f9103bbd9b3
SHA1 7114b36ea1588d9372d730b2ee5dec7a3aee36d1
SHA256 d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb
SHA512 f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

MD5 39d7414398851112641abe197c97e5c6
SHA1 c7dfbf990893685b21141c8247d65a9456e2983a
SHA256 77582e84856ae1d4de204a2cbc3a201920bbfff53086eb555e94f6c63dae079e
SHA512 030c552abde8d74d47a829435c30fe0c09ee7a124e6abbc38ee9097bc1e440ec9447afdf69d296730e007c57e1f7505d5b751f36a228ad0bd054ac9071b9d929

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 6686240bc8fde45cce7a08351901aa87
SHA1 9a77b17cd17da5bfefa44813944c2f83a0be7fe4
SHA256 5e03df5cf23f281e1468adbd4f7c6fecde0aa49aa091dff502c502259f08804e
SHA512 54d778639e5cac66fc9c6cc47198afef9ddb12052620ee35116c7e84131e10da986f45188db5ab384eb038d27d45ac7986ceb5a45f5683145b79c0f6d92c14e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

MD5 13b557fac5b38edafe500b6f38d8d381
SHA1 24e2fa42c9d2727a15667bd87b2121ea1a7e14d5
SHA256 08ac1a7327a1db87776aace18bef3ff1c3053fec213e0142b8bbf5fe7e8b1634
SHA512 e8c998e68030d70f3a54ebc24072cf9a14db9a8357f61820164be6c65a4d4aacadf81424dad586082844e5b29ecda792f4c51a552ebf7741c6f62f8ad615b87d

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\prefs-1.js

MD5 9d82d17a027bedeee09da0da6a210a6c
SHA1 a1f1b11c95ffb570a87bced020b30ae9574dd01e
SHA256 e0a8da61123176a12a0605f87d152f9305f30a5d993ffb06036ff948a36f98ff
SHA512 6b78855b197957f334464b6e64c15398e3e86bc0708d7aa509c66fe2a061a51730e5293d8380e535e74ffc468a0f1c0ea2b77ba154fec3a2373f2158c2272893

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5ededd63b57c78cc4b6adb5bd43e571f
SHA1 748f8a4e91e04ae2160e0dc58a40e99dd388e040
SHA256 930430111dcca529b3d609bb324ad7b4da260a8439b6d9f73cfbac11d01e751c
SHA512 e65cf520a9efb3283af16b1d2735198bef2cf5ddc53784ee7e4a5595dc40266e6769b73291236c524e4d44a045d2719fb7665bfa366571907105ed73d6030de2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58632a.TMP

MD5 36c6f606e9fd2d7e6664651f87129a2b
SHA1 19ecc1e31ee1db76b4196b92bc8d9ec038c0807f
SHA256 6d733d98c2e785f551b14e5cf56c5e4e516304a2b53b661850962e1d9146a523
SHA512 5567aa246c4d1116e488dddc1aa6cd713381b3d27a9cf2cf08a100f7319df967582395e0ad2037b415ee9d319da4adce198eff444d8177db70b3017932118b34

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 b84e5bb598373ca3a7f211cb2b9ae9d5
SHA1 85b415579b02ce72d32db139704beb6f04b7b7a4
SHA256 f1ceadd06920af016d2d60903abd9a19109e898d9e8ede0cf24b959c82fb29a0
SHA512 a45dfa603e52852623de9145bf0d3ca612249a7ee3fa59f5b0dec9766518d581ebe80611b13e91fa03ab1602a3d8e6e8adf9778405d81680a9837cac320c173d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 dad5366bfa2e94a2ecddc31d1d2d01f0
SHA1 cc74b12ac1ceeda7b878cfdc2dcb85251102f0e2
SHA256 a915816206bb7a9ac25fb3de93e074f7336788a2d66952882389c84f86c72e7b
SHA512 cc0af2545b86960fa0de9178c98a18a8df0df75bdc8f929a86bcf6387688ebcdb9aabee8cb91c4b0458c32206da9ce0a75073fe157d3abf820d7c25be3899caf

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4472_1247591582\Shortcuts Menu Icons\Monochrome\0\512.png

MD5 12a429f9782bcff446dc1089b68d44ee
SHA1 e41e5a1a4f2950a7f2da8be77ca26a66da7093b9
SHA256 e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37
SHA512 1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png

MD5 7f57c509f12aaae2c269646db7fde6e8
SHA1 969d8c0e3d9140f843f36ccf2974b112ad7afc07
SHA256 1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f
SHA512 3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 c4cf8a85caa5ef5f44353ff41c277855
SHA1 08eb62fc8aec71452e7d7c67bb90efe43c42b11d
SHA256 26aa3e1b6e153963dd10c80b60cc8b75714cb6af1b81ab1db0d2dfa1ea3333ef
SHA512 71f1f81a76e950df1fb840514583ee5d33ee0778b1479c16e23993732405b5de45dbc6eb8a5189c2672bf3b663a2ef107e56801266d31ebfe87fe899943ec745

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2ee5233d17b3ae6e9ee2063a5e0596ce
SHA1 2cebf3d31ed68b6733bcb63acbe2abfa95f39e57
SHA256 bf30b35d2eb85cca6adcb7a57efa49bd7bc72eede4700d0f149d67c03166d95c
SHA512 8bf142449d88595c12ad5f4070051c8fc1cf5096b5c8902e9a3284634bbd1ddecf7d7f4e8bd2cedf87b75eed2875c5a006220ced93c87157c34b221c78df7252

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 36b652d9b076b4e71dbba9b9650c72b5
SHA1 a654ffa69467b115460fd759c9c64c5b71b249c4
SHA256 e08b6032848a7136a4d8543ce71b591bfeaacd1fb1574cab6c57ef9e8cf9ce3e
SHA512 72cbe91411a928755e50fd9eb1a0d3295bc8b1de446e54db76a756329efb077c7108aa387e653ab96880fcfb034ffe4d4801e01d0a1d95148d07eae6480b6e6a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

MD5 2b6e1187601828b99dc29a13ef9aac46
SHA1 41cb7fab48a7901c5fb387d686c00cad1bc2dae0
SHA256 3ff5d2e14cfc576d42ac99508b4e1831334338b901c37c3c6a0fcd2637501f9e
SHA512 76f5c1c1899f394691775da933e376cbbfa90c7c08c0e62357b5308d14c11abfecb58f1e51841675f0200ccb711e6ce3ccd370b3e24f4a085856e6160ee4f8d8

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\prefs-1.js

MD5 d2eba3495c1a0a7e9c7de4c4fa862edf
SHA1 fcdda71f9b102e5ef1efa6c5058d47a13768eba8
SHA256 139c3f176652703c6f297cb8513f02bf6143fa6292194499016ec72263e8c86a
SHA512 bab6c0836e24374c20aaa572c44e3339e4061dcfa9968be4e76d9f00e6617f7ee772fdbaabd1905c673836cfab5c9785a19ccffae885b47dc51fb3c55a865ae8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe588e51.TMP

MD5 ea1568b089a5cd77da541c9f6a735b0d
SHA1 5d617961b6728233f069efdd2da2a44c496a50e0
SHA256 7422e021518ea90f7f0549d5d0b9738d980a98f6e82f99690a8dd200c34be2a0
SHA512 253bc73be1a5f991f53e1137cc3154cfeb6ae043cc0142ec2cb3a0450001277470b07139bfe76b17174d68958eea225a4f1b2a9a59a4edb3057bc877f54f4c14

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 21b21bb3eff6f0471845ddb8af3fa9a0
SHA1 f41c6f4dbd6af3c9aa8dc405105e08cdba8e95d0
SHA256 15da7a4ba26a352675398357aa2169476053761eaee4351db74d7b847118faa2
SHA512 dc9e46a8a900f416e2f0a8451ac9ba0d60c41b6374814453a59a0e40d1ceceb621ec304908f86fda674216182e886614f430054c5e296612f7ca6f958997fa7e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 09669771a406b60b62b161a198e46566
SHA1 59b8fd31bddaa4b535fe4c13768bca3dc023d3f0
SHA256 71ad351ad4c777c29f07da3a383b9f450f8fd390f18e6a23605d72d5c848786f
SHA512 f1391aa207abefbbf67465f0d65b01f0ec89ce5bc5e7907efd4077e24e1cd384b43c0a1bebb9360770f63eeefd9a3eec94c216f394ebc873597f9fa25d265dc8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

MD5 d1a0d8504b6a46215e2a4cf521ddb7b5
SHA1 3d6e16808a1e17ccdaca99f37ed30468391c62e0
SHA256 cb357178d5e09917800b0669d958b5517c4f8b322c01f2adeca3ea7fa4e707c1
SHA512 2ee68d71b04a78e1bc353f66daaeac1ab9f2e1119d7b6974571f8ef1a7a20fc1ea3903f3d90f3feffe7d820339abed4a26cabb230ddba3baa415309daad2d570

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\7b766dfb-4e44-47c7-bebf-743c4f43173f\index-dir\the-real-index

MD5 6c0f19cbd9c411ed4c1c607ae7e65865
SHA1 bf01ef06a254f4cadd2fc56ccdef8da39e4e3a3f
SHA256 b9b33eb6acf84ee14d338b55c4be89bb1924e010a31fcb950a29767044388938
SHA512 4629170c3a605b4e102e69909284c6baf1f3c1537bc35e1313f535014d1eaff869b6f370241c099079f6f4a2950a841b875d3a1bc7d9fc0b10561474a1f715b9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\7b766dfb-4e44-47c7-bebf-743c4f43173f\index-dir\the-real-index~RFe589a37.TMP

MD5 5317362bcade2afcbcb5c068ee8d1112
SHA1 da508af8e8f9053834a902bd2a902b193159b50b
SHA256 e8e9d1236f6cd2234f59ab7526ef1b50693a74762566a401a4328b764a9df287
SHA512 03e58a218276d33500b0f46947b33659dc2acd57993a53eedac2f9e19a99e5f0deaa6640c23a48378135b7767a6e27365c916b8009db0777d7a7f5e9cc91d5c0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 0f6aca351bf4f0010e282627ec829220
SHA1 444fce567ace3aecefa5eb875fed3b78d0a4346e
SHA256 27982da2a61cf262e89426ab332b07b7e7e05d00f076226faf429d3baac0a9a0
SHA512 321ba0ae4cb349f3456ce2fd78967136e20cfdd246e1243ca666070b44a0265f85ee00064b69c161d30d92359093c90ea924e4805c90ddb6dd4b220231b0867a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 6a2d775d769277612a796454b727f404
SHA1 3180d339a289687eee1feca7e6cb6a08abb48340
SHA256 5dbdf64dab17a3b54845fb68a6246bd9b5f412eb4dc836156ee68799de06e77c
SHA512 a29d2b2cd0cf7f7bd92fe9e0f812e0f6ec83a5a295afd5e8dffbf3d0734f7befe02e1c80dcdd28ea7812bf274fda6ee580e2dea5f90f74996a6fba1269738a7d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

MD5 631b72768ec07a3c998e456c7c0b2022
SHA1 6394f0029acb48560704cde46f8f4dab8a3eb050
SHA256 64cf1aed96d4ff5c5b849c4f011b2773680844c240ce2b3aaeb39bf2f0f56114
SHA512 5ac24cd9aacc465125e28eb810b1860a90fda57a8408abb07f22229f01b6dbfd8621e12dbb99a8d2bd001810109ec7cfeb8ff20a60ff4a485c885fed6597a05f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 edf7df3201a58217149c685eb8198bf9
SHA1 fabbd500c3ec7f92dfce2268f43e3be9bc697a52
SHA256 2a760e1c147dae31c04a0aa5b1c5912432554ed2fea030b0fb9f2b9f3d170bb1
SHA512 26c9c011878d3544cffdaadab0d470924d2c93f974f37db3f1a5152944a4549b39d9b00ba2ad77f3ce2868025f5a829ee0e8c10975483a73bde500c8e909fedb

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x3x6afp6.default-release\cache2\entries\F6620BC516C120B40C24896BCE3474E825CF613B

MD5 9137f0ee00f3a98caf71a8532ed23ce4
SHA1 bc4ca48334663e1d421512d3d0fefe9a4b582ab7
SHA256 4969f63d0f35e008bf2a17c8752140dcf4fd07d29fa22e5ecb1ec84220e52a39
SHA512 8ecdb021dcc0b0fcf8b64154fc167d32f8e2aa077aa34fe1481166af1742281a333742c6883b8c78ba70a0391488c34b21a6309a8ce794bc876462ed1b848c12

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x3x6afp6.default-release\cache2\entries\FC3D3C3348D1A09E29F8224EFE83D53EA7D5AFA5

MD5 0278d4bf3a65e64806a5f5b3adad8fcd
SHA1 7501687d0a63ccebd81e163e7d09745f1b02c4f5
SHA256 9e24e283924430497a1afb9b5966751d84747ed3f96044a33cdd9161299bb352
SHA512 3d0129e5f82e1e3c1f2f74bdd798194a2015b28fc7c906b8d93709051858a6d9a640ae523d61747bcc7842447faf28cb3f950402034f68f60405119f6340ae2a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cf576ecb61425edfd74b4429bfa4fa9b
SHA1 ace44cfc65d63be941c522a793d6480595ae8551
SHA256 daf8e5035595f8485161f6abf53945234fc11ec869302d91eac67d854c1e95f5
SHA512 506256282b7441ec5a9380524db6407235f63b113fa2ac8864612b0d9f9b75f161a5a8f4bba617ceec3dae988a581f432d2ce6a04891f0dee8c6b007b5947968

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 6d2d44855e9b816ef1e91e55fa34177c
SHA1 b9fcfc9a8e1fe96d8d94de774df8e39cd554b01b
SHA256 c06514233f3ca0bec42c4de6a884685817022b2927442b9788a70c06b13325eb
SHA512 1cd5409114fcb60965dc7d8ad729531e5485dc540b03d82480016b31edc631b65d76e4fc9734ff5207fa842a5aadcbda0f0e7d96511eaaf17ce427da16637c4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58d472.TMP

MD5 d2083435b39b0783d318602ccdd0d608
SHA1 5cbbff4793fb085a4e157aa854dfc4df20f48172
SHA256 5f089316d426cad777b52fb87fa18331be06c08c9bef21ffd42d4fe513ecba80
SHA512 34dc00227dce4488d8785ab88bf9633fcdbb05fcdb2b1e156d18561aa760405d0dba279771acc2660d0dc5728a4a987d16fde5d802eb60ad594e79c8a115bebf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3ba3bedcf9b663d93aa8c090ebd4717a
SHA1 710db15fb1c57fc4934370f7e3fe20ceec3fea1d
SHA256 924574ee35d4ca51dab0aaa4fd6d43e2542d02f064c5cccde55173a017f3ed92
SHA512 2734ef017f494fb1dd28f3bcb2e17b8869a408bbe5869002a009301275834d6635a7149ae84ab6a5fe2fa825e4c5c50624c3b89c13ffe8f05d908807a83be8bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1fff05223eb7a7e07d55946fe670148c
SHA1 712fe9471db25795072bb323bad6e7bd8e7cbd00
SHA256 b838a8f6156129502f6d3eb66f0938a0d3acb875a94804af2d23eca392737784
SHA512 bb0e084c23ba4db470802370e8a73b46928817146d80cdf6c6196e8e642571fa5d110a1084701d923524f446dce0bda86f8f1d48ee993c6aec1a322a1048d396

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 4fe6b83665152f6e298e3eb8aa8553da
SHA1 a3a5a77871ead060ee5c5a099d8392d8e6c8cfc8
SHA256 cecef689b32c954529e495017cb209056471695cf91eddce4e0aa1d45004f012
SHA512 1d151165142eea68fb204ad3ee50fa8e976cc4229d53ae7b6a5e9fdb0bbd6ddc27a5b9afaa2c8d16bb391dbe2c309ae2c6ad5a0ab0106af44d5f4216edd5fec2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

MD5 3fa057a53f831ad6f787c01bdde50221
SHA1 a1fcdbaedf935bca14b366514cf7fee3e3f175a2
SHA256 efef42a7e15c6cdba8a3e03452281dbe161deb054dc90858abd0e54cc18c34b3
SHA512 6b2620574a789ad95a4e63ecdf3f76d84fd153cb664b8ac844054531b408d2d96785738efd74c1d761d5c10ced1be9ea4e9c1d019f18e2d991dcd54095cba635

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

MD5 62ce5e754fa31ce29c260476ef7ac977
SHA1 ac1f81f1e37c0347bb9bda350427911c87132efd
SHA256 087773b73f5bf76fc4b4b6294f9ef7cbbe78f503580a4e8c58b53cf770ee0bf1
SHA512 47307b45d41589b39a23e9732e29b9810909b3edd56230afe48d451009a23c5f5b1bcf369df5588739acd303eacfedf83be8056b8f44dc3559aa3da92ad0be3f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 3b488a233a6705eaff65f324d52a5ada
SHA1 a0798df3edd1d2ee66f0096bcb6cbcb7904ab547
SHA256 4251912b86daa1b3998df79f14bb8b78845e5c18912847c6b02f7a93edee135e
SHA512 d7e07152c10c6e8f76a4f9233df5f1e8a8cfefb2d3175fa7d9f8e1837b2ae3acea23731d58410fe2b03d6a10256da69bf58407c75f9c634b6ad7ae888ac69606

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old~RFe58f9bd.TMP

MD5 52d47e9a00fd9991b3e25416325ffcc3
SHA1 74f9919a8fd49e1f2ced5e9d1ec607cb621e8282
SHA256 d7f1aade82228fec0c3e16587366261724ef511cf99d1c01c84297ebcc913315
SHA512 3dbd05482db6bc4c3ca86cf15e0103a78f1ebb4e0fd2126ad21d9631b676b86fff771a47e55a7d3779e6221eacf0920ebfcee1d7fcf2b319c01ccd4ef19bd25e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 65f7fb5af11d89c175ecbf645f700bd8
SHA1 c927c2128e23786fcbef77d3a8725426f541b452
SHA256 665d52c422cf2562e65debefcb6e05f16ef902febe150e64dca4dbc7151955c9
SHA512 194a8cf1543b5a3ddf004adfb2ba1c8a9eadb76d85ff4d972207730a01c081ec580b7abfbbd7a6566276c55de567fda208446640364cc1da5c043b0972a747d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

MD5 8d857d4f4ec82a998fb460c7db6fa3db
SHA1 e95ebe68c85c2a63985e7e87476375b0827292e7
SHA256 b0cd02b34e8eea42cf44d15d7024b495440b62cb3d79282e01d4b2eca8bcc4a3
SHA512 e1921f2e1a68d686c8dceffa8e49e5625914fccd4e5c33d308e22743a111a165dbe33870000e276e3a4014ec36774a64372b8925215450c7411d78ec1eadc9f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

MD5 dd5a72e9dbf061181916221786baffba
SHA1 8bdb0f974e3c0be5b48b86372b789e64dc39ab8b
SHA256 d2023b1931081aa85fb81b0d6c8d463d42630a3c71c3a15891cad374d30d0b6a
SHA512 ed5071ade26dcfd9a8dd37432367d81c1170739cf8028d241e40e657b95af17852b518aa214e544af08c48f32cdc1e52fcbfae777f8e4610c15172060835c84c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024

MD5 a181868bbaabb08c6ddd19c99f18249e
SHA1 af2295f5c1031f7c63c052e94a7f58f85e528648
SHA256 232344db94b0b69f0af6ca74b3f533050af946411dbebb1ce3ad37766a65dfe7
SHA512 dc955dca9f3e10ea3ed97abbc98a1993f490ec6b09a75760143db4bc727524a46a0184e3307872216cf3c072384423f4f5779a709331e92dcba88e5443811325

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025

MD5 af1a6635af0143507791a5825842ee5b
SHA1 5f35b36ad4dcb73658c08d912d07f803ad04f975
SHA256 fdec3353a47c2a508976ff3076b3b63512050565f241f01dca18975eeb7475b8
SHA512 7f9bb2064e70486165e23d6833f9e94f5c0f89d0c738ac9b6e62185491f09cad2a1fd7eefdeca77786f777e4893b69f0f4c11b56acaafd09be0a8b0c72ebdaf4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026

MD5 4112c5384c58dee37a173b6d471c0477
SHA1 ce571e5606887b91effbcc88a218fb701d108c7d
SHA256 7d7c0d9dbeeed4faffba1f86bb9893901116965d6b2b0498f46d86b85da36047
SHA512 d279c4bbafa9ac1ff0ddc52d30ac4d4016d4825ba4c34847e6a57219f6e8eafa71c83a027aa934137040225889e8987094ed3c6aedc3c0dff9ae34862220ff59

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027

MD5 9301f37b626106a4aa736464b59c27b4
SHA1 afb984ca62b766e0ef01828e28aca626ed35fbdf
SHA256 b8857d6289bbc55987e0c7b7618518a5168b2428f42dcf22c5b37f25a6fd0f08
SHA512 2f0151678be23532d90500fe941e9886b1b0fad708fdf4234c047faf502aabef53e3bc6cdbaaa57799d272e7285ad5fe0105e1aa3d10d93e78ce3e3040cda756

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

MD5 c24509b5c94bbc7938d432e43df80930
SHA1 7e3393ecf872fd9de12bcf982793e77f8014048a
SHA256 7e3e1f385dd12010d4ab92f2178202bccee67b0f1b598bc009cda801bc6b8a7e
SHA512 a6fa8443dd66f7fc89b50768e0811a73b3810bb92ddc5eadd077cb91a96e774df1e5eec33ba92fe559d6d2c91b32be986113386879d282f60cfcd5faa038c8a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

MD5 2df428c2ecdd16f6a6d2f9b1ba111038
SHA1 9ffd93ed134cf3e624140758df1e718751fe014c
SHA256 e5b8aa0cd8d6927fb90ae00d9e83ece2d8a24000572f84d6b7494d0169021dd3
SHA512 dfe8fb24846a5bc64c4dfb2a255b6c23ade2dda2230795402d4963025d711b95cce6821003caa8e4ec24ce1e2207736409d037d876631cf939ff9a985ded6ed5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 40565ae77bdd56c5065c3040f299cbd3
SHA1 326505677956a0caa2d8c422b300e510a0c44099
SHA256 a366a1cec37da47e00204083349df8c8ab365b666391bad9298ffeb692539ad7
SHA512 630930aff08acd9b76e3267597fbcd35cc74f4faf0180d8b164896b8ea0fa487f92cd054f0ba3382dfcfafd8a29d7b202ba4c291c6be3f2900cc4f64963d62c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b

MD5 a261d489fd63782c64ebe51dc9d23c2d
SHA1 034bfee585fe3e166dd34f8a96676d6bd97ff078
SHA256 55ea77d14548d9749edf0730aa8f8bbd398d7182d40bcdcb4682003168a0a7eb
SHA512 65e79f559f4acd87da26d41df09023f5d1405440e70306e9a85af6a129787c3a31a7f69989f8558ac6afa6b8d0b108349b2bcceb58365aac2a96c2ec2bc95361

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002e

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 e0cba8f1f8455b0152b043cfd4f83f6f
SHA1 dfce9f9745434f28ec483b1f6bc8227ef268386d
SHA256 96b2d79ef8d1114a00f18c3bdcf878a0b6d301c0b83a07bdd57d05c05da6dcb6
SHA512 71122036d559a5ccebcff50f48d2043d86607c34083a0a4c539fb932394afd4420d403c145e29036cf34ffa6e305c1b4679c1cedb46c5d6e26a23dbc57fd5496

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 68c44c048a51b1719cfcd2f8264a791e
SHA1 e729d0c94be68cfab3816a957b07a08c7b11f3d9
SHA256 41df14eedb3f68ba0c1346152b87d7bf7f2c64334a37fbaec221603fb559b044
SHA512 969b4e7b0908971ebceaeb65088ca6629ef408a6aaf2d3d04c12fc2a1d1e273873c37e7449a493bc1ac38235de32a4af4132cb41b9669ba062f63961f08197b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 4d7febaf8ba1887a8b2f5fe5bba2a54f
SHA1 a0958dc2b247a1df207322d43505688ccff06bba
SHA256 619a8f527024733e7596ef95e04c0f9b2ccd389f78895aa573bbbee6159f1c04
SHA512 46dd7319efe8d7c292d557451504e2e5c0b073431070492461722cf3ca392020b49109988d8ab8dc4c447cc002a4a6b74395f67e4059043ec0303bbeb3288bfd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9dec5614280435295d8aeeca81f81f29
SHA1 e5fcfbe792ac07088518b5313be69b288f3166f3
SHA256 a8dbc059645a0c3c07bab9353cc79bbf1db9b05a561e72161ff6bad97a249744
SHA512 5c3382c4358e57e9bb512d1fbe1b6420a9cc0b5a81d76e741f2f34afd6b74881695a7f688fd9cf981c0197c136487ec8c8c97c742cb915f531446e38d2a206ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 f3c08f8d89f90d1d85c51fe6da7d08c1
SHA1 46cc252abc01177e4ce19eb766d3ab4e10f2c868
SHA256 e2477bd2c3cc703c1aaf370a03b4d60bab72a7d2bb5166cc4c880641f135a64c
SHA512 d281d9a72908424fede50ccf9fbb3da75ca60346e289174bb68cc254c7bdab7959c7e3525ed35120543868db5a39bbbca44d84785bc9f79c7c4277ff77c8cf69

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b416ae4cf22dc6656cac541166a5f80e
SHA1 48439195ab811557f15e7063a9679a71f6ce8c4c
SHA256 6a9802d14f7b8c07008b8f85bb7aceedff6a3888742b041ebc5f27da65cb30cf
SHA512 146fecc2051e789ec7003b8c23c7b13df3fad3cf7985012de2e8b77f77da1b4010dabc03fd2e0b82db8ea5035296a842a8815be26dd971565318681895e53c18

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4f518057-56ad-4f9c-a97a-ccefbe33805e\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 491d341b490502c9e2cb4dbeec88e0d1
SHA1 6d9bdcd8711248db15c41d9e15cbfcd8ae3ff084
SHA256 17f2202215ee3b9278ae8343b73d4704af2ff52de0fb24d804996818af4dbdee
SHA512 0d5d0fd50dd97f0b6ab1915349fafa10b2d31f49bb9ad7d85daa649755bb50001fee9f2eba59ffaee442b3b4a009b9427403092ef29769c12c22927b6fa1b7a9

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 b27fb7dab2532f65f951d7cddc94209c
SHA1 9ab3de83e75979b5ccba74c3e2a3fba492a01022
SHA256 0af35b3221ad9bb531b35355afe568cca1a86a2ec77d289cb1ee39aece5ec2e3
SHA512 181df87782a0a9138fc2aa10e0e7294c640815420e599454d6d08bd89268caaba2f242218a3e6bb3d7de6dd9b6cadb33c2ae0a5ba0cfb1e44c056e3fd48461df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 a674e5abee7e8cb05c77a596742d0ad2
SHA1 2903d4c24ba0ecd5f4a6f0c736a2c43e009cd153
SHA256 e52545f792188cd0f7048e2829e38d08b0ab31765987aa6a866e30e25af0f25b
SHA512 bdb8e1afbc375f90c55d379ad07285bf36df583bccba5eb9b4d28b4ab1e2fa66df7563f981ab66524b0fbfc0dfb3c92cbcf847f21cdce398212d4ec1aac6c514

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 5bdc8464955b4b242c4cbf0354489cbc
SHA1 a28b7838aec16d9b0857b965ce668199f609bf1a
SHA256 638331eaeca5ffc9867cdd2ff6e1345126ad14f50634c3705c6bebbf10a5fb60
SHA512 ccd6b35616ad66507a76dee03f704c74289df4bb954458479930c0591ac544cb36108e656177fab2e4c612ab82d77cc086c9e5f3f1ce886ad83e4becc2f772ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 44b96d175ba4a425259f11760a8d4cf6
SHA1 a268f2e8654a6c733415f52ca43f5c052c5bab61
SHA256 fee5a27de3ea0365f3da655348bfadc773a02a9f8e58ed48a6d776b3808e46f4
SHA512 8b4b1cd908762b0ed266925879490ac0bf6f9c1b1204a9384fd95aa1cf1bc28e41cfdcaa97393d09d6cfa30aa26f9b20f327807f3ca8288b56be2dea5a2a85d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 ccb2924d5188dbe88c406ab7731e9be5
SHA1 c3c273ff5f8fcd9ccc0f1ee94d29cd8648d382cb
SHA256 a88663a45ccb21f484810d8caf061307c72a9abb50af4375f13d549fa92e5a14
SHA512 3d76acf118d56cf4d207695fc39d7a3575fe09c85c61d96b212cfd5fb316b7da475729349087d39fd612f61a14bd364047f24c9e3ede65907ea78b2e0c63bce6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 d2099e721893b69e7c7d1c8de6e558fd
SHA1 e4f789f5b25662b1200925b5006f44f67b54d544
SHA256 018c44379dd72ca0259abbfceaaddfc41bf0f3452bcd858a79d64b79a6f8d39a
SHA512 39d05f64c3169027cdf7af4a5a5bcb607fddca31fd0da8f22a46408fea253d263b9e157511ea11158b78af38a152a9528d6fac1267699ab25ca5dab93e9eb4bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f

MD5 81ac05c6d01d84d913a56c11909cdc7d
SHA1 55f6bd5429c5a35ed53caae2cd50d856edcb7883
SHA256 b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5
SHA512 0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d0fb829beed128715f70b1c297594db7
SHA1 003f1f0bb3d897a66b1e89ca78cbb2d20a5fa2c1
SHA256 fbcb47932ec1e1070e06490e93c4625d6137858317b7889dce7e8f382a7c26fe
SHA512 33acf1d41691350575693ae143b305a799a49bf13cd57a183858b320c59e9a985f067b99284a399b9996b54d21ba7a0586630755dabfd90cdb94fbab0425227d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 d3ae1c2e94221fbac8478fc322aa38f1
SHA1 235ea0ce74aca4a19df8540f292c9c43eb9809be
SHA256 5c0609f0f31593586593f4e606ea581339fae00d30a04ccc164e2d426db24ee3
SHA512 fb25d57b843f95f7a4ad840f8d090595ca246e29b7ea24fc6bc2fcb8bcedca75e7a357b10c689a97458bf59b8f7ad267d8ed7b8aa1f54d40dcc551dd5e303cbc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 77bb201b283609cf3f43f591739158b4
SHA1 08f0e7447f31417b7c000fd527c4fc4a82ae1cee
SHA256 99ecaa5db5f1736c4b98458977e89e86c48c9cce050a3afb1bf5ca96f9180def
SHA512 6b7e79d2f2683a1a7503b2a58a83d973cb6759051a78638bca07db76b1718e196455ff1d989a9b94349651f602ce5ae691a7ddfb53d87669f5d930ed34c4dbf1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 49fa580e97fdc4d56482b3c623110a64
SHA1 af96a50efb116c23be9a85891f103b89f3d418cf
SHA256 66b23a378da13ebec79fbed8629cbc035eca15d2be1e617d58c0bb5dc37fade3
SHA512 d5f3043872968376132c44c4156e26be579d27197c1cd2798bd1c424ae9af1a0119f8c255c01730897c76a7aa48affad8bdaaf0156b92f9968d0b8c029b9ea33

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e549882c068f7fa35c6e5efa65aaae98
SHA1 24711460a5bed5b946d0cd1e509d114f5a9b4d76
SHA256 bdebf3229eabd292123ea5cb1a14098a985e45f38b51bec77d8ed44b8cac328b
SHA512 16e9cd03d5a0a018d1f4ea4040c77c4b329e0456f2c56f797a42136a38ae69a3c2cd1dea6ad2e7e0841fd7e36027a1a5d92876da5a6658c434941c71cf377c48

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 7e20cc700d13be1b30a623dfdcaf5e73
SHA1 090a0815ec1b5baa0cac91462269b642f6859226
SHA256 e8f49d8afc3669cfc1ed10b1c7f796f7a64c71c9dae51d0dea3ac48a13a6f041
SHA512 13da6d3f7a2e3fad7599a486a085791fbd36b12e84c442e0bc1b8abab73610bc43cc4db13e9220d668dc1590a7a4fde14c2db8e9b100e8fa4ba680f79bd9de1e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 cc0592534ce02115a29f3da43767a245
SHA1 9078918cd57eee5b79e1d1433acf298b4d18109e
SHA256 fc083b20c3f92059d90e5e2c7ef97ce80bca67c0b76b9e668ebe450c364436d2
SHA512 690ab29ab1aaa48b4d9d909028577636a2741494213a449528d700b424c92f59c7db9f3ca8f06769147e054a75614cee5d7b69bf6df16cab780a74409f81aecd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe598a83.TMP

MD5 81a60f55c67f435e6b9a61fa68ed49d6
SHA1 c69b1d81737936ad171804d6d59c51f07010052b
SHA256 a49c8edfce7704a34c2848f5a19c12b567a420c817c750515ed9ed4824d1b593
SHA512 f96b7a2e27a1dfd0d51a36fd33e5160058bc2dbcd0c7691a10200b98f248e6f83c99289a681c632fe48b666e9bd47aec9f0fa8eee0b23ae03cfa3ce5fe579da8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 95ebd6f0827fb523c7cb8c19dc896bd8
SHA1 b9818244edd7f2c1da8d7724ce28fbdaae9aa55f
SHA256 fa1c3eefdda2990e8db7fa6975a856c60425e67bad24590737cd35b7a7e69ac7
SHA512 fa1c4e51cc2768cb1e49b1962248b3c5b1318f514b0fc4c858a59fba118930299f9c291a483cb5ddd83692f6316ebbb0d9f81e3e4fd53d0439bcd94face288ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 73a6949b4eb10df78789abe8ffa06c2d
SHA1 ea2b7964acdd7c7b8d83fd01490291539ff9df11
SHA256 3c50feb6934c38a94ffd80dfa08b9548720454126ca7fd25835a3fb147fb814c
SHA512 8aabd9f9a36e74145ae0aff51a1784a7645ee48973ca0eb6d0553e5cb479706382388a697395f9a0fe21eebb4c5e1e65013a7d80ff88bc6ceea1fe51a62c1d24

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 dde245c27d98d7c6ac917ad7e1e33a43
SHA1 ed94b8d778150bb475bd3f92a97f8f77f57f426b
SHA256 d2ec22f2fed59f2795fd083afe5bde3ff818a1e75e43e0c8cc3b454a18b5161c
SHA512 a1d11ff3eee58b12a0e6eb0e3d3f89a2f039e2a3e2dea6e062c2040dbd221138ff97671af23a2c366a0a593189c00e54b114dae26086d7b5ef253b9c05292e35

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f71dd7654e78c817c646fa31d7db0b88
SHA1 e9240d5ec08fc76d4c052ab35e0820776e5319b5
SHA256 f37e8b2168a0137870e2ff40c4f8adce8d785864499f2f3e23eff21efd8d7097
SHA512 9f2f21dc853b2deca5969c282b23866b315a1cec11fb1f80fd3009e38a77eb916e4ed0ce4341346e54aa7e3bb4e2a072cdb9d1c641f2e61cde1e339ff4f3d3fc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 c73c08afec93b7ed2be1143d6b270c9b
SHA1 a43f864133f1c2b7d40abaaf09a7bc23d1a08209
SHA256 8567b8aca72ed0d99acc5a4519cdd42c9ad309df2b0dfcbaca7ea30cc93f3069
SHA512 9cde127d3effb162cfe3fb8ff11682eb5a50762fe89b2e68d8c8184e2b144d74e6ef2552aa294f289b264d2d85652ccc148e4c21083a8bfcded1697d87dde615

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 6463655bc44473351fe8be22308fb1d8
SHA1 f2c8d4390aa3322897de61306c5018d3a6f2d3ee
SHA256 1c1002d824935a25962ca5884f9ee320b41d0874611f2b1c82cc96ac048356dd
SHA512 b1251e55e0d4513229ab208be101132acf66380c19f1fb0dc9e6bf070d48caa89da62c013587bb07993e1ee1b9603766314ead95783ca235eec0869a636353c6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 4f6f42052b9f0872511a00a6dd3d957f
SHA1 c0a2c54cb70f2814a410eb313a6b0ef10239de9a
SHA256 bf9217321e7d29366c1bebc3072760fd67375661f2fd7b7bd21178ec7f316d3f
SHA512 da4e0de905b654719cfb5ded3657a5e1141eba278ef2f5a7ab24940fdba4c77706a53a21205921ff3ced26375fc7adc41aa11a193ebb116336ccef55d2248e94

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

MD5 3ba7e6919bc260bb6ab523197f2be3e1
SHA1 ce2d7fe3aa42d99d733266d023f6aef3766e7785
SHA256 1032fd6f298c16aaae3f1ae2059591f2f5d40e839de4f22a5bb6d41c38a39818
SHA512 2806c96ff57678813e20abc51ffbcb8ebe8986b3775df5d42812be6b50c905840503486d1b963d1fcc6c3de572da4bf9ee175b802032753785d3de69fb0768fc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 3b2df667a176193cba046f74787e731d
SHA1 0525109b7a249a66df8c8eb7d24b49852cd076cc
SHA256 f38e1d77aa0173d1c110ebbc24f55704f74d28b33c70302f1170c1f4213f611e
SHA512 f6a90da9852126be776f2b7b488e04d8ff3cc6e0f4b222e1d9fb7aa2c938d586d4c88150dae1fecc24606c5a80270eb7c70ca4286a0efd2c2478aa2701056ebf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 84b7d2006ce33ca4fa6cf74672e5d272
SHA1 66f259522a8dcb358d34a835bcb2f0856aeaa3f0
SHA256 d3e959a61c30ec483f89b0000bd510d6790c7d4bfcb4384cfdd84adf369850f5
SHA512 9cdb49950e91c330b1fcd5bb307b41285e0448cf720cf4565158ffd97597ac3afa82b36a67f8659eab94c31af416bdb3d79c2f7a63a9343bb600f6cf52bab765

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 f0f4359ad0387befed5819af438a2d8f
SHA1 53ee1a74d706038f7f2f8d8b59ed61fe1506b43e
SHA256 044e8b2fcfcba933155d3c4a309e7ab98d234477a8e41e5115483f3b4dff9078
SHA512 4bd93c069e288dc3dbd8477e9d12b67b9f8438eb9763ed4076039f4207a857a9e9035699f7009e6c5599355db7370f2f849727779f49fe2810d8f596bee483ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 c92137bc17114e462c7ca4e6f12187a2
SHA1 f02470092f11ee3f0ff8a09ba48f177ddf971592
SHA256 ae9644131c5fc07eb5418b170ffb6107c9b030d5ebc44ed11b6d5b98fa06927d
SHA512 0becb08fc24640be2ce7bcb75694946f6b9f475ee1a63d05c0c42380db617f8d7e97c9cc39c090f136581b4f7a101b6ab935afbc43064d64ffddfdb796810209