Malware Analysis Report

2024-11-16 15:51

Sample ID 240206-mzjapsgbfn
Target 7b7bc9c3d4f928be978ea3c8e4e83fad.exe
SHA256 63aba47a62c9290618931c3d8fd217575f1d880334729c975048598292be4380
Tags
google phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

63aba47a62c9290618931c3d8fd217575f1d880334729c975048598292be4380

Threat Level: Known bad

The file 7b7bc9c3d4f928be978ea3c8e4e83fad.exe was found to be: Known bad.

Malicious Activity Summary

google phishing

Detected google phishing page

Checks computer location settings

AutoIT Executable

Unsigned PE

Enumerates physical storage devices

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of SendNotifyMessage

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Checks processor information in registry

Enumerates system info in registry

Modifies registry class

Uses Task Scheduler COM API

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Modifies Internet Explorer settings

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: EnumeratesProcesses

Modifies data under HKEY_USERS

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-06 10:54

Signatures

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-06 10:54

Reported

2024-02-06 10:56

Platform

win7-20231215-en

Max time kernel

40s

Max time network

154s

Command Line

"C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe"

Signatures

Detected google phishing page

phishing google

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{0F850E11-C4DE-11EE-9853-CA8D9A91D956} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DOMStorage C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d80bef292bee784c8e3c940d61fdfeb800000000020000000000106600000001000020000000e65d384856559fe52eceda723b5def273aa490a6ed76d4b9e8ff5fb079c5304b000000000e800000000200002000000060e48a7ed00751c4d7645bd729401ee12a6b1d608293d2b07d39cead525abaaa900000002d635de590c74508877d43f78170ebd996795ae9a20fd964080e33a87a64ab955750405ff49e23d58495a2e7066a765dc59f1923b3a299fa43e85fd869dd9f25563a67abd1972313b34ba4ab1218d1644ea50b786a92f5325ee13d4b7a1d684680774199cdd57e05ad2c85a965415d962186fa61cf4c932a7f1e59c33fa381c1ed8ca6785e49318f0d6a5ee8e39a386640000000cdc32cad201b83043193556c3e8cfd770be7ef82aabcbf7686acf8724d1c85d139343171301c326566de87068acc0db17209efa2e0735934749b0dce07468c4c C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{0F8C3231-C4DE-11EE-9853-CA8D9A91D956} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f0cc7be8ea58da01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d80bef292bee784c8e3c940d61fdfeb800000000020000000000106600000001000020000000b040f9e3594e60c8f5320b9eaa9f64b9176e3140777b84bd3e546d8f2edcb28d000000000e8000000002000020000000b2bf41e4072eabc547d3a4e260045ba6c965de3b1049b56b0f2f6dc4a13d28ac200000008b943c1e8f5a3f8a5215f647d1e39bda8ca90de7f64753cbf292692c92d4fa334000000078d9b172503b92dc9091c7bee04dcc2af74110c63efafe1b2fcf544407ae638d42eaaa02487c578963067ad071bd8fbd107d5ad300c773bc225ac582174248b8 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3036 wrote to memory of 1028 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 1028 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 1028 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 1028 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 2120 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 2120 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 2120 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 2120 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 2756 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 2756 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 2756 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 2756 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 2976 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 2976 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 2976 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 2976 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2976 wrote to memory of 2632 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2976 wrote to memory of 2632 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2976 wrote to memory of 2632 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2976 wrote to memory of 2632 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2120 wrote to memory of 2844 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2120 wrote to memory of 2844 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2120 wrote to memory of 2844 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2120 wrote to memory of 2844 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1028 wrote to memory of 2588 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1028 wrote to memory of 2588 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1028 wrote to memory of 2588 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1028 wrote to memory of 2588 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2756 wrote to memory of 2136 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2756 wrote to memory of 2136 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2756 wrote to memory of 2136 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2756 wrote to memory of 2136 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3036 wrote to memory of 1524 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 1524 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 1524 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 1524 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1524 wrote to memory of 1684 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1524 wrote to memory of 1684 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1524 wrote to memory of 1684 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 636 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 636 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 636 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 636 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 636 wrote to memory of 2140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 636 wrote to memory of 2140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 636 wrote to memory of 2140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2340 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2340 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2340 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2340 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2244 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3036 wrote to memory of 2244 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3036 wrote to memory of 2244 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3036 wrote to memory of 2244 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2244 wrote to memory of 1396 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2244 wrote to memory of 1396 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2244 wrote to memory of 1396 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2244 wrote to memory of 1396 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2244 wrote to memory of 1396 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2244 wrote to memory of 1396 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2244 wrote to memory of 1396 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2244 wrote to memory of 1396 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2244 wrote to memory of 1396 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2244 wrote to memory of 1396 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe

"C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.linkedin.com/login

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/video

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2120 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2976 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2756 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1028 CREDAT:275457 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7159758,0x7fef7159768,0x7fef7159778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef7159758,0x7fef7159768,0x7fef7159778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef7159758,0x7fef7159768,0x7fef7159778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2456.0.1679362717\152002385" -parentBuildID 20221007134813 -prefsHandle 1252 -prefMapHandle 1244 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a563a25e-3753-4e93-98b6-9ccd7e5c1d27} 2456 "\\.\pipe\gecko-crash-server-pipe.2456" 1360 4303e58 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2456.1.680576649\166898600" -parentBuildID 20221007134813 -prefsHandle 1544 -prefMapHandle 1540 -prefsLen 21610 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {74b54f6e-cc5d-49f0-b712-6ec38c00d9ea} 2456 "\\.\pipe\gecko-crash-server-pipe.2456" 1572 f2eb858 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2456.2.1614910347\1011902719" -childID 1 -isForBrowser -prefsHandle 2080 -prefMapHandle 2076 -prefsLen 21648 -prefMapSize 233444 -jsInitHandle 576 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0975811d-e95b-4018-91d8-d903b931c167} 2456 "\\.\pipe\gecko-crash-server-pipe.2456" 2092 1969f458 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1132 --field-trial-handle=1304,i,1415816758462588459,7850146040897763709,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1160 --field-trial-handle=980,i,11233539958213361096,14288517492413557644,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1156 --field-trial-handle=1312,i,11923785221223392803,404963771703427547,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1504 --field-trial-handle=1304,i,1415816758462588459,7850146040897763709,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1472 --field-trial-handle=1304,i,1415816758462588459,7850146040897763709,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1556 --field-trial-handle=980,i,11233539958213361096,14288517492413557644,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1456 --field-trial-handle=1312,i,11923785221223392803,404963771703427547,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2192 --field-trial-handle=1304,i,1415816758462588459,7850146040897763709,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2204 --field-trial-handle=1304,i,1415816758462588459,7850146040897763709,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2340 --field-trial-handle=1304,i,1415816758462588459,7850146040897763709,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2504 --field-trial-handle=1304,i,1415816758462588459,7850146040897763709,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2456.3.1043559897\1480102704" -childID 2 -isForBrowser -prefsHandle 2632 -prefMapHandle 2628 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 576 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {464196c9-89f5-4fe7-a785-491627c02ea3} 2456 "\\.\pipe\gecko-crash-server-pipe.2456" 2644 d62b58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3336 --field-trial-handle=1304,i,1415816758462588459,7850146040897763709,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3364 --field-trial-handle=1304,i,1415816758462588459,7850146040897763709,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1144 --field-trial-handle=1304,i,1415816758462588459,7850146040897763709,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2456.4.1828854909\173203885" -childID 3 -isForBrowser -prefsHandle 3652 -prefMapHandle 3376 -prefsLen 26170 -prefMapSize 233444 -jsInitHandle 576 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0142a423-ccd4-4df2-aee2-233662962aec} 2456 "\\.\pipe\gecko-crash-server-pipe.2456" 3680 d5b258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2456.5.1808698901\1541552528" -childID 4 -isForBrowser -prefsHandle 3852 -prefMapHandle 3396 -prefsLen 26170 -prefMapSize 233444 -jsInitHandle 576 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {33526b34-fdce-4ae8-93f4-91c6586a5c72} 2456 "\\.\pipe\gecko-crash-server-pipe.2456" 3764 1ee9be58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2456.6.47091619\936885666" -childID 5 -isForBrowser -prefsHandle 4220 -prefMapHandle 4216 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 576 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {21331ae0-6438-4a8d-a6db-84d8a92dfe8e} 2456 "\\.\pipe\gecko-crash-server-pipe.2456" 4232 1b384b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2456.8.895227608\1747258330" -childID 7 -isForBrowser -prefsHandle 4320 -prefMapHandle 4388 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 576 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {49ee488b-981e-43e9-8cdf-73d5fc27a6cc} 2456 "\\.\pipe\gecko-crash-server-pipe.2456" 4456 1c3bd758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2456.7.722714921\10972656" -childID 6 -isForBrowser -prefsHandle 4332 -prefMapHandle 4328 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 576 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d821e97e-b8fb-4824-861e-95bd5ee815f8} 2456 "\\.\pipe\gecko-crash-server-pipe.2456" 4248 1ee99758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2456.9.1571094333\1339371379" -parentBuildID 20221007134813 -prefsHandle 1960 -prefMapHandle 1964 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fc702e03-a168-46bf-838a-bb6fb07f7cfe} 2456 "\\.\pipe\gecko-crash-server-pipe.2456" 1816 1cdf9758 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2456.10.165804393\839908705" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 4532 -prefMapHandle 4536 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {04d92d1b-71d0-4aaa-8488-7f6ae35d6d8f} 2456 "\\.\pipe\gecko-crash-server-pipe.2456" 4520 1cdf8558 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2456.11.620610388\690307017" -childID 8 -isForBrowser -prefsHandle 4964 -prefMapHandle 4960 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 576 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9cad3943-f4ed-46a7-ab71-a2f1451d9637} 2456 "\\.\pipe\gecko-crash-server-pipe.2456" 4976 22246258 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1084 --field-trial-handle=1304,i,1415816758462588459,7850146040897763709,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=576 --field-trial-handle=1304,i,1415816758462588459,7850146040897763709,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
US 8.8.8.8:53 static.licdn.com udp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
US 8.8.8.8:53 m.facebook.com udp
GB 163.70.147.35:443 m.facebook.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 facebook.com udp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 platform.linkedin.com udp
US 152.199.22.144:443 platform.linkedin.com tcp
US 152.199.22.144:443 platform.linkedin.com tcp
US 8.8.8.8:53 fbcdn.net udp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
US 8.8.8.8:53 fbsbx.com udp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 www.facebook.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 163.70.147.35:443 www.facebook.com tcp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 34.216.128.175:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
GB 172.217.169.46:443 www.youtube.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.46:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.178.22:443 i.ytimg.com tcp
GB 172.217.169.46:443 www.youtube.com udp
GB 172.217.16.238:443 www.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.178.22:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.178.22:443 i.ytimg.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 rr5---sn-hgn7rn7r.googlevideo.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 rr5.sn-hgn7rn7r.googlevideo.com udp
FR 172.217.130.234:443 rr5.sn-hgn7rn7r.googlevideo.com tcp
FR 172.217.130.234:443 rr5.sn-hgn7rn7r.googlevideo.com tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 rr5.sn-hgn7rn7r.googlevideo.com udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 rr5---sn-hgn7rn7r.googlevideo.com udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com udp
FR 172.217.130.234:443 rr5---sn-hgn7rn7r.googlevideo.com tcp
FR 172.217.130.234:443 rr5---sn-hgn7rn7r.googlevideo.com tcp
US 8.8.8.8:53 rr5---sn-hgn7rn7r.googlevideo.com udp
US 8.8.8.8:53 rr5---sn-hgn7rn7r.googlevideo.com udp
FR 172.217.130.234:443 rr5---sn-hgn7rn7r.googlevideo.com tcp
FR 172.217.130.234:443 rr5---sn-hgn7rn7r.googlevideo.com tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
N/A 127.0.0.1:50170 tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.200.42:443 jnn-pa.googleapis.com tcp
GB 142.250.200.42:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.200.42:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.200.42:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net udp
N/A 127.0.0.1:50177 tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.212.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.46:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.46:443 redirector.gvt1.com udp
US 8.8.8.8:53 r4---sn-1gi7znek.gvt1.com udp
CH 74.125.108.201:443 r4---sn-1gi7znek.gvt1.com tcp
US 8.8.8.8:53 r4.sn-1gi7znek.gvt1.com udp
US 8.8.8.8:53 r4.sn-1gi7znek.gvt1.com udp
CH 74.125.108.201:443 r4.sn-1gi7znek.gvt1.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 172.217.169.46:443 redirector.gvt1.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 216.58.212.234:443 content-autofill.googleapis.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.169.10:443 jnn-pa.googleapis.com tcp
GB 172.217.169.10:443 jnn-pa.googleapis.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.35:443 beacons.gcp.gvt2.com tcp
GB 142.250.187.238:443 youtube.com tcp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
FR 157.240.196.35:443 www.facebook.com udp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 172.217.169.46:443 www.youtube.com udp

Files

memory/3036-0-0x0000000000DB0000-0x0000000000DB1000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0F876F71-C4DE-11EE-9853-CA8D9A91D956}.dat

MD5 1073ed8977998c217db4d9aa3995c5dc
SHA1 588a0695a0228259a5ed50c58c7ebcb3a4a7115d
SHA256 379eaa93347d4ef4a23b7bf38d1cba1b65e7aab731ed9d4736021ca6a549c6fe
SHA512 5e510cd940f3a48be14eb13ff2657995e048e0dd8da3fa1f9d76baef4439d10a0525d76b38f8f1ead0310fb73bf911768141f264d347ceb8583b10946988acc1

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0F850E11-C4DE-11EE-9853-CA8D9A91D956}.dat

MD5 eeb7740ac9abf2ce2cd47877862b01bd
SHA1 973c4358e991b6b47a0e0d0d9dbdcedac1fbdcb9
SHA256 461ddb070ac6d79352a70083c109591d63dee354c5748b69e408bd02e04354bd
SHA512 08d020bec9043379dca0399faf49b89efbe9ab090ee893f25faffef74ecbee30d6663da242237011fa846e0e30659f95e90825e42ceec847266865047ce04e58

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0F876F71-C4DE-11EE-9853-CA8D9A91D956}.dat

MD5 89101a79864999ae177517a2ffe248fa
SHA1 720c9affeb8647be69f3272c0b8a964ac3338fdf
SHA256 9ec9cb34bc505dc6e12f594e01231fb92243aee580d265344b7386ebc72b16fc
SHA512 393ce4c81599ee34abed3f101c9a6c8850d5491330e9604ea0ac7c4ca8d223ed323d2854d870474fa78b1485ff7727d37a4672e3653273a72073236570253ee4

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0F8C3231-C4DE-11EE-9853-CA8D9A91D956}.dat

MD5 5f65f0a4a6b801453e8d336f53b60088
SHA1 545e0fe02160b8cf318d3e8f17544b2d33dfa2ea
SHA256 700e2fb776f01634a85e4e9b540fb56709ea49d92344a35539e4d14d27489a69
SHA512 4a72d23c014eb3c37410b9a1ddcaf518bb1c26ae113b4a236a4941ef82f310968a772472d4f18c64c4dae1812f575c462caa4ef5103d96b39daf7f0e82d4ce87

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 122cc56cf1913cc44e0e7c8f5ecaa214
SHA1 d58d1af45957ad4af3fac2be83af75449c3b73a9
SHA256 42fcb874dfa6505d12aec0669fa7a091c6b4b92c63526da374126c01b53c1ed7
SHA512 4f8eb9d07fb7d2e6997e487c5fafd974017b9b3a833ee3399aaf5cd7b8f155146f483788cf40de6b13b1e8b750de9d842c25818ae655757f82bd48dbd450930e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 a0b63d315b1a6d763785d33e2b012991
SHA1 6d813b35f7750a138077fa4fd3fc7aeff05c89b5
SHA256 46d505297e9e4d9e7c53422ea4ef00f7428782e779bf5f8830d862c81f144c26
SHA512 6fef92b8b27348bed8b94220adc74173b1d7d1aa995d8404c32051c03fdd2fc4b946a31c60e3152ea17ec045f957d341f92e3bcd222a2662700b71aa83216d3d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 8e619e583cf0ba5f6a634580c5173b48
SHA1 761a1223b0d486e8599be1d8d93b61cfd1d93a66
SHA256 6581ed47be6c6ced4c3c8e56243b675ad62cecf295259ae6db4455b9bb7799d9
SHA512 b545a80acec5eecf41a4ae75091439a70f8b2b1c5777a86188c8d23d56cff658b9851ebbc3488cc829bd5288f6bd140309cc6ffafa1e9008c72c6e21007703d1

C:\Users\Admin\AppData\Local\Temp\TarA297.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\Local\Temp\CabA297.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 09099a931194e70cb83068769dd5966b
SHA1 12ede81b4952dcfd996bffa782b0b1bbdc9980ef
SHA256 3b210462a777061600ba472b25c60787b790adcf268f738940268fe3e8225c87
SHA512 e377a21a93432519534bcd7236157d5092d6701566a0e993116049b20f1fc2613bc324d0457d36d3a007e95656e94188cd48d63f00bc3bc3cff6210d0cb46dbf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ccaa27e899c3a8628cf6a21502825b4f
SHA1 bd682f762f6e146488801fdf64c1097a523e0443
SHA256 235ba2cb63809ea309c923fb214bb4230ce6e708b142d6c0277374abc25045e8
SHA512 15f9c8a0b8fdc4451eca39067543f7a1a8998481ae054df20f9e8a4d4b43233d63915b64dfd24e2c869eb2327737023ae031d477fbe42dade09974b0ca341904

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 10c679fde451b17c06b54c00cad3224d
SHA1 1ca61d0c87b455e771cd0b932c6f6264d104dcbc
SHA256 bc91cc1af5f9878d8fbb049db3833366c2e945e4f6371d015ba18083fe9fbfb4
SHA512 a140af2edf526f66fccb16b0dc501ffd5122d24a59dacf800267e1010bdb6b7579b9c811466ac93658645f1795f4809ae599ff88a23b885f9946299fe0163b6a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 56cdf2ff249db563b6f71920226669f2
SHA1 f7b63487a308e665043b2f6851b6b722c23e791e
SHA256 7b895fcf8413eaaf737075c779887c4680ef6048212f40ff31838324cdb799e1
SHA512 bb4a3c6588e5bad35ce5215dddbb35128f03dc1f3eacb43e7b5593097d4b801d4fb041a1cd96fc1fb541791cdf27763fddde3965357cf14264fbcf33fc7cd32c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 85aba89c53bb7c2a4f540128473bc3b1
SHA1 493feea8df0a909b5b0e0cdc04c86b193fc76f27
SHA256 98e383259fd9f2d438b50930f12b97f0ecbfc10365e78cc24bb6154e2ca888f1
SHA512 08a64ec7a30d04da12cda38456315e19c1816f9382de4dfbc9646a2a755d7eb8c299334246b3831d63c2d668b369e1c2223ed3a570e0fb10537272b2c7402614

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 f3493dc133c5d8bc2c92f1cc9795fe8a
SHA1 883eed65f3d1a64ba91c5d3327e2bc8ef5476a36
SHA256 df2c18d56b34711b8c28e629e3776861117671863a348c24a6a10b3e828b52db
SHA512 465cd60c7684d3d5985a9c905f6fcf202fd5d787a3ee53fb169b3d9affec2f3dee7e3b8512154dc0c736e9e2d9391036043ff429030a74ae6bdd0f156725f7e3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 75ed212b8ae7a81eeb40f4ed11fdb4fb
SHA1 6ff7ec4d4eed5d578a354a3b2030d53057e6577e
SHA256 22879bff02a1f61198241e2914c085309649f8a1064e28f1017ae88134980f65
SHA512 263f819ca06855923d154bcb3f3da4085ed6b7b6039e7716431d62200f69f2ee9fb149ca16b11c7df45ebdcbd265b842e1c8d5719946db3217e4f4ad63682dc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 6d411811a39fbcbaa8d4914d74cad104
SHA1 615094d6bd24c3c0609eabf10c8b5b3d51018b40
SHA256 0c229f9d716f652b1048e6905f8edd7301ecaf3c09bc4d634e6bb3e451ebf373
SHA512 cfdff7004674409154403c78432df56d0f8d10b3a0bfef162809ecd6d8bbf85ccd40546cba4e068685c61514ca1fcd999484c4b2dff83d127a6a37003d452464

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 62c562d799138a150a27b676b14a62a0
SHA1 7c3bd94955780cade5bb7635febad952027b78a5
SHA256 34b3abbced36cf01d9e9d0c050c4537aa415511fc5afba83d43e40af6f338f16
SHA512 46ed9aca4f226f8c9384756c2825a7583a2824d6c0f37d9c12658afe21c790d9cb9d352020eb382f7c392455c3a5b64e0544016f4c0fc37ac7be33dbb81cc5e7

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W79VKSP8\favicon[1].ico

MD5 f2a495d85735b9a0ac65deb19c129985
SHA1 f2e22853e5da3e1017d5e1e319eeefe4f622e8c8
SHA256 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
SHA512 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0ptx2pp\imagestore.dat

MD5 021ffd4d21ef4c99e9287e6000ddb3bd
SHA1 5da16bb938806a09e71d9baa830afd7b394aa719
SHA256 dc0daa224e8021919fabfeddc74c2a4c5d050e618e3ed3815c682ec57788e458
SHA512 4478e2713566a7e1780d2a9882eb27ddf375b1d7dd768c6971ba5428b836cea014262748817779d0b2723a2246a78684a28e50a95ad9e6dd2bd85557f419ecd9

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M2VO416U\3m4lyvbs6efg8pyhv7kupo6dh[1].ico

MD5 3d0e5c05903cec0bc8e3fe0cda552745
SHA1 1b513503c65572f0787a14cc71018bd34f11b661
SHA256 42a498dc5f62d81801f8e753fc9a50af5bc1aabda8ab8b2960dce48211d7c023
SHA512 3d95663ac130116961f53cdca380ffc34e4814c52f801df59629ec999db79661b1d1f8b2e35d90f1a5f68ce22cc07e03f8069bd6e593c7614f7a8b0b0c09fa9e

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0ptx2pp\imagestore.dat

MD5 816ac6683bdcee4d624b1aa04f128566
SHA1 7a29302a770724f1d86be78b112c3b6c82df76a6
SHA256 479531ec9c1e12777c313edfa3f4ba89f3e86f37239c99bde68f68401f786c18
SHA512 53303668732878377562886e1f973cb160ab65f0f880dcae01777b4ff82295465fe9c4894986a0d4cf7d53a9bd5c07b272f1730c15a29e4845d4139166efdafa

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\53DMI0KJ.txt

MD5 1bb51e7411d0cb4f4264ca8bf42d8e76
SHA1 f20883d0bbe26e8ead67879e2accdcb30c97282e
SHA256 2b30c4883daa88f3502b8a81e56b0695d967234eb4a68a712abb403aa4a92515
SHA512 c7a76b5e1cbddeed6a96f4dbfda1da73ed74a2da13f8c84610558ae919028c82f17111771532647a6430e275debb2d8c0f5c2aa5c791673f420be27707cddebe

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 7d10d6a2d05142b2f7de42728ab93a9d
SHA1 dd26f063d2bf4688cd996ea46ec9c79f9702483a
SHA256 a06c2f6ee0ae9af14551ac19e95835bf20b775d835b558529eb5979d474f0919
SHA512 74738a2f5fea62431113b09022d031000ee1ee3fd15d0c02dcce313c1f67d7c9176d13a715653d1fd23ed10c8c8fbdeccfe09bdd17511e3f92e218ba151e9139

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 1c2f57dd3bff3ac682b7da7cd436d389
SHA1 535f5044da458257dc2afeb3effe0dcd9f6c9093
SHA256 4ac6b8c211940d310aa1a4135cc177f874c55685adb7452df20c792e7be12681
SHA512 4e2c2e5c00fb39dc2ebbbf361a7e94b78bd8a99ba103e3166fc11134bc218562ed98b1330144b68e1ac83f6cdbe60b5972c4fe00a072e558bd79f2ccac553a64

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ0GGVIM\favicon[1].ico

MD5 f3418a443e7d841097c714d69ec4bcb8
SHA1 49263695f6b0cdd72f45cf1b775e660fdc36c606
SHA256 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
SHA512 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0ptx2pp\imagestore.dat

MD5 9ac6e5299934ecbf747a7262aa269206
SHA1 46958477ac2845c4b6137c24d7dfdc7e58250784
SHA256 5186d16fdc6497530d6bd62267f86db0ef768b087034b6a09deabf81872dd659
SHA512 0bc83cfc0a604b11f5f540bc1733731ce894105def59439320d33c7969fd63da73e4dbd2e1e1beec613cff60af878149cb715affdacd07759865cc07ffd13d3d

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W79VKSP8\gB76kJXPYJV[1].png

MD5 389dfa18be34d8cf767e06fd5cde4ec6
SHA1 47b751cffab47d076816c63ce08d3e84600376ee
SHA256 3c45ce612f41b1e7936e7cf5b235047344fd3146d1630e342f186d1d1e8e00d5
SHA512 c4db18f636ad85e87f93a208fb4b02b528659ba367e51cfa6d7826ac1159f445a85fbca8d12ac67556e8fb5208dae24ae309e783d50feb088ef0e9f47ac19430

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0ptx2pp\imagestore.dat

MD5 40d62ae0d3f8a26e7d9e8df68b3aa10c
SHA1 0da94883e20d8ce4752477c72a93055e4c0d98e3
SHA256 bb6fa46f28bb7a7fbc884da85a327651c18329492f2b00ce35a5c1f1161fbc00
SHA512 6b16f2f25ad0a1d2f3b039308e1636853bb33cd638d71158e3f2edbcaed8c425ac7b481c2ad893489cae9c45dcb83c884d3a36a9389e70856221061fc2bfdbfa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d056c1952097670b461f2c57e270d921
SHA1 9ff8260aae7420260eba86af9e6ff1537cb2a23c
SHA256 42ba5d0c65c15c781619444a592d993f105b714ebdd5acfb84ec42c47428e360
SHA512 3b5bef55884162dff312e607cda45f8bf18a3c822efe7d510ce729875e3b05d45cfbf3f8bbab7cdd9b97d6aa78cea5beb4c8a37018a1805db6115840bb42fb52

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 921b921d4c3ccd50292939cd90984f66
SHA1 685fa68a81338d4a521d51371d0652fa2415de5b
SHA256 85c77d6ff4fdb833856c9623e080cdfc974d7ef267827e922703ca56414707d6
SHA512 612d7349092d7a41e867b57c88cd304330508c82a7ca918bd4bd394352f6e4f4ad5ecf5544b7c746a70fefd417a25d371bcd01e26486cdc6b1bf082220f4e4c6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 38a46889ec9c3c7b9ccb8934e099ddbf
SHA1 913718386141f8468949056d64fc97fc5765822a
SHA256 49004286a4b7231ae6f1718b766f735953afcac5b599f803239c87fa791d80b7
SHA512 f84db1c7b1c05579b79d298c67063559dc5b7d44e8ef2bb3de8422c7168937a9d778408b8e65fedf8f207d19bf309b1f3a4c8cbb00de6cfb6e5f062ef5049207

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 39f6ad6af200b563d556bd700296a59e
SHA1 6f82d7b4bfd343bb8b45497a82448bfb0adde1a9
SHA256 b3059a91245772f5ac5f8c4e071b56c11547dcc6a6545691aa23ae91fa2fb115
SHA512 84cf7e3217516f20f4706e72238bd81ed05dd1f40341198bfad565c84de02fe0b8d7ec8fb4c9d63cdc3a90810f0eb6bf3dd1f7e0f97f51d246897a00b7b73c7f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6ae9c3c0e6f47a6b3771a594c384a94a
SHA1 87fa57aeb7ceebc0adb2c3fa95ce074db4a9840d
SHA256 fdbfc6cde0349ad5cd425d734aecd7cb64d405346282f624902ee80c70bea0ef
SHA512 9d57a264e01c132f424ce1aa16b99a8bbc391c57a0e818ceb55079e25a935be71f9bb0627a3838a53e45c26b5bcb54867f2fcd36951d1f3602109354a02e78a5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0e8d3e3dad00d4291d27bbe588e76340
SHA1 df2ba7682f72055a6e5bb5c6bee55d0733fcaea8
SHA256 e4c018fd9d5e8b536fc79b8b316da5bda362ef7222de825c4817ac59e2978f30
SHA512 5969e79d1fbf41d15facbcb58b2d62505bb175eb8bcd2c228a51c8d4e49b8622301ceea9136d44151a164786504eafad4b1be78ebd5066d0cafee05ee5ba62b6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ef90789c5180227f882a993d8e815641
SHA1 7b9a7e2e12b00aa8968e748337ca2783a12a9322
SHA256 0a902d0851ef10d88fc0f257305d83434d0023c32af5869a15f25c714c8e408f
SHA512 7e90dd821a8dec26fed5a44900dc273f094e7344769c4e5b255c775198668f643040d9393946da6058edc66f469c27a78582f395558b12bd4b591ab7d91e8efb

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 83ac6dd314f1a7eb46cf515f35fee968
SHA1 6f6b228c02e90cf045b1bc89e17db95869f9eb6d
SHA256 e2217245cc611dcb18809a2c52fb19d4abac6c058c9a0a42a5b7490ca84f0215
SHA512 edee812673a68542ec04e520a530f6781ac79e7a3b1e5e85faefadea900bedfe58e2be7d99d4618b29ac83cae8bcff8d4f772404d2d3a7e858d9f53e1d5dd23c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 64719fbabdc29853dc91b79ae4fac32a
SHA1 5da69753b1b2ca5bf791f25a51ed8e0dc7dbab98
SHA256 0e75c7eb6ed62f0b2f6ca847ea0fd9453ad4b7ff152af46ce09d1f33c9674c61
SHA512 a7123bd6b48f0883fb8711a0ffa6d480ecdadad5d68f2dc68744c3ac67f7f35ea072c4df5cc0902895a38530af77fd769533c7d12d700b389dd3dff03dfc270a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 75daecf97cd14411696a7b38a7f22b1e
SHA1 0134724d66ca9ecd5ad5a5909c6860d284320b26
SHA256 a3fbe44f94545f2527d958bd7816e5561481368a4282c274d716b15dea6db62e
SHA512 4c47497e522886f22806557cd4723a591ab111c9fc6d3b88f8872667a512d7cfb7383446787d6eac4df610ff8dff3b5741d7a54e24ac1ebddf6eb771657d4177

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 6ceed0c88ffab51ae4b831f53ba82b6a
SHA1 3f6500fa70a8f4fa4506551868ba008b23e3d6e4
SHA256 6efbe2390fb6d125e1d4d26f2c4ac6f9130a3dfbff7da0e60f31a9e11d697ef9
SHA512 0bd942ee8e7ca33fff6611e6658001480b707137cac3932ef73de61912caa26eea6479aeb64f9b87eaf306c3dbcabd07d1528b16e11524dec4b3dba7e3c2b2ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

memory/3036-891-0x0000000000DB0000-0x0000000000DB1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

\??\pipe\crashpad_636_LFRZZQKXCBLMLIVG

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 bc6142469cd7dadf107be9ad87ea4753
SHA1 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c
SHA256 b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557
SHA512 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\036a9cc9-989f-407f-b818-5f958436bd88.tmp

MD5 fef65d8a8e5fe8db4c65f55d78d37778
SHA1 c8a6a99ecc93e7ac14a27977c483ac0885c3f4c2
SHA256 a01a36b3c4f3b6e01fb938424e55bbcd9bcdd7a71ff9e58ebd18b7d1f71b37c7
SHA512 420a88bcd5c786ebbc56949a2c4fc933a287553d091caeac9433efd58001a96af2007b34cb7b970c0880c5392b673a4b92691659c470664213cecf885119fcfe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7e00e4c480791f03d32028718863725a
SHA1 ed2b268cfbb1999da4556c0aa938ad421f1aefce
SHA256 ecaf56dbe85beb0a74be896cdef6be0fd87fc803300c8d3e211327d077529d25
SHA512 20e69e9de8b7e84ebc1de46fd257e7c0b65338c5cffa538bb333c418504a31883d78bb129ab712e4ae64aa070a4e05d9422719221edea4a079e46904db961bab

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486

MD5 c17c5088e019bacfea8553df62052b9e
SHA1 26aead98f437f8aeee270d21d22ca3692c6e72dc
SHA256 e2029cd46350ae86bd2c4f70e8f3597be5b98dc75c89ac190b89ec4a12769f25
SHA512 cb94552467c4a767224029f48879090d0156b9f2f5d0b5f7c58ee706cdd13add39998ef2d657334c4ffbd3808625ae6e4177105bbfddeedef99c170303c5e0d5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486

MD5 6a741b97050b7e3eaff6f97bb334a02d
SHA1 5fbe6b01fdb16c55627ab8c5d035b83f3b8ca5aa
SHA256 2f2056888cd04f3403b338daf2ec8c6f6b8beb2d7c2e23e5b995ce66ba1bded0
SHA512 49fb4e6cdd3055ca2a4e38850a5abfb85f7877a0f48e3ac48621bac20394a3a18accb0e7fbd220f07d85a7d085f522beb28b04fa955c1283f86d74131bc14e9f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 35ade679d757c039cebcd82cbd725493
SHA1 7c67414eab5b3488fb11722b0938468d0014ceef
SHA256 5612c49d0682fd95eded83ebe9cbf1aff7754c0dec757e8f4fa5f5359fcbc76d
SHA512 08e7156ab1ce6809dad255fc6eee905473325b9cec7a0fc45de16a60c1b59ee7d24d3d6a7259efe60b574d064d88da5b0437853c6b6b8415787945efe44ecd89

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_4D5101BE24E3D91707DD60953C1BD871

MD5 971f6299dbb70c19b38ca9075d9594ca
SHA1 eabd947e9b2869a38f6ef5ba32edf32a00b4bcdd
SHA256 602254a1a9e7bc59aebac2236b855a4b3166416ca1caf57109bc66aa81bf19e6
SHA512 3bbf449dc69550fce1e98b48127a171bd38a78949ed90d9e1125ff7e2fa3afe8918687f1fa21b812ad528415cb941c76d685bd1df29d573f67827593815bfcb1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_4D5101BE24E3D91707DD60953C1BD871

MD5 e64cff64b42221ba9b1d1bc9bdede02c
SHA1 c5eb662e1757c9130d1cc767e115e1c3a102f952
SHA256 91a0db9a0ac47efa3039014a722aa0987da5bdcc3a6f382be10799c3537bae51
SHA512 043fcf934d506345527aa2bac865be1d8db7c8e961627fadc1b89112ed04dbba816f1b9bced8949b98b7fd924c795e9c68273e2b2346b7efa92d647c9f28d25b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 9613d86d16668d367cba8e4fbefef1e0
SHA1 4f5f4658c554fca0ff959fc20431f3d17c2b5f21
SHA256 cbb79764c688b7fb079c05e6f8304a7718f8a482e4e55733405eb1c29268140a
SHA512 980446f1679cbc22ba15f95f195078b10e162a1909a71ef585cb7e66d8f2d2b66e9a0fab1a686a21eb160175b894fdaf5b870a827472887d023017431b27fb8e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C

MD5 6b5cc191e4404e1787afb240e0ea44ea
SHA1 03362321488aec760d301dd180c8569f05645dd1
SHA256 058f955957af07023ac0bc2b07813ae03c4c05d6a915d23a0d7594093f719a50
SHA512 5cdac7e2b2920052467d7a6cd68f9cbc5e3724b0ed743e2b2d4f01ab817a458029518f8e16f486d76efb14d7ae37be465e0368adb56d623de2f74939b8bd512f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C

MD5 017be7c20f13a9ec3bd74ad4267145d7
SHA1 cc90eae8fe4385219158f98282c2c36d12bc46f3
SHA256 010d263c79fdcb29104d90689e9644114215d0d3f85b7671a4dee982d0a24ec4
SHA512 f0efd125b8ddbf9e93f5270f0d02b11a256e9ccee15556d3cba1a9d58425e2ee4655c8e70710255a84bba1d01bb9db81528a993c5141234dcb115708080b009d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\datareporting\glean\db\data.safe.bin

MD5 1f1cef20e36259e5f7055bc30139638a
SHA1 17116095add967bcf58677efd550e656095ff335
SHA256 addcfb46ffc25629a5ecdf32141e505e3d654dc5652cda373f90274ad0a18708
SHA512 c5f01493216f5e48f611a5c595cebcbd3d415f81eac75098ab04af300a228f12cf26076ba06b18c4a2aedadf215957ab9ab372a06626646a411a584fa52d8971

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\datareporting\glean\pending_pings\91f5d5cd-6b8c-4079-9989-2bbe9d2bc3f8

MD5 221cdcef67160e66d8061260cd9c0d1f
SHA1 d8e09f83c5b7f4369242c4c15f81ef324de6e3d4
SHA256 9694c6c0a3ca2d03c5f37ebba468d98afa5743ddfb7a12f5cbb03e766c2902c3
SHA512 8176754f4f63371e359db825337e2fde89de97552dd8eb4f6cf20e97a77689a01d542295c8b9afbb116baefb1f289cfeda45571a87dac1fd45613f2c66549ff0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\datareporting\glean\pending_pings\926c1f69-903c-4cfb-973e-b8d313b1ee3b

MD5 539e2335d2595a4ec8e54d838a183081
SHA1 0d95156ea4dcb2b5fabc4473159e0a62b0f59a18
SHA256 cf9d04c5676541f451bce5dc837e54ca618600cc9de14a5590daabdff4cf6b59
SHA512 7f8d34e996cf71ab623c581d999129f664eb9b79fa79b07e8aaa4647ab8328a58669f2f40cf639f41af43d088d866dda1e6729f53421d23819334fe866960b34

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\sessionstore-backups\recovery.jsonlz4

MD5 a03422c2a2564bfb12fd8041e07073d8
SHA1 2e69e249c2adc75f1f7075ed17dfd4cccac17b36
SHA256 a67fdea7cfe6319d26e19b43e95bfacf253565927e661b2db1c440af7125bcfe
SHA512 c8fffe351253b7731baf3aa3ceb18b4a6db74137eea10b636844944ec90d27bc763eb9b20bde057d0ab09a12d41f1ab6dabce27da8f80b6860924723fdaa5152

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 19be8fda4eb91b2b3fd5175a0ac55679
SHA1 b6948b0497a2e6e5231b2cb2d87c91e0a7d21804
SHA256 d07b6f4e6a032b7ffdfee443424903627547707d4efd9d7ccf459e07288281de
SHA512 c79a662e79a0b8532a180f31925d09b85833d4da69f5f6614f0dabf8174579da12c63dc6774b32b8d858b450311f1fa3bf7b33936d52b44a354587f7cb63a210

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\prefs-1.js

MD5 7caa37d6d8ef73c6ea264940ba707cea
SHA1 ed7f8ee4b4cd3164df5f3a2e22a09fdf06f81b0b
SHA256 59cc2b1933c4f500176c5dd00f18bda73a448ce3814bd99733ddedb27391dd2b
SHA512 dc7753a0637ce4d703553d343f9e174d256f8abb91decc263fab14d8bfe58e028fab3ebb1e78b2e8e13ba69a74522f5163b9cf6edbf4f8133e43b39abf8d2c67

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\cache\morgue\25\{fc166b2c-46a4-4135-8ecb-862feeb6ff19}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\idb\1316482663yCt7-%iCt7-%rfe0s7p2o.sqlite

MD5 c3e97c7b2fc4c40a6897abc0eb1e1165
SHA1 2f05fcfb5abafc2523ff87bd320b76cb66089814
SHA256 c769e45172ba7dbe504b13fd42e9d02abc1ee29f57856cec21cbb0f4e52b5004
SHA512 9a80afc3d144a679c5951809c9dd961f36542bda2c0f4a314938f08d40dc41cd5cecbafd1c2a77a0f20267a6b5b84ebd1cbe22d31d1e078deffc66f51a46fdd1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\sessionstore-backups\recovery.jsonlz4

MD5 f10f3d0ad43762516ce3f34eb5d4e9c0
SHA1 b19e384d8e3f0f07f8b99484dcb9fddf17f49ad3
SHA256 54d893734d50488c558c37ecc1813f443ea647dbfaf6daf8c3e372562cf1ea60
SHA512 a46573ef4ff243ad53fbcc0794c3028cb52756991d0e217ae695d0c4d9e732e96de7140e362f2603d19dd4f595923930cf870b4b3ee7a4ae93ec969d56bc356f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c939568850ba8291131719e4c6150dce
SHA1 2ce9b48ea9fe4dff80b1c90601274a51c4bbaaea
SHA256 4a6181d930fc2d7ce20baaff47553b3ddca449953f909b30bf2a7bdfaf50d6a9
SHA512 182b81c70b8971251942bae1c86a1f4df0fce6d8ddee9edaaf033864e6b5fb6d6bd07c63f60d3b4c9bfa01dd147a7cc1a3206410dcf03bc31df3e6e96c6d8b21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf7774d2.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\prefs-1.js

MD5 4f86a983b1aadc07a7f302fd020118d5
SHA1 cf289f6a86bd7ce7cad105268c62fc4068f3e239
SHA256 3ad8dbf02b0013e72ebcbab78f57354b806d461ccfb6da22fe514cf37b1d9115
SHA512 005508134d584dac56d49f61a6d32366d75cefe42819433e659d7a559d46864b3e5924c96e9845fc91a7b63c9ef1b062d90c28f825093815adfd7894f5c27384

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\sessionstore-backups\recovery.jsonlz4

MD5 5eff6b1614c17c267a6675986267e272
SHA1 7bd138cabde1a6aaa6f3f641458d4f73c05c5e31
SHA256 cafdfb1d52bff0f31d16608c3cb629011a40eb7947f01dbe2486100fa8e4ed74
SHA512 91ddbf4130b7318b77a792a9b348fe56ec10caaa9623a92004393df4ff302aac3b79951d2cd154653ee8887948e53ac9f1c413ecc01f52ed94c44d3cb1c1dd25

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\cache\morgue\29\{852a279c-32fc-403f-964e-8948b260041d}.final

MD5 51bb0fe00991a2ae6707b3aefc583918
SHA1 21ec201ebf41ad57faaab02f7961ce5a746e6dbb
SHA256 97dc140355b2b45b54c3dab1ac66b951afae0bc742402cbc342be117f4424e0a
SHA512 41863cc0f1252366a5514dd62a06f4bba493029b8c7a35e19173b6d7f9114e7098fa35d284623b6641d28f7d7bee1ce99064987afc985dbf0354368f71f9a39b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\cache\morgue\37\{1f2c6116-c0c8-4b4f-9ac2-d90b4ec7cf25}.final

MD5 45e25bb134343fe4a559478cd56f0971
SHA1 79f18ad0b7e3935c3231ced0edd8ea3c7997ca93
SHA256 dae4dd8e56ccc952312b3b238a1db294d4d7ad4f532c31cd1c2e5f9dee881678
SHA512 9b32b125c4183fe992630bc6ce9a511157959556fdce53f8264aba2aa8fb7b0e53b408b505da2cc96cdec771470927e74cba3bbd6eb71a5077e9f933cdc85292

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\cache\morgue\225\{82087571-e54f-45bd-b27f-014622efece1}.final

MD5 5b0f165bbdb71faa1bb5b26c4f022e96
SHA1 704bbe81e0d8370e675246e1cbb347bf8599aa45
SHA256 b95a445bd9d295276e8423f1ad3fc50c740512a634f2115364217544bc87d44f
SHA512 6c521b2c55135ec98f79193bf9c62b73cfb1801cdeed03a9871878f677aacea46cae165a4290682768ca1c1192dff2e87b63c39228164d72d2c7abbe732f8d20

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 9a1e57ecb1040e0fe3fced03becf503d
SHA1 cddc33c910f37beb5e57e817a11231f9b4a91f80
SHA256 e130f0c58fc63a116e2f0a7a51e727615537cb1881570edbfc228c692f2a37fe
SHA512 3ed61a970c16d133afdd07c766f4d00cc6aeb6327d5abf7c5ea03beee5d2cbc0d6fd691b4517ea20b6f27e7a2e8725744981f91d6e4c9dc881b62478951796cd

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\prefs-1.js

MD5 928dc364df673a016beacf25c88315a3
SHA1 5d7edc5e1589bff0a149648531749a12cebf6d41
SHA256 ab739a1c4141818c3e2ec24292c847c3f804134b5f004b666706fd35c93d0872
SHA512 37c6b73967703da1aae35e3632d3cbd6f0649cba6a9fbbb390e082b9ba2e13bd248afe183aa10577ebd97fa1252c884de65dd8acf52c9bb6292d6f7b33f8cd11

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c6263c575140797a163d1c7e19d1e450
SHA1 3d92dee9b7bcd032610ad41b9c9bf992769b56cd
SHA256 0591de078de9c7a41b54d404cbc4357eed00fd3ce55ca5d75e3213714db59ad4
SHA512 0395bdccd377d3fc30bec5f567210b0d3f48b86831759892bd436c12eab01f5be0edc6732cf29c40d52c90e87f291bf2d832787a9849e70d657f3866fea26c90

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kzcnpuah.default-release\cache2\entries\F79E655681FA450FBAE189BD91CFCEFD022B565E

MD5 72e3b4f96bccbcf665b8fe1b578fb8d6
SHA1 4c30a3f58bb16435b8e0fad79f2ef1935b1773c5
SHA256 99789c2401cb9c6f69281dd6247766ec2415e4e9041fb018c3929257cb3ad301
SHA512 bbb0960cace713420e0a66a0ffc382482643a5481df230c45756e1c4aa109a03398e77b0ed358c4879d19d21ed22aff2ff249c84b24f99a1d91192cd201c4fe4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bb2d5acf34275c3af155a20b400cb0e4
SHA1 fee1c37ee5c6041cf2cf2d9a2598126ce7cd5ea6
SHA256 cf081f2558fc745f8d45e46c2627ce80879bf9a43b9c6978c27d57031c5635f9
SHA512 a1e3874b24f4e2ecb2321821f455630ba8e35f393d93681dbb52d80929809044fc3873197ca49a41c921174244c701ed34bf9af1c51e76c2a2b769c29f788d30

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a0677923ea8d84e8c6441d2280037e80
SHA1 2e3b3e0b4f9fed6945b1d91b899ae9d5bd3462a1
SHA256 436430ec94f16409e28c8970b14256fbdeb1c1ec88c21248ef4516c228a7e66b
SHA512 adc51241614a1d9bdf5dbf78fde61c8b14c3f5be7bb2c0a47ae75f41b73eb8a46562df78300dac43c42b1618c8a265a147b51c9790f2b913cdaffd6fb665a379

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 caa286b60a1ae073ff6ac820678913d4
SHA1 2ff9570445e55a90a9f72ebb7d15e245ecc32cc3
SHA256 171859ee9dc00946a63247ee96f48bc964fc9b1d247261d45204926bc982b856
SHA512 d7b1ba86fdd168e54f45cad6ac85643dfa5b1cd390f20e78a00be0beaff5e3606514023a610b81ab79c00a940ce40ae668ba2b5dcb4f80fe037050d7cd878d22

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 90f4939c86a54e8dffb3cfa71cb68e78
SHA1 6c5e0ef3b822cdd8553c1a3cb2819c3816b01875
SHA256 c7d8726930ba3dafed2e738be75f84ca3acb57ab71116731c40ba74bbca93848
SHA512 88ae07c223e4b0a35c8cef8e588437c8d866852ea9f0c48bf85c871f8bc8bf48cb28515f8ef135f4df4f23f03762423cc06caf547ed0f20844fce15adef9655c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 affb2fea5331c933fbaf226464b4516f
SHA1 96fc3681c04af6f92b99ce1c3d08ed794f5491b3
SHA256 8a0656efe3551b2d821a1cc1a5b97b5ff38ec53fe55423b6101c7b04f7a39153
SHA512 fd1362a49ad2ee580cad60218a8503f63d7a4cb8c129fd2a3a019d3a480494dd0077bb83e2d647d018536d8295811ad4ad291fd471886f5e379a422502c34379

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6250363b0610a765ddf6f94666994d26
SHA1 073c82c7a4f61105285bd061c64b6794d6578e99
SHA256 0c3884435858314d140c45f290c1358601e1871bddcd3dc6b0a2cfce8d96747f
SHA512 0b8b4168f7d173986c01b6aac0d24f8f5373f7dfb2548bf59c19125fbfce6290f09ade5364ee998b5be5fb49903823aa5e49f9accaf90228f88eb801136435cf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3ff509fe7b8e30486916c07e95707368
SHA1 bfe150216d8532c532bb7d50c335d56e5d4a8d48
SHA256 139a9fdf0704b8ab996d46564d4ebf1ef1535ce6243cc4d2a72ad6f6c6b7eb2a
SHA512 2a9496eb1e63446fff4fa7e579076ecd96b524bbd45ae2a897b07d46879a11259589e932145fbc17a7eefc204afe2a68d7c692fc069aab5786ebf22efff3316c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1ce46b823f4a1190fb16acc084f88dc2
SHA1 35b737abae7fdca85e66247ed18b6dad7581ee01
SHA256 56b99837328289f4a7b7a268cb9d0a40b7c73159818dd1c576672f22950a40e0
SHA512 b7f4abf85d85eaa69884beb19b9dcdfeab110869517d8b6dee35b76002f28d8bf79c72b7305cd6b6e2f8bd564bc9a896cfb8c126865854226b310f72d6ef3213

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 06c57e116a7964679817dc94a1e1844d
SHA1 e133b877e54d4ba94e28ee4f05e8857d78dbc487
SHA256 231d47b7277420c86f1b24a3ccff16cf80af00747d8ab4d6d2a98ce1c8f2879b
SHA512 19b314822d380a93167273f5f7ff95d87056f9844a707fb57e6a6844abd771b29c2c6fe4328b925b4ffc64ab9342bc7ab6e9fe33ca68144764406903209177f2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 362b5a9f4d17cd0a6f088298706d40a9
SHA1 36c57d2c78fc94809d6ad1e97deef5f866edcf74
SHA256 6d297ff7597f96863cccf6a8a35a0ef243759f7e1b9e618dc0d328ab57bdeb50
SHA512 33e9f2a83c5885678f474df402a0180095778a06db792e5e0b34a5c9ca2b3bd6bf1078fdf2e6f26c3a62e6b75eaee7b4746e30184571507274a217eca10484fe

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e4fe3308f9dcbf18f8b095c3c6fb41cc
SHA1 8014e9f261e25d83184b7c068725183a7b29d8e3
SHA256 5a87739256a7d3530dbf8446357370276f93c71908dee731690e2ad89b5dbb0a
SHA512 ea3b0ecb4f9e39ce7e4695bfa658e82f12ced78675727efb867cb20c834f4290293c1f76b12e53b210e055e90869470fd0af0f09bf817942a6608a1467a17e0c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\sessionstore-backups\recovery.jsonlz4

MD5 d0927869a093a56953539261794853fe
SHA1 637a25573e5f147db5eb72001c701b1973006bd7
SHA256 08abba551f4d0256239678182c5d6eaace37015408263ea9bff066aacd2d7a8a
SHA512 e2a5b4e2225dd698729965d7770d36a3dd5f2c1a80df39ec2015df92b16261fd1b2d08299dd252c5838e055c752cf2c8f7d71f6b31186bbb557303d1a6241d51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8f28ae50a5ec41081015971f71229640
SHA1 9f57676012f7e213bcb50e31602addca1cffb364
SHA256 26f73a68b4c5a7115fbb0f565c7cd651ba077ccc6425367697bce07b1ded7d8c
SHA512 25f426c070b960d8047b32c97af89905beb8cbfec749f6a79764d93c7b7acfbb8d8becc626390f12caace5248f9b791f79e6465fa872723130a3c1c0c0021186

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 19006b3e7aff29b6ce0bddf7d46998ad
SHA1 40a6f4589d96e46adc0cb4b191f4decfb02de4f1
SHA256 dd579cb5c586dead0e2510b9fd17dd00765a588c1463d80a235c135cad6b98cb
SHA512 9f70a156aea3be61299c172ce8cdeda42be5b36fc3a02b69cd5548ac8ddd252ee4c9242b45fac01c68a5c06264ad5efcba20be8a2349633b0904415925542b4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\9f1a8e2e-143b-40f9-9899-a63922cc3814.tmp

MD5 47c9635caa2266e1a5027f2055743a46
SHA1 be8cfb1ad670bdcf1bc51e5d5c411af186d48979
SHA256 7e898f66ad08f93424108f65db4e3f1c93afca167d19ea4332812b39daa2fa72
SHA512 0fa26abaa47981f539bf268e5c07f4af908814c4718c3fdbd3bc3a0763c14e950fec6254faee1a71f9eea82e16cf46db7e0f84ac50a9365f57b644845f34fd94

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a13dfb7adf4d84ab3909a58787cf46b4
SHA1 5e3661e08942d9194d2fde2c005f2a6bc6a8b8b2
SHA256 cab935e39e62912ea6ddf87c6e51476e33e5231f410153f634191bce382aecab
SHA512 ccf4f60dbbb842a770f92399e292012cf7e3e13b4bbeeec91363b83a64f1a889ab39d0641e91bcef6b8ed0957e7efcf026fb7c01bbdf05d087fb361445542f57

Analysis: behavioral2

Detonation Overview

Submitted

2024-02-06 10:54

Reported

2024-02-06 10:56

Platform

win10v2004-20231222-en

Max time kernel

149s

Max time network

150s

Command Line

"C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-3803511929-1339359695-2191195476-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133516904626312208" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3803511929-1339359695-2191195476-1000\{B8B75B7B-895B-41A1-B1AD-0B02BE1B2076} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3803511929-1339359695-2191195476-1000\{622B6704-08ED-4A2B-B2D2-030BFFBF79B3} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3803511929-1339359695-2191195476-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4636 wrote to memory of 1152 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4636 wrote to memory of 1152 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4636 wrote to memory of 2916 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4636 wrote to memory of 2916 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4636 wrote to memory of 3552 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4636 wrote to memory of 3552 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3552 wrote to memory of 4512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3552 wrote to memory of 4512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4636 wrote to memory of 2908 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4636 wrote to memory of 2908 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2908 wrote to memory of 2104 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2908 wrote to memory of 2104 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4636 wrote to memory of 1860 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4636 wrote to memory of 1860 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1860 wrote to memory of 956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1860 wrote to memory of 956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4636 wrote to memory of 5048 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4636 wrote to memory of 5048 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5048 wrote to memory of 1932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5048 wrote to memory of 1932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4636 wrote to memory of 720 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4636 wrote to memory of 720 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 720 wrote to memory of 4860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 720 wrote to memory of 4860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4636 wrote to memory of 3840 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4636 wrote to memory of 3840 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3840 wrote to memory of 1540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3840 wrote to memory of 1540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4636 wrote to memory of 4904 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4636 wrote to memory of 4904 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4904 wrote to memory of 4616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4904 wrote to memory of 4616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4636 wrote to memory of 1448 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4636 wrote to memory of 1448 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1448 wrote to memory of 3660 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1448 wrote to memory of 3660 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4636 wrote to memory of 3400 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4636 wrote to memory of 3400 N/A C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2916 wrote to memory of 1244 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 1244 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 1244 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 1244 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 1244 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 1244 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 1244 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 1244 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 1244 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 1244 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 1244 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 1244 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 1244 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 1244 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 1244 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 1244 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 1244 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 1244 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 1244 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 1244 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 1244 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 1244 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe

"C:\Users\Admin\AppData\Local\Temp\7b7bc9c3d4f928be978ea3c8e4e83fad.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffea84c46f8,0x7ffea84c4708,0x7ffea84c4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.linkedin.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffea84c46f8,0x7ffea84c4708,0x7ffea84c4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffea84c46f8,0x7ffea84c4708,0x7ffea84c4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffea84c46f8,0x7ffea84c4708,0x7ffea84c4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffea84c46f8,0x7ffea84c4708,0x7ffea84c4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffea84c46f8,0x7ffea84c4708,0x7ffea84c4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffea84c46f8,0x7ffea84c4708,0x7ffea84c4718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffea8369758,0x7ffea8369768,0x7ffea8369778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffea8369758,0x7ffea8369768,0x7ffea8369778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffea8369758,0x7ffea8369768,0x7ffea8369778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3148 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2576 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,3271757865903697302,11054877679057305035,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,3271757865903697302,11054877679057305035,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3868 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1532,10856724843159518457,13126308037123194641,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2032,294891083395455137,12402164477839413988,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,4272678948585086917,8534898214519213476,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 /prefetch:3

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.0.1388578153\465645889" -parentBuildID 20221007134813 -prefsHandle 1856 -prefMapHandle 1868 -prefsLen 20671 -prefMapSize 233414 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d2838635-e5dd-47b4-8ac3-4724ef448066} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 1960 28e935d7358 gpu

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4072 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,7832536026993562250,10821807456028778220,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4252 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2040,8233724328117919456,3353836314743578007,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4592 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.1.728464357\1485940895" -parentBuildID 20221007134813 -prefsHandle 2396 -prefMapHandle 2392 -prefsLen 21487 -prefMapSize 233414 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6f305eaa-cd0a-4f3e-986c-e087c2f6c791} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 2432 28e932f9258 socket

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4768 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5940 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.2.1477078087\1662689087" -childID 1 -isForBrowser -prefsHandle 3472 -prefMapHandle 3468 -prefsLen 21525 -prefMapSize 233414 -jsInitHandle 1136 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {74c81982-1cc8-426f-8d26-5d5fce07eb1c} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 3556 28e9706b258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.3.115818901\1169430346" -childID 2 -isForBrowser -prefsHandle 3620 -prefMapHandle 3616 -prefsLen 21631 -prefMapSize 233414 -jsInitHandle 1136 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2920bea9-94e7-4ec8-81b4-0b790acb6f4e} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 3140 28e97096d58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.4.1089192561\222646769" -childID 3 -isForBrowser -prefsHandle 3648 -prefMapHandle 3652 -prefsLen 21631 -prefMapSize 233414 -jsInitHandle 1136 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {28b16e61-6500-4e9e-9bcb-ab66aceaf42b} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 3748 28e97095858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.5.1728057527\76261793" -childID 4 -isForBrowser -prefsHandle 3856 -prefMapHandle 3860 -prefsLen 21631 -prefMapSize 233414 -jsInitHandle 1136 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {73491ee7-2b9f-40c5-b755-f4c0d22fa8a9} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 3716 28e97095e58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1764 --field-trial-handle=1692,i,11800767648127606297,15151343689921036013,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2852 --field-trial-handle=1692,i,11800767648127606297,15151343689921036013,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2844 --field-trial-handle=1692,i,11800767648127606297,15151343689921036013,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1876,i,3100077806815963216,8215406031437663917,131072 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x340 0x15c

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5028 --field-trial-handle=1692,i,11800767648127606297,15151343689921036013,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4892 --field-trial-handle=1692,i,11800767648127606297,15151343689921036013,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6568 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.6.1662552213\96082136" -childID 5 -isForBrowser -prefsHandle 4616 -prefMapHandle 4612 -prefsLen 25988 -prefMapSize 233414 -jsInitHandle 1136 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d0913ccf-32a4-4a48-87cb-b99e5a8964c3} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 4628 28e86b62558 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4352 --field-trial-handle=1692,i,11800767648127606297,15151343689921036013,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1648 --field-trial-handle=1876,i,3100077806815963216,8215406031437663917,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.9.568964708\1453159036" -childID 8 -isForBrowser -prefsHandle 5552 -prefMapHandle 5548 -prefsLen 26222 -prefMapSize 233414 -jsInitHandle 1136 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {95ce5f21-16b2-46a5-8838-9fdbfb40936d} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 5684 28e99de7958 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.8.189701459\1906481944" -childID 7 -isForBrowser -prefsHandle 5356 -prefMapHandle 5504 -prefsLen 26222 -prefMapSize 233414 -jsInitHandle 1136 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {952e8ecf-a691-449f-a547-0084afd7a775} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 5588 28e99de8258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.7.1214729152\868411784" -childID 6 -isForBrowser -prefsHandle 5440 -prefMapHandle 5372 -prefsLen 26222 -prefMapSize 233414 -jsInitHandle 1136 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {abed1628-ee3a-4e27-b870-1a3ae9d399e5} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 5556 28e99c66f58 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5388 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6812 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4688 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1916 --field-trial-handle=1992,i,17145868913217387796,4829348321073882305,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1796 --field-trial-handle=1992,i,17145868913217387796,4829348321073882305,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5284 --field-trial-handle=1692,i,11800767648127606297,15151343689921036013,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4904 --field-trial-handle=1692,i,11800767648127606297,15151343689921036013,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3984 --field-trial-handle=1692,i,11800767648127606297,15151343689921036013,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.10.307785561\618476853" -childID 9 -isForBrowser -prefsHandle 6044 -prefMapHandle 6048 -prefsLen 26222 -prefMapSize 233414 -jsInitHandle 1136 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {25f27b19-3ef7-4380-9899-668bdeb8628d} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 5552 28e9a246d58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2176 --field-trial-handle=1692,i,11800767648127606297,15151343689921036013,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1692,i,11800767648127606297,15151343689921036013,131072 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7064 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8316 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.11.1527793131\1099071795" -parentBuildID 20221007134813 -prefsHandle 6420 -prefMapHandle 6416 -prefsLen 26222 -prefMapSize 233414 -appDir "C:\Program Files\Mozilla Firefox\browser" - {10e15054-942d-474e-8c1b-db146f3fff69} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 6392 28e96b2c558 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.12.2072537149\11991179" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 6540 -prefMapHandle 6536 -prefsLen 26222 -prefMapSize 233414 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8904d8a6-0ccd-45c8-9bcc-20753d19d340} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 6548 28e96b2cb58 utility

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5720 --field-trial-handle=1692,i,11800767648127606297,15151343689921036013,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5744 --field-trial-handle=1692,i,11800767648127606297,15151343689921036013,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6108 --field-trial-handle=1692,i,11800767648127606297,15151343689921036013,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6228 --field-trial-handle=1692,i,11800767648127606297,15151343689921036013,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4324 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4324 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6824 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.13.980594462\1428528224" -childID 10 -isForBrowser -prefsHandle 6788 -prefMapHandle 6784 -prefsLen 26222 -prefMapSize 233414 -jsInitHandle 1136 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {97d56914-5e1b-438e-be50-c2422a90b16f} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 6436 28e97098258 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1856,6483032551654160857,2033140937761365825,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6372 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2236 --field-trial-handle=1692,i,11800767648127606297,15151343689921036013,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 accounts.google.com udp
US 13.107.42.14:443 www.linkedin.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
US 8.8.8.8:53 205.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
NL 142.250.27.84:443 accounts.google.com tcp
FR 157.240.202.35:443 www.facebook.com tcp
GB 172.217.169.46:443 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 148.177.190.20.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 35.202.240.157.in-addr.arpa udp
GB 142.250.187.214:443 i.ytimg.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 214.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 23.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 227.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 11.214.240.157.in-addr.arpa udp
US 8.8.8.8:53 16.221.240.157.in-addr.arpa udp
GB 142.250.187.214:443 i.ytimg.com udp
US 8.8.8.8:53 static.licdn.com udp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 118.21.199.152.in-addr.arpa udp
FR 157.240.202.35:443 www.facebook.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
FR 157.240.202.35:443 www.facebook.com tcp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
GB 172.217.169.46:443 www.youtube.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.216.128.175:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
N/A 224.0.0.251:5353 udp
GB 172.217.169.46:443 youtube-ui.l.google.com udp
FR 157.240.202.35:443 www.facebook.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.178.22:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 234.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 175.128.216.34.in-addr.arpa udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
GB 142.250.178.22:443 i.ytimg.com udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 172.217.169.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 8.8.8.8:53 22.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
NL 142.250.27.84:443 accounts.google.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.169.46:443 youtube-ui.l.google.com udp
GB 142.250.187.214:443 i.ytimg.com tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 10.169.217.172.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.200.14:443 clients2.google.com tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
GB 172.217.169.10:443 content-autofill.googleapis.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 rr1---sn-4g5edndk.googlevideo.com udp
DE 172.217.133.198:443 rr1---sn-4g5edndk.googlevideo.com tcp
DE 172.217.133.198:443 rr1---sn-4g5edndk.googlevideo.com tcp
US 8.8.8.8:53 rr1.sn-4g5edndk.googlevideo.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 rr1.sn-4g5edndk.googlevideo.com udp
GB 142.250.179.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 rr1---sn-4g5edndk.googlevideo.com udp
DE 172.217.133.198:443 rr1---sn-4g5edndk.googlevideo.com tcp
DE 172.217.133.198:443 rr1---sn-4g5edndk.googlevideo.com tcp
GB 142.250.179.234:443 jnn-pa.googleapis.com udp
DE 172.217.133.198:443 rr1---sn-4g5edndk.googlevideo.com tcp
DE 172.217.133.198:443 rr1---sn-4g5edndk.googlevideo.com tcp
US 8.8.8.8:53 198.133.217.172.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 209.205.72.20.in-addr.arpa udp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
N/A 127.0.0.1:64760 tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
FR 157.240.202.35:443 www.facebook.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.179.234:443 jnn-pa.googleapis.com tcp
GB 142.250.179.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.179.234:443 jnn-pa.googleapis.com udp
GB 142.250.179.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 ponf.linkedin.com udp
US 144.2.9.1:443 ponf.linkedin.com tcp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 183.142.211.20.in-addr.arpa udp
US 8.8.8.8:53 1.9.2.144.in-addr.arpa udp
US 8.8.8.8:53 platform.linkedin.com udp
US 152.199.22.144:443 platform.linkedin.com tcp
N/A 127.0.0.1:61014 tcp
US 8.8.8.8:53 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
US 8.8.8.8:53 144.22.199.152.in-addr.arpa udp
US 8.8.8.8:53 127.144.250.142.in-addr.arpa udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.46:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 155.134.221.88.in-addr.arpa udp
GB 172.217.169.46:443 redirector.gvt1.com udp
US 8.8.8.8:53 r4---sn-1gi7znek.gvt1.com udp
CH 74.125.108.201:443 r4---sn-1gi7znek.gvt1.com tcp
US 8.8.8.8:53 r4.sn-1gi7znek.gvt1.com udp
US 8.8.8.8:53 r4.sn-1gi7znek.gvt1.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
CH 74.125.108.201:443 r4.sn-1gi7znek.gvt1.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 201.108.125.74.in-addr.arpa udp
US 8.8.8.8:53 rr2---sn-ntq7yner.googlevideo.com udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
AU 173.194.28.71:443 rr2---sn-ntq7yner.googlevideo.com tcp
AU 173.194.28.71:443 rr2---sn-ntq7yner.googlevideo.com tcp
AU 173.194.28.71:443 rr2---sn-ntq7yner.googlevideo.com tcp
AU 173.194.28.71:443 rr2---sn-ntq7yner.googlevideo.com tcp
US 8.8.8.8:53 71.28.194.173.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
AU 173.194.28.71:443 rr2---sn-ntq7yner.googlevideo.com tcp
AU 173.194.28.71:443 rr2---sn-ntq7yner.googlevideo.com tcp
US 8.8.8.8:53 217.135.221.88.in-addr.arpa udp
GB 216.58.201.110:443 play.google.com udp
US 20.231.121.79:80 tcp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.187.238:443 youtube.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
CH 172.217.168.67:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 67.168.217.172.in-addr.arpa udp
GB 142.250.187.238:443 youtube.com tcp
GB 142.250.179.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 43.229.111.52.in-addr.arpa udp
GB 142.250.179.234:443 jnn-pa.googleapis.com tcp
GB 142.250.179.234:443 jnn-pa.googleapis.com udp
GB 172.217.169.46:443 redirector.gvt1.com udp
GB 142.250.178.4:443 www.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
FR 157.240.202.35:443 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com udp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com udp
GB 216.58.201.110:443 play.google.com udp
CH 172.217.168.67:443 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.46:443 redirector.gvt1.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 8a1d28b5eda8ec0917a7e1796d3aa193
SHA1 5604a535bf3e5492b9bf3ade78ca7d463a4bfdb2
SHA256 dfaf6313fd293f6013f58fb6790fd38ca2f04931403267b7a6aef7bfa81d50bb
SHA512 51b5bec82ff9ffb45fee5c9dd1d51559c351253489ea83a66e290459975d8ca899cde4f3bb5afbaa7a3f0b169f87a7514d8df88baaeec5bd72d190fd6d3e041b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 1386433ecc349475d39fb1e4f9e149a0
SHA1 f04f71ac77cb30f1d04fd16d42852322a8b2680f
SHA256 a7c79320a37d3516823f533e0ca73ed54fc4cdade9999b9827d06ea9f8916bbc
SHA512 fcd5449c58ead25955d01739929c42ffc89b9007bc2c8779c05271f2d053be66e05414c410738c35572ef31811aff908e7fe3dd7a9cef33c27acb308a420280e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 a43c5442720748bc3520106b9b6d4737
SHA1 3ae6a4bbe5cc3acc29b02debfe78a366e7d046ab
SHA256 0e33c15bae9de0161695319643a4e46b888255d6b11af246e2050f7863708e3c
SHA512 9167b7a8ad92b7b82119edc9591c28d53b18256cf2259b6bbccc7c5c1833d20be514393845c6acce3dddc44d71a2c258ae27da3ea0ced8cded56e689f0b4479b

\??\pipe\LOCAL\crashpad_2916_GCGMFOTVGBYQYUCV

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 66af1e46727ecc1b11061d11f7dd3722
SHA1 c3850b02b5551b708cd4fc0ee4030e3d63d6650d
SHA256 e2d9f4bc603c65ac85049d74c8aa46bdb5a63aad33ac2f3097d11b28012bffaa
SHA512 b21837bc4b101f8decee801d5269518a385e626e19fcb6414e246bcfbf65dd06d5cd3fe1e0715ceda71329c7a5a2887b107c43495c98de6d6c4ead98955af290

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 65cdb82819b3aae114d7366b5502a2a6
SHA1 31e26838bfab95b8d14a8c879826e9310e9aec74
SHA256 a3d25ced84b1f37afa00ada9a26d65101b2e121fc172ab8e15ea7ab8d8828d77
SHA512 31a6702f1de7caf3e7c0d8b220448c39d1b6e793d35f5a7d933785e884b45848a77ccf79eff7e44a68050e90f621bcc9713dcef5212b73027b03e2204db11fdb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e7a909c085c9ea439267191ced17921f
SHA1 d12722b9b1e1e5e96daadf27291501f93cecdd42
SHA256 959bd24b87b1bf4c3a06d64a72d46f27cd73d20224b63304f7d1d12d9bade2ca
SHA512 cde99e1014763d9dd0d971d1847f3928e74965bd2cb9e36c7436d9b1889fd758bef849835551c812e7c5934f26e08684f3436380605cac349e94466c976824ac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 d68e485f859cee1b5159f77df06d8643
SHA1 e3c5b9ab3dc0b251824f12dbe59c6f1e0ae361a5
SHA256 dc8d79eb5013289d6a96e15243dbd244efa70174146e6e385a412690082721a5
SHA512 f3d00d44ab70a8b36bf36a9026e3fcefcba2bb0711db3cde93e7909291967ca31f1ec1cdc8d4c60c909014c6fd30da5a448d93bb68058cc1af43e36cca9334b7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 31a1329cebd3d65eaf12e0bec694719f
SHA1 4ff37b7ae2db5dc5a26f0be6e6d2d942654528a5
SHA256 7f3a9150315ab95f4138cd5876cce27469756be1fafbb052819ca298722e9f59
SHA512 c2bed900165d266998c4aa06a5899107450bd6ccfca7512de722673c12a6e3b886182fbc3a187c69fd90b500f4288c33a6290836e6270eac1a56579036c03878

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 fff5a431061b2a3efd1860928c62a7bd
SHA1 01b870f2451bf90df7c6732f351f3fc050c4ed8a
SHA256 add42c75293ef40887b501d8406f1038269f2770600ac121f3005be6f909e10c
SHA512 ab439e9e55d1fcdb3344b35f14e2fefaaa5d612652ec2e8c7230e93bf46a75ad8c77a43bb2c895e4b7586b69542f42af7030f6921189ce996d4bb249dc242f82

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a9dd6bc4288a538b2f243162fc697bf1
SHA1 784ec5d0f6b068175fc8745bd6051da37b49e5a0
SHA256 a9110f839d4b80d712a1c78a4aa3ed59b4507ac97893b255da4d8680df366998
SHA512 9ea9e120dc8ab1771d00f219f7ea29f89d4e702ded255dfafa5b743d50fdebd6d30828ab7a719dc53edc263bb7c850a581864c0afc36fc49bea948bc032a7bc1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 8549c255650427d618ef18b14dfd2b56
SHA1 8272585186777b344db3960df62b00f570d247f6
SHA256 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512 e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9162f74675ca755582efa15785c3cd46
SHA1 31e863753f68c05b5f1dec8d5bcde2daffe1b109
SHA256 57f4d41fe0558c5c7142c453faea28ed9958ce14850f141ec0ca6dcbf077d4ea
SHA512 be30aa2cfa2384ad991eba1849621d3e069945a7f70adc471ca287a53a812a4853db99eafa450eb27e3cb78d738fc41715d430013fac5f15b1ff727c47749a4b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d75647a61b37f57f883c95a61de61e59
SHA1 e6f3b8aa96da7747a3f41841e8b29d15612a3b51
SHA256 8f72d6db1b70482d47339d531a062206151505a6284c768ae6c9edd43558902e
SHA512 aa4a3c85eee1d487bafde465dc6a36edaa00ecabe1436559b61e634cf4550474d0f993a587216f95ae1bed031858ae6c16576157e31a50013b4352073a24bafb

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\datareporting\glean\db\data.safe.bin

MD5 ed039017f74488efbd697f8b2a45b6f9
SHA1 e1631ec9b783a0857a5015ef52c4bc766c805ff5
SHA256 2aace9ae8f0cd371c1a78053168a6e13d95a6362aef03d3371a4de29be363a88
SHA512 a0c291357fc562758019251961d221f6aa2a545e8a5943a327d6466b3eab1e60ac2800d5448017b39b23e9632b773c9f3c50d8798e9963cdc216e63e5e4eb4ef

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\datareporting\glean\pending_pings\934c77b1-c24d-484b-ad5f-35b473492c55

MD5 876c2c56c70e42212911fd793bd9f2f4
SHA1 ff174c6546a64d75f7a5d852f9c9c5968d6f04d9
SHA256 45fce03a7d0a1bd9985ced85c7759c9ad428b4dd073eabc3800f1e9324deb372
SHA512 c19c5c0aa71e3a3055026c86e3c33e2c1a91a2e3c0b3c1a0046802f158b7ac4266f6eac1b98fcb29ac779739c5e51b2bff711a4e20ec4cff52dd7e189b3a6b81

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\datareporting\glean\pending_pings\279ebafb-741c-41eb-b865-37670d8209ea

MD5 e333b6043e2168c5f414138367178c73
SHA1 83a75717b1475aa4d5127342709ef42caf47a8a7
SHA256 8ad5e049c67c94c96f218c0a3ff9678af86b4c07092405f96d7071f26eab7daf
SHA512 3f834db5772e6c0a8fd787478c616ff86722b3e39b776da0fd93375f603d3017fb80e654fcc486ba70749db7f283655a375356278a4fef73c367895df6b2e4c5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\prefs.js

MD5 f090bb3ca65ebc96398744a1dda90b1c
SHA1 61174bea8e5b1ea782c24a623f435ec0600f9943
SHA256 e1915989b1f95b555ebba1fd8fe166d658d1eaa353f2c69ba180ceaa23025a69
SHA512 c076d9a8be49e72c99d00ea41c6c3f4dc9aba0b834234088e5d0aa9221d7f2a913a6844c08773048003a308d3c1c4f504b56f0511cb7072bf2d5fba257d5f775

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 4c9c9b5bcc739e5e59efefd9dbbc3fcf
SHA1 cdf0633b535098195abd8f6d388e73e64264ab4e
SHA256 26ecec664b43e7a5aef12fb522d90b17eecabc08cede7eb72116f0c9582b276d
SHA512 2f682956650cbe3313eef53639d34bc00b8fcbe9ac326b1a1e13d66e7d700690529026c2325a5d31570ed354e6cb05430d9a2f7c87ff54dfdc9244e0ede488c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\prefs-1.js

MD5 4c98b5ef1acf9d8e88f34346c08727b1
SHA1 ee067cab640e8c17650e0deffde4cdc0d297ff6a
SHA256 35a9f0a87ac13de90293414b04e79b1d778489c1e57337cb8c0807f94bd3e321
SHA512 b5ad46e8cfe282c66a0a345c7ecad6936abe74ca6baccee140152dd7c91024649d8b69ab888cef2fe98660d3ebda1db592e2220f1925ae0062a37c0728d9daca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 63509dd372cef709ed899d342493dbd4
SHA1 631a04cc0bcc6a5f17596813db612938e6325436
SHA256 eb1c78a054e70238eb344d69f78e13794b7e474de9b21206f3bef17dca74ba07
SHA512 a0296fe2ebd778139423df361c5eba54cfc291541ee00476040907236b7ecec8950f1dfe70bbacdc6904c8d7780311a3c2bff514865877565e5f3f2d255d8fa4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 3c213c70aae0667f76e8e272a0560584
SHA1 acd766f8716b24ce3f6c3ec0331d9f7518ea59e8
SHA256 4bea3ce73dd0ef1104c30b40ab9d295f678768dfb6d6e934e32e0319cc7504ea
SHA512 d8f08326810c9a886cbb490a96e1fafb2b645cd092967e23d006037fd9f72e8db0586f8d4865f01ec6a1ebf8d88b3463ee0b97da6ad534cc70375a886ab0981a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\sessionstore-backups\recovery.jsonlz4

MD5 3f015d3c49726367afdcab6947eadced
SHA1 4444ece4351dde3b36d7f7bdbb7b26fcb1430c9b
SHA256 57347d36bd227add09012773a17aa92039e52601aa983884ba24c2cdbd712a63
SHA512 0d83414a18925c4907f7f5875b3c99037f3ab760317c0f6ee516fcd2968b53fd6576fea5a36411cb6987d4e6c3be05aca5228e22660e9b01286c5d0039a44a2d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5771d4.TMP

MD5 d5d5272a39b33ff436df983258a5684f
SHA1 a3e07eb880c78da28fc90ff48f7cbdcdd24e0290
SHA256 de3e2e07b0f1bf6617f6327071250c84c5bc7bd49d0ad85e188156f485326ca2
SHA512 170003557b7df04e02eadab73796c2f31ab24a7e378d1bd55936bbeb8f5bab060f31689575e73cbc0f8497453a95cff2d53f7f3ce4a91c3948f0a35f201c9bc4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\prefs-1.js

MD5 137b9209498ee65faceb034ebabf130b
SHA1 f25c1eb0c8cec79986575da89263a82093015b0e
SHA256 9cfe9c0d80ca9796f23a79e7a2d0ae2165e00661047afad22ab8335c384cc5bc
SHA512 8e417b05b968d088fa2a8360d178bb0d4a7361e3c545fb8b8bcdeecd730fb4691d7915b6ef4c30c10f409d9bb999555304c15b6f775cc22bc05dbbb7c2f4a2bb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

MD5 b1375326603fe65cd42df7fed7ce5c45
SHA1 a7fc9a7c979e62a0bed17ae5e8da74738d3e25ba
SHA256 c9088547ff6883a0646b7ca0c27b0696524be01431ce0059c4ebe765d48dae06
SHA512 1a381b6193bd8380bdb81934bb0b5f75a514c5fb878ab70dd1f7ff5c5be397298d0ca4cbe1c65ca245074ee2052322f89487807b9f73f780851f3a074f74ced3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4c4e3ccbb054e5f036f2ec3eaa6a93c4
SHA1 800ac38052f81ceea44e9abfd4ad1b69646a0081
SHA256 c28628094ec13af88213fb02979e46a62002c01d7d2da5bc5201017cdc1020b7
SHA512 dbffd3d05e3a3de67281748bea66ca0c57df6f5a26096f248119b45f39ab1713323bd61ba5b90995c662354070824f27eefc8750c08b298bbb57c1138b427baa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 76b6fd2d7bfea64245c2ea1729186ec6
SHA1 df685b55a9cbd2e7d203e00c4493c6f831bfbf4c
SHA256 065ada460664d829cbe009958de70344750bc22ffef1685d1b2221dbc4d15334
SHA512 4ded627955bc028ef0b52aa4d71b656e0beaf97107fe0927ab55ed27b13e98457158393c264c9f2c5cc9ef71c4548e98eea558298686210c59080dd21d92d9c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 75736beeda094b29dd33f13cc7415d3b
SHA1 26273460b54d51c6bf85c4b40072ac2c205ced0d
SHA256 922d45e34c8cdda9f8fbe3c10f64287c3017957186a402b1053aa4a93b4042fd
SHA512 607960ec4def43f4f23a21f98e54359957cf71e944f388f7a46643f39aa244ba8985b9e2dcba85205cbb43f087df69b821330d0dc47c9c2e383f25c9adb486d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 e664066e3aa135f185ed1c194b9fa1f8
SHA1 358ff3c6ad0580b8ae1e5ef2a89a4e597c2efdc5
SHA256 86e595be48dbc768a52d7ea62116036c024093e1302aced8c29dd6a2d9935617
SHA512 58710818b5f664006a5aa418da6c8cd3f709c2265bc161f81b9dfe6cdb8304fabaa4ce9deba419fe4281623feeeaa0321f481ae5855d347c6d8cf95968ee905e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3840_207351558\Shortcuts Menu Icons\Monochrome\0\512.png

MD5 12a429f9782bcff446dc1089b68d44ee
SHA1 e41e5a1a4f2950a7f2da8be77ca26a66da7093b9
SHA256 e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37
SHA512 1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png

MD5 7f57c509f12aaae2c269646db7fde6e8
SHA1 969d8c0e3d9140f843f36ccf2974b112ad7afc07
SHA256 1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f
SHA512 3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ef2243643c935c0793c7b9542bb33327
SHA1 eb79a521410cd963981f9f008d76b1ba26bfd31a
SHA256 149418318f36774c7bfe53d44a23807092ee15a4d1a9b3d775335b84e59434c7
SHA512 ca721a92a86530653f522258cbf2d96bd6ad3ef09709ad39257b97db77bc7c4de5eb5adf341240c4916f208c449e54527ffa1d3554b28c97aa2c8d83c109595a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 4d70c7faade5b510f695cf6db330c473
SHA1 acce71ed27f11634139faff022d3b670178704cf
SHA256 7887bbb65b26f77320bccb90a514b5326ac5536cc032d703fe2e1f28bccb3e5c
SHA512 f576dae7d969aaf4dbd1e9ae8d302b4a3a1c6a2f20a1ce7ed1e2ce6c0b4c998302afa40ec9d7c48831b2c28326d7c74aaa02a9eacf0a4ecc2bb1ba94d730ae87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe578e07.TMP

MD5 0f7849a8df9cb2546e80af6ce9d0d9a7
SHA1 81c081e807cca8b4306e0d9c9a8401c7d2a4864b
SHA256 163306ba7ddfaba686a04d4aba27743599f2311cdebf3e5972cccf36509d4360
SHA512 67b74cb31784b34f9396258c9ff98ed278b84ff6bf3f62ec0cf7a29f9ba7fcb4b579a15d3c2b37ee26d332b83a8d15b32fe5a6663f8d73d7f1f6ca2625a2e55f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\f0229e55-7a20-4d6b-a18c-ea75ba40ee70\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\storage\default\https+++www.youtube.com\cache\morgue\183\{13fbd56e-b322-4566-bf3f-504981f45db7}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\storage\default\https+++www.youtube.com\idb\4076557344yCt7-%iCt7-%r7e1sap6o.sqlite

MD5 e538b1d5697e50436fbbaa5a283f3b50
SHA1 f4ea50c803b6a3c51358abdcc4d46443827b013b
SHA256 0f0efdee629d6e153b0cffc9d8711e82b0b74a60c7bc2d9e2e9948e9a70897c1
SHA512 1a9fc00786498ac4cbfab4b27baa845b4b162ba5787cd78c799642673d65fae0563d99a68b403bc3464186cb94d9c78ef66f70a9b5748665be187c69a08cf79a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 69270861d1530063482f9f366ec8c378
SHA1 a9bfe8814f70c2d65eab2f0b721af4c353abd861
SHA256 828b5b2998b37c34979812f1a8b308eab49654b5d5e2e30ad99790aed7381383
SHA512 553ee7304a415fd1da5a320ec9fd010083df005f0a83269a762cf09610fc88d40adee71099f373d1675ec1807d9a4bd3dd583a613cf1c73e3358cee89dcd5942

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

MD5 81ac05c6d01d84d913a56c11909cdc7d
SHA1 55f6bd5429c5a35ed53caae2cd50d856edcb7883
SHA256 b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5
SHA512 0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a54b754304f36d8b6fb26c55bcc96374
SHA1 b7fc1d772a4f7bf8721504045ba907c4b49b6ad9
SHA256 b5ec26f616c416623969a06d8182f302688bd31f629abe19905f06b3f22af11d
SHA512 773b38d90db4a36dbf173dd80e83010d596c3286bd320e86e519ca3d95c3628c9a1db00253b8f0c7372aacf7d47a74077cdbb468bdce7282f8d5da87cadb0e7c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

MD5 39d7414398851112641abe197c97e5c6
SHA1 c7dfbf990893685b21141c8247d65a9456e2983a
SHA256 77582e84856ae1d4de204a2cbc3a201920bbfff53086eb555e94f6c63dae079e
SHA512 030c552abde8d74d47a829435c30fe0c09ee7a124e6abbc38ee9097bc1e440ec9447afdf69d296730e007c57e1f7505d5b751f36a228ad0bd054ac9071b9d929

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

MD5 13b557fac5b38edafe500b6f38d8d381
SHA1 24e2fa42c9d2727a15667bd87b2121ea1a7e14d5
SHA256 08ac1a7327a1db87776aace18bef3ff1c3053fec213e0142b8bbf5fe7e8b1634
SHA512 e8c998e68030d70f3a54ebc24072cf9a14db9a8357f61820164be6c65a4d4aacadf81424dad586082844e5b29ecda792f4c51a552ebf7741c6f62f8ad615b87d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 6686240bc8fde45cce7a08351901aa87
SHA1 9a77b17cd17da5bfefa44813944c2f83a0be7fe4
SHA256 5e03df5cf23f281e1468adbd4f7c6fecde0aa49aa091dff502c502259f08804e
SHA512 54d778639e5cac66fc9c6cc47198afef9ddb12052620ee35116c7e84131e10da986f45188db5ab384eb038d27d45ac7986ceb5a45f5683145b79c0f6d92c14e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

MD5 c4cf8a85caa5ef5f44353ff41c277855
SHA1 08eb62fc8aec71452e7d7c67bb90efe43c42b11d
SHA256 26aa3e1b6e153963dd10c80b60cc8b75714cb6af1b81ab1db0d2dfa1ea3333ef
SHA512 71f1f81a76e950df1fb840514583ee5d33ee0778b1479c16e23993732405b5de45dbc6eb8a5189c2672bf3b663a2ef107e56801266d31ebfe87fe899943ec745

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

MD5 d1a0d8504b6a46215e2a4cf521ddb7b5
SHA1 3d6e16808a1e17ccdaca99f37ed30468391c62e0
SHA256 cb357178d5e09917800b0669d958b5517c4f8b322c01f2adeca3ea7fa4e707c1
SHA512 2ee68d71b04a78e1bc353f66daaeac1ab9f2e1119d7b6974571f8ef1a7a20fc1ea3903f3d90f3feffe7d820339abed4a26cabb230ddba3baa415309daad2d570

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

MD5 2b6e1187601828b99dc29a13ef9aac46
SHA1 41cb7fab48a7901c5fb387d686c00cad1bc2dae0
SHA256 3ff5d2e14cfc576d42ac99508b4e1831334338b901c37c3c6a0fcd2637501f9e
SHA512 76f5c1c1899f394691775da933e376cbbfa90c7c08c0e62357b5308d14c11abfecb58f1e51841675f0200ccb711e6ce3ccd370b3e24f4a085856e6160ee4f8d8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 09669771a406b60b62b161a198e46566
SHA1 59b8fd31bddaa4b535fe4c13768bca3dc023d3f0
SHA256 71ad351ad4c777c29f07da3a383b9f450f8fd390f18e6a23605d72d5c848786f
SHA512 f1391aa207abefbbf67465f0d65b01f0ec89ce5bc5e7907efd4077e24e1cd384b43c0a1bebb9360770f63eeefd9a3eec94c216f394ebc873597f9fa25d265dc8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

MD5 6a2d775d769277612a796454b727f404
SHA1 3180d339a289687eee1feca7e6cb6a08abb48340
SHA256 5dbdf64dab17a3b54845fb68a6246bd9b5f412eb4dc836156ee68799de06e77c
SHA512 a29d2b2cd0cf7f7bd92fe9e0f812e0f6ec83a5a295afd5e8dffbf3d0734f7befe02e1c80dcdd28ea7812bf274fda6ee580e2dea5f90f74996a6fba1269738a7d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\nbjxj16p.default-release\cache2\entries\430942439A8F2026897424FC038A5E6A803DDC5D

MD5 5b13073b31cdaabd2d8867ccf94b7b01
SHA1 80cfcf3ed23ff2022784d38b5e9709f985240e89
SHA256 b95ad29a116e0613226d80a2d8c4821d1b452dabb2e53d0f3dff7063effb9d08
SHA512 944f82f06eb458c53f836d3f003d58ecf0fd5c2a43ba7402b9b5da3b9ce3d155817da4d10c707823589622bf5e9d7edfe0bc191ba5c38bc47e04d047f2b0ad65

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

MD5 92c1a75e44c7006e1666383bd2538b2d
SHA1 af87ec0804592aa3d84ebf011b756ec604859c87
SHA256 f483e3a3e8541540eccfc6676291a7b7a216c3deb4a5acf6e6b19f057f33f433
SHA512 c8e0154dcc36d088e0863dde3aef20a4338d2c38d1b5e2c2b114cc8bb7ac97d970fa910ce8de5cf089a550f5aee7ca7a38f8e45b51dfd4d71a7671c01e20efde

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 5a5c67772d44eca9ecb08e0ead7570af
SHA1 93ffda7f3ac636f88f7a453ba8c536fafc2d858b
SHA256 eef62541016d82bd804928b0fe0123d9ddbc20c2f4c0198ce98ae3adbf9a9c7a
SHA512 14a649db943dc9a756e24a043c5a946ab0dda3cdecbffa090bb71996ca3a35ad674052895a496195799def768ea318ec4ce8b97e4f2350106c84a6c4f50affb5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 2389fd808150a4f734af0c08aa9cbc25
SHA1 2d42da66e14de5a041ebc96ae0c11459e8777de8
SHA256 158a6a2f315eece853085292d70ac3f1606d279fb6e110e77c2d37b1b242039f
SHA512 ff0362478b86732c93b33add9e425671583d093424b644684c154f604fa302140a93ad330912316dd7e2f3a368c3026d778a40bc8e45a913b91527278b0aeead

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 60f608e2f9fad2d7e4825562f3ae5098
SHA1 154767d438799fe555b51fa021f90d9507c6dab5
SHA256 0c2a3be3248fc3ab07508299219fbf872766da35c101f521a84dadccf9005a96
SHA512 d29b1b3599680817142835636058eaa2facb730a3b1e5d87a97791c9d46123cfa2f6e35da66aaa46c417a2dd87f24d585455cf380c12a22cc5232a8da706906d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\sessionstore-backups\recovery.jsonlz4

MD5 aa7e4d7c023f846165a060d8a0ce286d
SHA1 82807430cd27918943c34466c6ad45603e478603
SHA256 858d5209ce85653a2904ed4c4338a0473d98669d269fb952453a9f0eed40dade
SHA512 7edfee51e1d9e1b2becca46b35f21a65a43d127162cc880fca238b2b184987e6ae006e83ef9df02a65a6dd395ba07d2009f42460dbc9d9551565c5fbc2017ccd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

MD5 3fa057a53f831ad6f787c01bdde50221
SHA1 a1fcdbaedf935bca14b366514cf7fee3e3f175a2
SHA256 efef42a7e15c6cdba8a3e03452281dbe161deb054dc90858abd0e54cc18c34b3
SHA512 6b2620574a789ad95a4e63ecdf3f76d84fd153cb664b8ac844054531b408d2d96785738efd74c1d761d5c10ced1be9ea4e9c1d019f18e2d991dcd54095cba635

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 dd5a72e9dbf061181916221786baffba
SHA1 8bdb0f974e3c0be5b48b86372b789e64dc39ab8b
SHA256 d2023b1931081aa85fb81b0d6c8d463d42630a3c71c3a15891cad374d30d0b6a
SHA512 ed5071ade26dcfd9a8dd37432367d81c1170739cf8028d241e40e657b95af17852b518aa214e544af08c48f32cdc1e52fcbfae777f8e4610c15172060835c84c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

MD5 62ce5e754fa31ce29c260476ef7ac977
SHA1 ac1f81f1e37c0347bb9bda350427911c87132efd
SHA256 087773b73f5bf76fc4b4b6294f9ef7cbbe78f503580a4e8c58b53cf770ee0bf1
SHA512 47307b45d41589b39a23e9732e29b9810909b3edd56230afe48d451009a23c5f5b1bcf369df5588739acd303eacfedf83be8056b8f44dc3559aa3da92ad0be3f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

MD5 8d857d4f4ec82a998fb460c7db6fa3db
SHA1 e95ebe68c85c2a63985e7e87476375b0827292e7
SHA256 b0cd02b34e8eea42cf44d15d7024b495440b62cb3d79282e01d4b2eca8bcc4a3
SHA512 e1921f2e1a68d686c8dceffa8e49e5625914fccd4e5c33d308e22743a111a165dbe33870000e276e3a4014ec36774a64372b8925215450c7411d78ec1eadc9f4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 a181868bbaabb08c6ddd19c99f18249e
SHA1 af2295f5c1031f7c63c052e94a7f58f85e528648
SHA256 232344db94b0b69f0af6ca74b3f533050af946411dbebb1ce3ad37766a65dfe7
SHA512 dc955dca9f3e10ea3ed97abbc98a1993f490ec6b09a75760143db4bc727524a46a0184e3307872216cf3c072384423f4f5779a709331e92dcba88e5443811325

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

MD5 af1a6635af0143507791a5825842ee5b
SHA1 5f35b36ad4dcb73658c08d912d07f803ad04f975
SHA256 fdec3353a47c2a508976ff3076b3b63512050565f241f01dca18975eeb7475b8
SHA512 7f9bb2064e70486165e23d6833f9e94f5c0f89d0c738ac9b6e62185491f09cad2a1fd7eefdeca77786f777e4893b69f0f4c11b56acaafd09be0a8b0c72ebdaf4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 4112c5384c58dee37a173b6d471c0477
SHA1 ce571e5606887b91effbcc88a218fb701d108c7d
SHA256 7d7c0d9dbeeed4faffba1f86bb9893901116965d6b2b0498f46d86b85da36047
SHA512 d279c4bbafa9ac1ff0ddc52d30ac4d4016d4825ba4c34847e6a57219f6e8eafa71c83a027aa934137040225889e8987094ed3c6aedc3c0dff9ae34862220ff59

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 9301f37b626106a4aa736464b59c27b4
SHA1 afb984ca62b766e0ef01828e28aca626ed35fbdf
SHA256 b8857d6289bbc55987e0c7b7618518a5168b2428f42dcf22c5b37f25a6fd0f08
SHA512 2f0151678be23532d90500fe941e9886b1b0fad708fdf4234c047faf502aabef53e3bc6cdbaaa57799d272e7285ad5fe0105e1aa3d10d93e78ce3e3040cda756

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

MD5 2df428c2ecdd16f6a6d2f9b1ba111038
SHA1 9ffd93ed134cf3e624140758df1e718751fe014c
SHA256 e5b8aa0cd8d6927fb90ae00d9e83ece2d8a24000572f84d6b7494d0169021dd3
SHA512 dfe8fb24846a5bc64c4dfb2a255b6c23ade2dda2230795402d4963025d711b95cce6821003caa8e4ec24ce1e2207736409d037d876631cf939ff9a985ded6ed5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a9f1d6e758cace04561999b9df5ccaad
SHA1 4b379cdd882034c559d26fd61903443fb032d195
SHA256 9366c1279408f2d2f194a74efa03923d23491a6e3936f3e44819ac0253818bc9
SHA512 f4f779e35ea377b5f87b7b8137f06215d59fecea2193c53248274f59ddbf7f142c67c775bafacc9738f7a8328ca65e30de1151b164f00bc3aa6ab85d33add218

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57bebc.TMP

MD5 f93f3baa0630e5d986ae47b68bad8265
SHA1 08c819277edcf46c80e18a1632b185f0e2c3ae6d
SHA256 e4efe730a942100348c0541be04f57597099ed296454f1fcfd7c3d7307aca1b4
SHA512 1e8de23543586099bb7f3b86427a79b9b07e453d1fa089de0ff3bd272df6ed8d479ac247828f188fac830155e0c9787d43b7c0632e8b93bb2277e8c6881347f3

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\nbjxj16p.default-release\cache2\entries\DFF427F3036CB4FD84301A0F4A7459DEC961B2C3

MD5 63f838af15f89f5f6b7a8fbaf316a092
SHA1 c05006630accaa8acbbb9f44464dbce0e4285c2c
SHA256 025a5d043c589cb6412bff50307d904c0084c728b5744c2a376d22b696ddb978
SHA512 e792a4dfdae99c96b9c8d28c71afea46e6b8796faac57944a56ba2cafeaa5019748c320285cc31524784a6e757f6758ee1a08b442ae85079c3eae43c0912aaec

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\nbjxj16p.default-release\cache2\entries\70F9110B15BE4CA3789C4E686EFE371A84369C0A

MD5 409277cff9ba9db64f83cd66066bac17
SHA1 c01968b2bbb3fac74967033dea4792492b14c101
SHA256 54e198294b7f20fa28972123b03b1f41383ba156712b850a00d4bd3cd960118d
SHA512 3435a20d7f47219f624d41b6624bc75543eabfeb0e33bee05ad670b6bea97a15fda9cb237b68fac15828bb6d6b51f200373ff4c532a33012b9ada81ae310e466

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\nbjxj16p.default-release\cache2\entries\5386253589D09F6437E215B7DD9D35AC8A9667C7

MD5 6204865a9119766a9aa761a45ee4c12c
SHA1 be1cd874ee14f7974829ae95324b44e7d39b2a37
SHA256 290bf8015483504c12ae320b15366953378dcb72a8be54a96f57717a28920dba
SHA512 b46bf3cdfe22be00f03b6c0352e0670aed1c595e5bb2aafa53fc5877fd7dd3415a0d52bf56ffbcaf1b480d7b6d8c7b3e8f416fd3a00285f2c33d090be10df6ed

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\nbjxj16p.default-release\cache2\entries\B244729BC80B4AC34542A2CF7ABB28C54E8B5AC9

MD5 592245a67c9041531f8603122ccbe03f
SHA1 997fcc94b1a250570090aa0d79a7b0eac7d14140
SHA256 bcc187dc1b624f2265d0ca842fef730945b82ac6baf19a9d63f4bc8a1088dd59
SHA512 803a330dce27136601b8eaa3ff7ff6c14700e0f78195bb2cf73b15e95486fa90ac508bcb3e0531e88dfe02d0fcd5cb45ccad6fd3e59bbae8d8a7f4488d7ae427

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

MD5 c24509b5c94bbc7938d432e43df80930
SHA1 7e3393ecf872fd9de12bcf982793e77f8014048a
SHA256 7e3e1f385dd12010d4ab92f2178202bccee67b0f1b598bc009cda801bc6b8a7e
SHA512 a6fa8443dd66f7fc89b50768e0811a73b3810bb92ddc5eadd077cb91a96e774df1e5eec33ba92fe559d6d2c91b32be986113386879d282f60cfcd5faa038c8a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 2a710e17f7ab1643abb00f5d3cb8d304
SHA1 3bbbdcc897e4e425ed83cd7f880090c7972943b1
SHA256 436fc6b724d8e1155105618c159cd3802d2b3bdf0208d20e4bdc4d61f214b150
SHA512 ad2c579e703d0afe6ecbcab60d9ea15c1791ca6b47089858ecf0d43cba2e13fabcd4028dc57a6d02b75ec6273464048600125f1f0b1ebaa5074a3769965b3848

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57c6f9.TMP

MD5 7e55bdda07b277979f0f82f16714324c
SHA1 3c9070c9dda24e59e2e5d1ec1222870b8424fc0d
SHA256 fdb70212a4bd6f25555cfd9bccd7a2b984ad95746d8115ce60eb12cd8810008e
SHA512 34139979610bb589585e706b3e3b37a5dbd8c7b12fbd69207d8ac41e674df85413022b806790c39c94cbe79575b836bb53fada7f14b78edd349e0b3b4b3bce68

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

MD5 40565ae77bdd56c5065c3040f299cbd3
SHA1 326505677956a0caa2d8c422b300e510a0c44099
SHA256 a366a1cec37da47e00204083349df8c8ab365b666391bad9298ffeb692539ad7
SHA512 630930aff08acd9b76e3267597fbcd35cc74f4faf0180d8b164896b8ea0fa487f92cd054f0ba3382dfcfafd8a29d7b202ba4c291c6be3f2900cc4f64963d62c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cf4e39723589b340bdfa38a3c8739d3c
SHA1 59fb97a85e078bea2b81c6a98cb33f069cb2c8d5
SHA256 ce2f81dc43d9d4620d2de64a199c97d6e5e9e155604bacfa3ba627b615cb3382
SHA512 1c6e34289c5d6e28104fd7e096ac9728c4c8617d780582fac2eac842feee616ed7907e9cc3f257223f60b00e7a79d526b8eadaf98aa45fab92e43d5d381e0f4f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\storage\default\https+++www.youtube.com\cache\morgue\157\{f8a2fc0b-c3d9-4fc3-b5cf-f7fa4f0f1a9d}.final

MD5 2300eafff09d478fbf68f49fdafbff49
SHA1 12f127da15a69beece4f71f600975e0503c77ce1
SHA256 f8c94c9f9dd4455eb89053d024bfd28afa482a9c697732ce5acb2df3144e885f
SHA512 93d447b0a87e4c25dbca71a80a198693b12c684c0a96b370693d693899230460bbd8c85c137dcc0b4872bd2d85fd0d10bfe3f4137c1b08f01da3a9bbfa481447

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

MD5 b3553606e24da1cbfa66ceffc8eef659
SHA1 222ea4dc609d7668b27195187c380d1848f097ab
SHA256 b6628b77519a62c7f0657681da335fe4844f1deb48302c691a496f4798855999
SHA512 e45814b154acd4936d787955ba7a78f79a2ae850ec31f217d7bfce8e1838bbe1dd4e6aece53dea904fb0c67e977d7d9ae03e6447806fc807ed09bfe49a078114

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036

MD5 9a0a88b2f6e6b381ab25480e2b91922e
SHA1 3bb5cdad886a0038dc2acb1b085d961e52ac3b11
SHA256 f92c7d8c799de4143f996737d4045873869ca1b6b7fbd12a29acfabd5a854359
SHA512 31ce4014b2b872034c96a3da6e7265377d4fa9c4b8edb9476a3b28391c433d5bb5dae634eda9c5d98cb835eb9fd4756f4af5f513505863da489c7b67aba2af6f

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 0827128dad965ba769a3d99f6eac117a
SHA1 4b11e0042acb7e0d3e1eaaa7c9f6b62560ac5b88
SHA256 2fa4f8afeaf4320641597dc646ca55e7441d17b20f2480efab4313d3f85a737b
SHA512 a20d446a0a87e9229d599969c2706cc1dd5167a1e8785d1ec626cb37a41ad483ddfb0c56cac5f3077015e1a223a156838384203542fa3e3b15e77b9f96c87403

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 e864ab3816bdc0fc913831104e0888fb
SHA1 895ce18f1a885f3805f32d164bd0854cc719f496
SHA256 cb6e1a64ad3eb6d12acd4c956d59d975730674bf049f2f676a619691bd2de656
SHA512 b7451041acdd3cd46fc3650b22a58ce9796eeabfe41634c69fd83b90702bef9d91da8b8c927ff15aec2505dd99915614711878d24334e83ccfb4414427ac71ca

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\prefs.js

MD5 d71eeda3fe0e94e46879b2522859cf53
SHA1 17856f4989f37081628c83ba08fb6c849074e071
SHA256 02436fbb0e604ed3119b7f5a6373106af9903c8d9f18a1fde2ff09659c5f106c
SHA512 c4c559fad8e0ced552953180cef18cf775e24c4c0c8c771d776ff03b92d0e8b9c29da1851d12f5c47e81f75858ed993d2e9537333bc6f5a228c61e0f3e8240c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 171cf35a865ca7236be5ac070d004280
SHA1 c4fcb1e65a14794ea1676ca6251cd6e81a06cd46
SHA256 3be9bcd95f9cc0885b461a96903d14c594b1ea7ec3014c458babba1aa2b7b3ef
SHA512 eb0b7aeb96a1172e7919384cd8e6b0eda9ec16d9b239f327aafe50e77b19aee3c195feae86b3075358f0f6afa40767680024d2daa73fa92180420dc0783c9a6f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 3304a76cd7d4cbf3d7a62d22ccaf2e2a
SHA1 bdab0d63f54bfa4bb7bb22ffac8b8e9f12a51166
SHA256 eaad36ee01bd0100a408c16dbf27a6345396058a36122fc3e33a31a1b2bdde4c
SHA512 8ad2bb202a1c5ee6f1c2e0819daf27badd82be6935acea0a49dfc879da045491cb5086f75d0481bdced1a6ded469f0fc91bda6e6b10604575234cf6f773dab0e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\8a2b7646-a8fb-4ecd-bc7a-b7661dcfcfb5\index-dir\the-real-index

MD5 46af21bb54ac5e5641229dd0e8083f0f
SHA1 12eb974286bbe4c9324434917505314c3bce2300
SHA256 4b49e8a0a710c0da4b06f63bc1c4d387f3a67844e12f996f0acceffaf270bdd9
SHA512 aca97af2fdc513f7238a4b91593632cc2d1c01842c9df616f0a8bbb917b787224e67e3caf727d916a6ab410da147ee67a99bbc09ec594ada90b13aa7f94d5e90

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\8a2b7646-a8fb-4ecd-bc7a-b7661dcfcfb5\index-dir\the-real-index~RFe57da72.TMP

MD5 ae825c1be2c56c616fae5be948aa58a8
SHA1 9941f10438d9e9f97665862078007a520662c6d6
SHA256 fca905e4c1fd7b5be8544da9c1d3821cd45b08f8d51b1a578bd782b6fe48a165
SHA512 2b70cd9e7357136d2f02d9d8f5e643f268084d69c8cd90e5bdf8392cb26e28b76a5283f069957c9198be597f15ecb8fb80fd01b0d3d3a416bed0750c3cae1a71

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 fafd9697e0dd08cd29478fbcfc2bdeb1
SHA1 e377c31336912238eebfa80ff5e8b3336f210b30
SHA256 56afa35d1f2feda3a5f41a37d906ada94f12ff09070f914d3157110ffa1e0202
SHA512 3aa79248f709621060866e95ac6bd93da04df84d4203606667316d50c3c7857d04058193ad72b328f8cc5edf00cbc263c4afb746cbd7a8b77de19465029505d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 4394118b4624d61d3ab3a76eed92e628
SHA1 3bb7a2d4f1cddcb2b5131bdff43819f146d230d2
SHA256 fa20534a4774bedd8d977bc98261a72237fdb3ded2f99a2b17c91d370dcb0636
SHA512 98a28a2c30d66b270c699d3ca8ef5ed15350013c54cb67057941edca556eec894848a46df569aa002dd81d2ded03220e2ebd96aa1aa2b40f5c9a393fc101f4b9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old~RFe57e02e.TMP

MD5 7dd42193e6e9d4017e00788e2fe53e48
SHA1 c2bcadfe5fd6e7ef7eeb421a46d5649d26606d41
SHA256 f2a01c40dcb4bcd40fc4e76b89b4ad5988250fa9e88bbb0c107aed35dc236b0e
SHA512 9b7775c29eb904c25bdde0a520aa928e070b97dd81671abac11389f63a724a28987177860707b3248760b1e2f1ea219019746438b52fdd172f59577669b1cc07

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\prefs-1.js

MD5 22adce921c6d4567167fb6fc3269f176
SHA1 b431b4ce3659babd4c18924f4cdd964345fa8b51
SHA256 cd3acb7b7d906a721d5e8850452fbf7d3cd25bd9300fce1397bcc395b290999c
SHA512 e0945410ca69e4b145584998d03024f52767f47fff7458d26596831ce510fbb6551936037219ee0fbb28170388bbc9706aa44203b2905165f6f3935d1b436173

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 44531b686b66505af9c1b18002c07a6f
SHA1 dfef38451c4e67e91553fe06f9f991b1214bdebf
SHA256 3cd345867eadfdeeed0c4da6178b602fc9c8df0e950bd58f486181041193928b
SHA512 e9c9e1dffee2af535fc2631731214008b996a01c816e0ed8bbf23a5e9b805e0fd5d7932c70c39120995d753cc86ec0ed77b567bdcac0162d54d7b437dea448e0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\sessionstore-backups\recovery.jsonlz4

MD5 1bc639cd5e538907fc4278f81e185fa7
SHA1 4aa1e672cb48367121ec465edeb264418f2f6984
SHA256 45233d716c58cd868e928857ff7e6819b38c6d36e4f0406d8601daf79e538997
SHA512 181d97c0249974a717f53f9d7aced2362b64cc172c830949f599c4a82876975669c7b0779c021ec25f565813905d8fa8b51f8e973dfdbf930d5d4a6e03662ca5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 70248cf6aed9888755a51d6d0a674b51
SHA1 05c13aae66f146a0ce022b2162d01adc92af0b74
SHA256 47bcd6e3800126c57cc708e86476f67fe3333cc9e24691ca7c7e63db8309511c
SHA512 41e338cfb5bc3f5044f5825da2411aea88272a4cacd3b772c0e22f3b8f250aadd371bcd758044768b7ed5f15f2c1dc889d4f5be4772b46996467c4b98825387a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 daf8d198519eb35db5256ab89fe9dde0
SHA1 1ab60708931b38ab0f5432841e35dfc97a4b1810
SHA256 b261305191eaea41a986188944ef3452ecc1b00a186c35e83ef8169e00a191cd
SHA512 6b2dc159161a770f147ac4cb00d9626956cd1c01de8238ca0e89255b4655ee93f66b39322f305f743aee09526401ff5e572a08295fe939e26aa95eeec98e6709

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 8dbe7f66e07985260f989674fe86b4cc
SHA1 1c436b8a159e613897380c23957e4f18ba6bef5b
SHA256 4c8fc92f15da3d49be21d24f1caa8a263c613612157b9020dcfd542478293eeb
SHA512 718f1cb0c00d9df108db37a3b64580e70a79f84fca5c7e71fda0d38eae65913bc268593456a23a240a72e80d0aa10135a571102d7f415ca76248ca92e771f249

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 23e9e30a4e9fc983a35e2c608c9f93d8
SHA1 9c0a62829a2e228f03d74bdf4ea6705e3e113ec8
SHA256 07d2028a62d101e125ff60f41f3213f24fcf67cac2d4179ac2e44c210f37d40f
SHA512 cf0e60514b9563d6cd5ec9855230adaebd7abf77182de6e1b45cfced86e7e49047b2c21d1b44b6782bc5920495307f689d47741f16de89e0ac65db9d397190bd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b76f3411e8519ef5dedc0d8a2741709f
SHA1 df3bf1c8d5cc0bc69c299752dc5d0187c7720a26
SHA256 7921ebcc8e88a04b63613755c52b82cc620b6f0bd4981b4be3594d6d38738ba2
SHA512 a8720191ef6228b391e4f07e45c5e3ce2f62a971c2f040b2af79e25b9ad8d4fe8cbfedccda76c898491c190f2c3ee8540d010ab7905e3a9ec77773e6b93c8667

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 851d10e763f67897fbff47ca8f7b5241
SHA1 4284ca33d64db0030d708097254242bf0d064a3c
SHA256 ce6d8b55b1fbd8ceb19b91127686af899be8f7fe4a2c731c429cf622a09b00d5
SHA512 a965269fb716c9377d84570cb17c7254ed7364a5df6bf82e5e77760faf5fafac02b70e495339f6acd348c2827add4e7c6cc3280ac766ec369e19c29192726e7b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 eac8efa3367cf44bc43c344a9768018f
SHA1 9042e452fa4cdccb2e0621219e44662f68b57d30
SHA256 afd8e50136a09148dc5df70d246616e67bbfd731f28062ed1f33b8434482dbf5
SHA512 111bfdd72ed2eb80268c7e010f3d408e094897a51b31f883d1432243cd8d271fbba9c4d903d454b74e489ec02f70d6aabfd16e250d997390035184401f5174c7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\sessionstore-backups\recovery.jsonlz4

MD5 f19e92257f2bd8320d2b4ca78a19a6df
SHA1 dfbd0139c31e2ed9e98da3ffb9b3ef46474a2450
SHA256 cd99b52036a0f49c11b08f9b122e1ca1e0288d5fa32206445b40a266588d7600
SHA512 45a6752a9940e2ff5a36576ce6569da11bf87d6e68482edd17ac2c476db7c6346ec78f61153d2ba8dbf021b8e83d2efa39d4cc6436d6d6029e44e4457f27b689

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 85858b1958ae18111eca0e0f1a897492
SHA1 7c8403a77f210a64ba14579973d1656046226f67
SHA256 cbd6c02d64b74a7ad42620dc20ec2a24b681b004118733ff3a8eb60f6b77802b
SHA512 97b9ab43f795a79f37483591aee981574aae78c6130d1b0ec28ed81f738e4583300a26a139f46ccbd2366888dfbabaa08e32bf130e428bd913300e45413b0db1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

MD5 3ba7e6919bc260bb6ab523197f2be3e1
SHA1 ce2d7fe3aa42d99d733266d023f6aef3766e7785
SHA256 1032fd6f298c16aaae3f1ae2059591f2f5d40e839de4f22a5bb6d41c38a39818
SHA512 2806c96ff57678813e20abc51ffbcb8ebe8986b3775df5d42812be6b50c905840503486d1b963d1fcc6c3de572da4bf9ee175b802032753785d3de69fb0768fc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 3b2df667a176193cba046f74787e731d
SHA1 0525109b7a249a66df8c8eb7d24b49852cd076cc
SHA256 f38e1d77aa0173d1c110ebbc24f55704f74d28b33c70302f1170c1f4213f611e
SHA512 f6a90da9852126be776f2b7b488e04d8ff3cc6e0f4b222e1d9fb7aa2c938d586d4c88150dae1fecc24606c5a80270eb7c70ca4286a0efd2c2478aa2701056ebf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 b55159b958e4c40ed67657e846f89c75
SHA1 456f735e65e80518a7023f9dfa3ca0acbc206293
SHA256 7f1f7a987ba1164a083e8d17f013f6c12193c260a836008193d73db220a87b92
SHA512 b77cede8ed263a8f283d36ec03322358ab6425190424c42062ff3a4b1e73e2e10a10de53f715772f4a0d724f411f8ea7ff8fe3fce6ad7a359af310fdc2524119

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe583a45.TMP

MD5 69afa963ac837e3c6634b12ebf3e3761
SHA1 7e16db1784d1374ebe2ca8eaebef56e195342a26
SHA256 9ee090468dfb83f3d897a5d2c39767726bcb3ba2ec813a57468f7a91a35c436e
SHA512 f43771e7c3a10fd8a2159b592b7d3203238481241f8d395ec1c6cbe36d7511c2382943c93aa3c0b62c29114a81bc2c69989eafc2e97a3a58c0fe7e8fbed58a86

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 e538cb88929597d3c0b477e6279a0c5c
SHA1 c974de58f23459f16aec4444fdb507fca053d47c
SHA256 65482720e1f18b24de8c4d08e6ddd0f8a8d408a9b1ee49eef6c740984afecafc
SHA512 db31db036d22b39a517f7453b6a7167d0c11a8ca2dcf70b13b73aff1c7ed35c4673bebc2d4e7feadde660b3f88a0a6efc92481cfbe8024e629fdd10a45f28175

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

MD5 aaba5e872ba07d60f556b78df854279e
SHA1 93d1494959f4027195f527db143e5aa89d60925b
SHA256 0d950d310c06f5df42df4c095f087e9e04f1df621baed053ad73b6c526cdb75c
SHA512 fb9f3fe53d97caf3624a5cfc952daa6fc486e153f9fb33a3456c7f86c655214b520432d150286dbe383bb30fee251f1f63e89e6bb5b45618a541ec03f8a94346

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

MD5 bbac7bb99faedea9a0cb17dfcad195af
SHA1 409312e9c3a5eaa03f2c8227a3693e8a6dc850ff
SHA256 b286f84ee8d1ad423d6c6d681d44ec338a542abff016773fd133db9eecbcb3a3
SHA512 727cc47adb0225730fa4dc9b2a791fc9b88660082bc9ab4e2bb65633a666772a75bac12cede3feab5609fcbb3c4807fad4a3b499d5633ab273e625b3650e2e5e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 8345f9338720b5735f181667b0e86e65
SHA1 eddddfbf3064936fbf0967603be935ffe77301c3
SHA256 845829626a2f1f4d7cf219ed951cffce95842cd6fd00981eda164d717438578d
SHA512 4fb65cab61cb1529ccf74fd09d212c55cdbde2ee7eaf72fe7aa32a2fff725a4e9d6e89e36a9dfe5ac093476f5cb01a49be5b802906d0e8ea9dbe0408853772ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c960a840e0bcb7cd7c17c4f73930d674
SHA1 ca9d10eea0e8c4c767ee2e07bb7a10b4b0cb2150
SHA256 c19b380876c4d4b7e8f20772b67e14b3726fc35b1dbab2d73e63c9f221ae81b9
SHA512 1b76194c3c902d9819d9e4877605aa2d7b5b48616d7ef169d1ea7469502c5800d97397157764ce9ab124553393bcd00a63a72c3babdb857eb5c914ab073e7f61

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 33398cfe18faf2c4e8283c610462bcc6
SHA1 0f6897576892fcefa0fc8bd0213d9fc03844cbb2
SHA256 1c97485cc90ec17883ae42920a74d9776c72efd784709b6331642cc7cc781728
SHA512 8934847b3adb0c5675e653bdac8f24465631d3c03d0e63c6abdfa60a3e8a870da2ba8b05c6ea759a23819cc0257a06e8da65bf6d641142728b51334656a72f84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ee5e4c216518a48467a9f9296f5eab27
SHA1 de5fdb1846ecc5023be4f662e373858fe4ece65a
SHA256 110a1b9734345db7ee0a58e0d919b75b51ee48de2ba19e67a141cff29d65bd5a
SHA512 cf83f648b7986dbfd601ad483c282820fc94c4badb05ed696274f536ba6fb4e7cdbd20ac828ddb74ee13a609a53d75e96e528f68f19eb30c5eb8860c712fdeb7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 217386fa02d2cc80a31cad8efe43d953
SHA1 1ed72643110a69a5059c4a952c831b4f098bbf33
SHA256 85a4103c5612e8b8db1f560dddb9822150185fb97e577e0cdda58e50393c6362
SHA512 f6be1ea4e0c3378e750a3349c55bc97401725e60104f1c7529d104d130ca12ba71ca82ac0ca68688651709d2fb12f648736da59cc2a134137cc7a1b1c69026d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 7995f7b3631e139d642d29e230ec9d26
SHA1 5733bc8cca4f8b184798cec09a6f4261c6ab695d
SHA256 dd071b10c210b1fbabdfd1d3ea1ae3bf219d023fa8852f111ec2e6db74aee331
SHA512 22bab32bc14af9b601aadf1f3d41a0066fe745fee3ce0083a97494fdad6875caa6b1b8c9d46afa24d8273be4043b143a8ac40f4aa4faf89a2b92cb02ff07f22a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 6cdda75867cabdb8f2a2b929f15c93b8
SHA1 2154c8c758b142a0425f49b1ea1b4384412757d0
SHA256 092e729db2a51b5f7d0a94d9c391b2e353253d5e9432bc98ed5fcdf0f9df2054
SHA512 cbbedfb00a7cb2e7449218dcde008460084b8e0437fcea6c20a01ebf4801a4fa923fdf0ddcd4768c33dfea80c130d006ba51a5db1acd0c356918557b7b7d305d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bfd4913138e7e495987bcf938ee66bcf
SHA1 5547870159a770b3431624850f0918cb12573cd1
SHA256 31814e69f31831c1dc582f7ddde30efa1b96058b135169590bc870303f2035b4
SHA512 137d908776e1dba4fb4e118b00bb6e9bf504ccaf81a19e3d60d80a2616beca27ba30e7809f74359d79bd8b91d554699d715a13b20511168617e9918b0e106a39

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5f0caecac872969e25336349c7b2864a
SHA1 0535b8a9fa03ae08a020ec724172ab16a58434c0
SHA256 c5dbd1bf786e31cb5a58197be41a2ed738c914f9eb0b23ed930da0259b2c299c
SHA512 02a8fd795a58a716b77ab4b24ff05bac6a32103e91d5720cc534e76a1d527be38087494dffad949fde592f7636a5138b14c87222603f57fd6b290fa46f05ec55

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 cf750bf1ed7e46f4041b1cd1675e3849
SHA1 7f9d679793a6bfab49e0eac01bd9cecb8eab5295
SHA256 cf27f484f3287ef4e84b63823125f9874bd376d81f726fe21e5e2a08bec7bce9
SHA512 2a99b5633933e4d37f3d67b30b8e391222fe047e0586eb865ccdd52ae88ad1ccd8789d03cb7e9ad43327d9ebeadfc095d97a10d47ffe3df3788e0fc677c8f7bd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 c67f6d5f4a33aa452388cd2e520087a0
SHA1 a4a98d7102bf4f59d5c749b2d0ea653456af8d08
SHA256 4fc49b20049debce8296dc310d646162ca79c572743189723bb49d4f5652c658
SHA512 412e18d9e4eda08afc9ca86b4f6c152206a02545fe48806d59489a4bc1cd60344549eb94e5fe3ee7401f5294f41f1fd0154b58d9e7a7da3da503c11b751ffc31

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 713d6e15f8ca3f9da216a7a91e16f925
SHA1 226dc2856afba87b5a53431d0030b9a9a2557a4d
SHA256 b42b337c7e80038f1ba530c2d4f5c2b820cfc3828876e8e8a973a23a8b8b3a25
SHA512 9a257144850ce10ec8ba7e62172db083e6a96b389f0a273d1aee2d19a49c2dd613b8da1fabe6a2d0140c5149b3c8af3a7d7d3f4d8687dde9bf551c6f50922488

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

MD5 e337014ceba65092b027bdeddc48b00b
SHA1 98ad97b8adbb411d6d4623fab506924aa6772304
SHA256 c8376c9fa189541da0b65cbac556fea079eba00755803b97808f79b6d2b07c95
SHA512 24dc7ea8954498d7eb926f6ff07d245d82dff98ecbf77093b717351328434306d37c0a95aac208f711c8f3bb901ffa05daa974aa719518eeb14bb844df5e3d6d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 66abfa275e1d8795de906d8e040296af
SHA1 2e309a56e16b4d99190badab3fbe7642448b1516
SHA256 cb719b1a6bc8e8029cd3339e5a03d0cd8de7a4af8d5f58862fd320df8d298a25
SHA512 6a0d18cabaf44d5cc6247d2032406ced49e5569547adb38b91224d8e6eb5c3965e1a6db307427c7366104ede8b05330b11f318330a1a4167542fb7649da3506d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c8df7220f7e3c3c69d0a57be1d45410e
SHA1 67803125908c44bfe141fa5a00aa3934a8bc642a
SHA256 b7fea5d410d2e2a32991eac5b74fab71fa8f38c120528c3a5c37e722bfd19dc0
SHA512 3980dc2533915b7301c937a60c4197a607c06c7feb2aa33555fa9f06ff0fc61f37e5178dffdb1732d51ffdd333ce2dbfe04f74d06a2b7dda7e0ac26d9eab3a81

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 895bf045f5ff56abd3ecd99ad332ffe6
SHA1 399f049e7408f39f54dd0d7ff2deb6c6c3a503f7
SHA256 9e4d442f50ace7d85a74ee85f19c3f69d6e4d9ab9e3056489c7a308f28c741cb
SHA512 95728b0e86e029a5b2ca25da4be0bc2842cb88c49c51d4d5fbe4facc8b7afab59bc49d0adf16a9ca44b3790bc079b8942337beb4b8dc4101cae44b2857ba3b93

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 56d3285737e2dfd634b54c4f7ec14581
SHA1 e82013b3be1ea344adc5ef05b731ea344cfdb4d8
SHA256 4a9b305a5775f239a2c5324d894920e1efb70b78d621b66883df8aca38c6f949
SHA512 bc3b37fac0c2b41dc7afcb9b61ae74a083733fe2383f429d26a0c2f0936723777ac7556ae8881d02d4161dd1a7cf815d7b198511efdeaf892615a5744178f512

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 25b826a6e0c16900f5da169bcc1acdd0
SHA1 d8b5dd599c9d70b0bd88e8aa6334e7a4aebd9705
SHA256 7c77aa21ae38ffa4f8ad7ee0eeb8217c0d7aec70d7c7a2a56b7cf75c3c8cd658
SHA512 857f0d43fd34fe6f89e0901898bd81caf71cb7409c3794e6feea8f67378151d6a47279786f45ae018c97f6654f4783828f866754954ffefa555e8c1ab61a409e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8c7b6350260c8151456cd0087e3d9c0d
SHA1 a4d839bf842a4a5c79c9c8fcbc0aa8b1dac9ffaf
SHA256 e92f74e9f940acaac414d6596dc34ed7519a789de7e3c5c6a1f1e7c632563788
SHA512 59d4bbc00637530636afc71dcaf0dd991ad513915e1637520484addb3048fdbc2062cff0c0780bbe3c6691bbe1f734b34b27c80baf3e2d903b85900188d04ee4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 f11342bdf73c819f46799384afe051d8
SHA1 890087890ae3af5b62a7be6a93bb0c1ddd84e8b6
SHA256 ad83133e8a0894baa52ec5cbed72ee593a27168a08acddaa646bb6cd8d36dc54
SHA512 0621174a4e5491666cf8ca6c1016d0ca3e44851786fdbd501eec7e65326041c2eb8c57a2fb60bb9ad349acc0165328f0f15226ed9dcacd89e4c1bafe9a7817cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 500114b0edbea5cbb38b15f7c1dc100a
SHA1 fc67342e3c568268e79320b86fc69646edacd50b
SHA256 dd16cb2c28a73bef87b6e8e2d0bfb086f679fe29ee771992bc193a6e8b3a0272
SHA512 70f91875731685eafd45e73e9c84f224d0d114db03367fd754a0d8889ca330d7f0c7f0e307e45fe426ecb318f96ce37880a9112f33e0fdc54064412a0759db74

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 eb46049c5857a75e8b906da8f2144366
SHA1 9ec4e7e1aab996c41b0fd7f383ea8cea28e128bb
SHA256 ec274e9fc2a9ac50897c150df8547ec21e07df5d8ff37c7565b65a4dd97a53ff
SHA512 5acf856459d481ed12290eb1e4ba15e52f583dc872436f7ec1094ba802192ac0e163e7208bf3ee87dd53d923061972cfe7e6a275a839dfc05e3badf29a7e53e3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 43c55eac9e6f45e25a094322d1a85d61
SHA1 e8ad1cc22ba4cb16eba4c0e2add9850acb6f462c
SHA256 8525c0b4a8c0afb86f846655b778372dbcb89b9a5f656230fe4bc0965333a398
SHA512 eb55e2b8a8405578f099bdca6d082d055d69d4143d199a1fa74fef8209c0fda5e601ab4a590e94dce7b2de873dd9191a1d09303932f4d8fc82c7cc30cbf5532f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 bd1fe6a38da937650e582aaf0ec4bf24
SHA1 699a2d8e4a93344d111a36d8d62b8d2d3929db7b
SHA256 b95ed22462890b82aae64a6e16b979cb62ffb33b357ee8c8054e33789b4542b9
SHA512 f4c298fe69d8f698ce61b14cdcd6015ce6d5d83151500056f03b7acaeba878cd684563d5f6fcec45194b53a01c21c2cd08200e83eb7f5060ee92a468d69afe5e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 610efe53782ce9e84f507aa91c48838c
SHA1 62082788b01c4f44f4336e673bc972962e0b9538
SHA256 62ccd4385f1b4185e97e3efcf9f843db794ae8c9d04da4a6f3a81c67527db5e6
SHA512 ddc32f21fb2d4e511a8100bf128352685adb27c8ac45e2c851022a5c6560e534fe494aff01a240b4c8c3147181f348b58fcc22ddb0dc890b3c35dca705f78f15

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9754098de1fa28bb1855056873c32456
SHA1 86ecffba56e05979dfb7538b87d5932d38434046
SHA256 db3f76cc470843c5318c32d521695091c50b280aec17bd387d79f8e91e6269f9
SHA512 c2552b0e98ad025f01e22fb12851c85eb219176cd4acc034d5fda62fe8d52451f0f1cbd64cdf606f072d2d4ce36ddfcd96914ad730c29af21fe79810ff737e8a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1504e91f87689223a9f2a018e15a4300
SHA1 5b07a4f985144bb6d0738778b33df942f776e4ee
SHA256 9a17bdb77ba4e5ba9f8ca113ed0a7e15137ab30f94c2a7f1dab0353fcfb5df3f
SHA512 cb389883c753095c3c2e1c4b43e68b5254b2922d6ca6685df6400e8fcbcec3311c05d27520b6606fc86766efba2064463f21f446dd4b525f9d25aaa719e201a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 5341722f0640a204a2c87d59ed4d3920
SHA1 6d31f19c1877fc51d4b6fcde01b17c993056a7d7
SHA256 8248a9059c1425f84dbd8ba9e5961eacbf910fd96dee3480a5d0cd2cba6cbb11
SHA512 efb73074bfdea7cdc9f9bde0e831cb72e20cde80c879a4b17ed0f4b850354d992ad127640f2a5672e33036a0513a4ad3063c51da2d2d1391620442869e30876a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 65f558036d19936f75a883056520814a
SHA1 94536089fe1f0a9362b7b1e3a9efd4e03e412861
SHA256 d899d39900b408c39181b216e5ab3b64f4e2d4becce9f4979d6c097ce2928cfb
SHA512 bb669dca2257d61d50d6bceea5f5c90a173862bd67ac9ac594f10e7703d87b742387fb525b669567042169b51446b59ae4a11a026265e03521bb465d8d8580fa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 c3638b6bb639cd7f25af487c3683a945
SHA1 7c1666e776f7b0dce5e626ab1cec5d32861657b1
SHA256 c587aa1083831b5c829a7b27b72a3d73151fbdee104495f2bc20fc7d53f21c3f
SHA512 016b5aa65870cd94d6c1e96dabaf37b71188388e16a1cdb30bf9a8c7acde2e9d0e52d77b421dc38e82372cecba705a156ff008c4a02b54cf1ad0a574fa05eda8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 e2b7b84358b69e8cc5110664a0211b6b
SHA1 c473fec48787d879ab49e1dfcb1e517f4b381d4e
SHA256 b552bfeb9171a194368d7d6d63cc057b4fb384b5154f52af17ffd63aa1593acd
SHA512 854144909cdd4e43d3f329bc58d9e524df1a15e561d543b89f4fe011059d984c2270fb16454a08711cfac0b539b47768e75d43a9517f0b44f9464ff1da2715fe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 d5b7273a6bf068ce4c8a00c5b4cc7c60
SHA1 5f623a1d773c6aacb2992ea7908a2c92a171fcb1
SHA256 3faca651f5d971467918cdf23450deccbb0e025ab4f42f0e32afbe317d880fac
SHA512 a8ca9cf13a52b8daa7943c067ca654d411ce1f9e77cd07a98614788ad54a0d32222a78ba90e974059f925baf767e21e663a5027ddc79edd9ea4a67bf33df53a7