Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-02-2024 14:49

General

  • Target

    cf1c6c9cd6fe79284928b6e3fbe50e8382f486fedf5e0f982156c1807a8f341a.exe

  • Size

    897KB

  • MD5

    9304ea2d54fa282616673ca9b7c76f2c

  • SHA1

    14c9fae7bc84a342e722d0d3d0e3939178b625a8

  • SHA256

    cf1c6c9cd6fe79284928b6e3fbe50e8382f486fedf5e0f982156c1807a8f341a

  • SHA512

    89441b3608ed3f0b71869d66f3449c9ff377e799c44d2cb12b74ff52b07f944a050540efad9830116ca0037459b9dc9f4a75bb512b407375cff45b50d7873b67

  • SSDEEP

    24576:hqDEvCTbMWu7rQYlBQcBiT6rprG8aA1w:hTvC/MTQYxsWR7aA

Score
7/10

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Checks processor information in registry 2 TTPs 15 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 10 IoCs
  • Modifies registry class 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 24 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 18 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 60 IoCs
  • Suspicious use of SendNotifyMessage 56 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

Processes

  • C:\Users\Admin\AppData\Local\Temp\cf1c6c9cd6fe79284928b6e3fbe50e8382f486fedf5e0f982156c1807a8f341a.exe
    "C:\Users\Admin\AppData\Local\Temp\cf1c6c9cd6fe79284928b6e3fbe50e8382f486fedf5e0f982156c1807a8f341a.exe"
    1⤵
    • Checks computer location settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:624
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/
      2⤵
      • Enumerates system info in registry
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:2284
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa73e346f8,0x7ffa73e34708,0x7ffa73e34718
        3⤵
          PID:4292
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2744 /prefetch:8
          3⤵
            PID:4932
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3
            3⤵
            • Suspicious behavior: EnumeratesProcesses
            PID:2064
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2016 /prefetch:2
            3⤵
              PID:3488
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
              3⤵
                PID:4416
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
                3⤵
                  PID:544
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2180 /prefetch:1
                  3⤵
                    PID:5848
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1
                    3⤵
                      PID:5616
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4280 /prefetch:1
                      3⤵
                        PID:6344
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4520 /prefetch:1
                        3⤵
                          PID:6524
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4716 /prefetch:1
                          3⤵
                            PID:6720
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5496 /prefetch:1
                            3⤵
                              PID:7100
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
                              3⤵
                                PID:6192
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
                                3⤵
                                  PID:8248
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6120 /prefetch:1
                                  3⤵
                                    PID:8240
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5808 /prefetch:8
                                    3⤵
                                      PID:8736
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5808 /prefetch:8
                                      3⤵
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:8752
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7268 /prefetch:1
                                      3⤵
                                        PID:9076
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5700 /prefetch:1
                                        3⤵
                                          PID:9084
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6176 /prefetch:8
                                          3⤵
                                            PID:8924
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2540 /prefetch:2
                                            3⤵
                                            • Suspicious behavior: EnumeratesProcesses
                                            PID:8956
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login
                                          2⤵
                                          • Suspicious use of WriteProcessMemory
                                          PID:2536
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa73e346f8,0x7ffa73e34708,0x7ffa73e34718
                                            3⤵
                                              PID:1876
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,6598643571893660394,510754838676372350,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:3
                                              3⤵
                                              • Suspicious behavior: EnumeratesProcesses
                                              PID:3868
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
                                            2⤵
                                            • Suspicious use of WriteProcessMemory
                                            PID:1460
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa73e346f8,0x7ffa73e34708,0x7ffa73e34718
                                              3⤵
                                                PID:2060
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,14387283530295283449,15336772005691792300,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 /prefetch:3
                                                3⤵
                                                • Suspicious behavior: EnumeratesProcesses
                                                PID:5724
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com
                                              2⤵
                                              • Suspicious use of WriteProcessMemory
                                              PID:3180
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa73e346f8,0x7ffa73e34708,0x7ffa73e34718
                                                3⤵
                                                  PID:5096
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2052,10030208719392820825,8232116366488481113,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 /prefetch:3
                                                  3⤵
                                                  • Suspicious behavior: EnumeratesProcesses
                                                  PID:5664
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/login
                                                2⤵
                                                • Suspicious use of WriteProcessMemory
                                                PID:4008
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa73e346f8,0x7ffa73e34708,0x7ffa73e34718
                                                  3⤵
                                                    PID:1508
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2032,16114267844514504504,17908525918511292994,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 /prefetch:3
                                                    3⤵
                                                    • Suspicious behavior: EnumeratesProcesses
                                                    PID:5388
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com
                                                  2⤵
                                                  • Suspicious use of WriteProcessMemory
                                                  PID:3948
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0x9c,0x104,0x7ffa73e346f8,0x7ffa73e34708,0x7ffa73e34718
                                                    3⤵
                                                      PID:808
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,4406603887303026838,1169055950860296036,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 /prefetch:3
                                                      3⤵
                                                      • Suspicious behavior: EnumeratesProcesses
                                                      PID:6284
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com
                                                    2⤵
                                                    • Enumerates system info in registry
                                                    • Suspicious use of WriteProcessMemory
                                                    PID:1944
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xb4,0xe0,0x104,0x40,0x108,0x7ffa73cd9758,0x7ffa73cd9768,0x7ffa73cd9778
                                                      3⤵
                                                        PID:4764
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1904 --field-trial-handle=1972,i,15572328037368092650,1971796060405680205,131072 /prefetch:8
                                                        3⤵
                                                          PID:7332
                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1776 --field-trial-handle=1972,i,15572328037368092650,1971796060405680205,131072 /prefetch:2
                                                          3⤵
                                                            PID:7324
                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/login
                                                          2⤵
                                                          • Enumerates system info in registry
                                                          • Suspicious behavior: EnumeratesProcesses
                                                          • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                          • Suspicious use of AdjustPrivilegeToken
                                                          • Suspicious use of FindShellTrayWindow
                                                          • Suspicious use of SendNotifyMessage
                                                          • Suspicious use of WriteProcessMemory
                                                          PID:3192
                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa73cd9758,0x7ffa73cd9768,0x7ffa73cd9778
                                                            3⤵
                                                              PID:3400
                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2220 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:8
                                                              3⤵
                                                                PID:7188
                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3056 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:1
                                                                3⤵
                                                                  PID:7312
                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4888 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:1
                                                                  3⤵
                                                                    PID:8172
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4040 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:1
                                                                    3⤵
                                                                      PID:7580
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3904 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:1
                                                                      3⤵
                                                                        PID:7544
                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3048 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:1
                                                                        3⤵
                                                                          PID:7304
                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:8
                                                                          3⤵
                                                                            PID:5940
                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1664 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:2
                                                                            3⤵
                                                                              PID:7016
                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3980 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:8
                                                                              3⤵
                                                                                PID:8444
                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5456 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:8
                                                                                3⤵
                                                                                  PID:1924
                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5452 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:8
                                                                                  3⤵
                                                                                  • Modifies registry class
                                                                                  PID:1620
                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4260 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:2
                                                                                  3⤵
                                                                                  • Suspicious behavior: EnumeratesProcesses
                                                                                  PID:856
                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com
                                                                                2⤵
                                                                                • Enumerates system info in registry
                                                                                • Suspicious use of WriteProcessMemory
                                                                                PID:3500
                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa73cd9758,0x7ffa73cd9768,0x7ffa73cd9778
                                                                                  3⤵
                                                                                    PID:3464
                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1916 --field-trial-handle=1992,i,3517788134178320976,254382332758753450,131072 /prefetch:8
                                                                                    3⤵
                                                                                      PID:7356
                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1992,i,3517788134178320976,254382332758753450,131072 /prefetch:2
                                                                                      3⤵
                                                                                        PID:7348
                                                                                    • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                      "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
                                                                                      2⤵
                                                                                      • Suspicious use of WriteProcessMemory
                                                                                      PID:2212
                                                                                      • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                        "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
                                                                                        3⤵
                                                                                        • Checks processor information in registry
                                                                                        • Modifies registry class
                                                                                        • Suspicious use of AdjustPrivilegeToken
                                                                                        • Suspicious use of FindShellTrayWindow
                                                                                        • Suspicious use of SendNotifyMessage
                                                                                        • Suspicious use of SetWindowsHookEx
                                                                                        PID:3628
                                                                                        • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.0.1555739574\1777187826" -parentBuildID 20221007134813 -prefsHandle 1860 -prefMapHandle 1852 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f64e9b5c-185c-4d26-bae7-586287f6cea7} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 1944 139511d8e58 gpu
                                                                                          4⤵
                                                                                            PID:5832
                                                                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.1.1594945042\2063812015" -parentBuildID 20221007134813 -prefsHandle 2396 -prefMapHandle 2392 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {403d7802-3883-424c-9fc4-a2be0ef74439} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 2416 139510fa558 socket
                                                                                            4⤵
                                                                                              PID:6508
                                                                                            • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.2.1961711078\2049298817" -childID 1 -isForBrowser -prefsHandle 3160 -prefMapHandle 3156 -prefsLen 21603 -prefMapSize 233444 -jsInitHandle 1148 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c32b985d-8076-4a63-ab17-1de676e89920} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 3032 13954e06d58 tab
                                                                                              4⤵
                                                                                                PID:7092
                                                                                              • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.4.232467981\2144525570" -childID 3 -isForBrowser -prefsHandle 3500 -prefMapHandle 3516 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1148 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d6e4a59d-8cba-421c-8a38-5f32a6fc2994} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 3644 139558d3858 tab
                                                                                                4⤵
                                                                                                  PID:7944
                                                                                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.5.964717366\207357517" -childID 4 -isForBrowser -prefsHandle 3624 -prefMapHandle 3856 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1148 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0abde5d3-798d-4b2d-a3f5-75641d115da8} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 3928 139558d6b58 tab
                                                                                                  4⤵
                                                                                                    PID:8060
                                                                                                  • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.3.564115670\1613692178" -childID 2 -isForBrowser -prefsHandle 3500 -prefMapHandle 3516 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1148 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {56e670d9-3cb4-44f0-9829-c65cfbe260ad} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 3152 13954e8dd58 tab
                                                                                                    4⤵
                                                                                                      PID:7916
                                                                                                    • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.6.2003535079\657439751" -childID 5 -isForBrowser -prefsHandle 4728 -prefMapHandle 4724 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1148 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {44bd641c-9ed2-482d-8bb0-b14e47de987e} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 4732 13956a41e58 tab
                                                                                                      4⤵
                                                                                                        PID:8044
                                                                                                      • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.7.261363543\374411290" -childID 6 -isForBrowser -prefsHandle 5512 -prefMapHandle 5516 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1148 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3e0f9353-321c-462d-a328-ee69cb44c0e1} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 5560 1395824cd58 tab
                                                                                                        4⤵
                                                                                                          PID:6860
                                                                                                        • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.9.2081791469\1874659061" -childID 8 -isForBrowser -prefsHandle 5948 -prefMapHandle 5944 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1148 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7042a571-4719-4e46-9b3e-b31c48322082} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 5868 1395824b558 tab
                                                                                                          4⤵
                                                                                                            PID:6856
                                                                                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.8.281872215\1562079409" -childID 7 -isForBrowser -prefsHandle 5692 -prefMapHandle 5696 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1148 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {229346c7-1f95-46e1-8094-e879be78e7df} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 5684 1395824df58 tab
                                                                                                            4⤵
                                                                                                              PID:6796
                                                                                                            • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.10.1273339247\941126425" -parentBuildID 20221007134813 -prefsHandle 1740 -prefMapHandle 1736 -prefsLen 26381 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4ea3fdea-0eed-4885-9a2c-b47ce8e4184c} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 1764 13956a3e558 rdd
                                                                                                              4⤵
                                                                                                                PID:8272
                                                                                                              • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.11.906235256\1491793583" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 6184 -prefMapHandle 5508 -prefsLen 26381 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {961236b9-6ed9-4421-a6ab-74060d2446b0} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 6192 13956a40058 utility
                                                                                                                4⤵
                                                                                                                  PID:8008
                                                                                                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.12.361932767\1838049697" -childID 9 -isForBrowser -prefsHandle 6524 -prefMapHandle 6520 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1148 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3c4b5269-eb73-4662-b637-b2d4b50d5609} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 6532 13958194458 tab
                                                                                                                  4⤵
                                                                                                                    PID:6824
                                                                                                              • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login
                                                                                                                2⤵
                                                                                                                  PID:1932
                                                                                                                  • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                    "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login
                                                                                                                    3⤵
                                                                                                                    • Checks processor information in registry
                                                                                                                    PID:5016
                                                                                                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                  "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
                                                                                                                  2⤵
                                                                                                                    PID:1232
                                                                                                                    • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                      "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
                                                                                                                      3⤵
                                                                                                                      • Checks processor information in registry
                                                                                                                      PID:5152
                                                                                                                • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                  1⤵
                                                                                                                    PID:5824
                                                                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                    1⤵
                                                                                                                      PID:6228
                                                                                                                    • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                                                                                                      "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                                                                                                      1⤵
                                                                                                                        PID:8024
                                                                                                                      • C:\Windows\system32\AUDIODG.EXE
                                                                                                                        C:\Windows\system32\AUDIODG.EXE 0x4f4 0x504
                                                                                                                        1⤵
                                                                                                                        • Suspicious use of AdjustPrivilegeToken
                                                                                                                        PID:8492
                                                                                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                        1⤵
                                                                                                                          PID:5512

                                                                                                                        Network

                                                                                                                        MITRE ATT&CK Enterprise v15

                                                                                                                        Replay Monitor

                                                                                                                        Loading Replay Monitor...

                                                                                                                        Downloads

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

                                                                                                                          Filesize

                                                                                                                          40B

                                                                                                                          MD5

                                                                                                                          bc16ebe41a9fc2938c4060992a92b0af

                                                                                                                          SHA1

                                                                                                                          1719af3e339b187d984a76437eb80cae5dc50e6f

                                                                                                                          SHA256

                                                                                                                          5874dbe9583546eb24cfb2b237d58f97ef186cd72866dd224df82e62817744ae

                                                                                                                          SHA512

                                                                                                                          c78d4be86a3f35ae07375b37fd39f869d317a6ec6699d7673731e6f9b255d7bcbfacf58ca71c3f51baac1e2b2bbee7da58603efa5bd51a31162c481aab7a912c

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

                                                                                                                          Filesize

                                                                                                                          18KB

                                                                                                                          MD5

                                                                                                                          85b2f70f7cca6ac183b1c48cb0198d98

                                                                                                                          SHA1

                                                                                                                          b9c226a60c83280f96ac76c3fcbfcb7547fbacf8

                                                                                                                          SHA256

                                                                                                                          c8cdeeebc42c8dd3140e12b64b94f1606d9960af22b6feaf834f4eadf8e1ea33

                                                                                                                          SHA512

                                                                                                                          79cb317cad7739b3f23988e3f430f8f9ebb4fb42a1fbb3c8672a835fd343c5588e6f912c2831909a1bf0729ddb2c820deed51d7dca050c303975230664570b48

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

                                                                                                                          Filesize

                                                                                                                          17KB

                                                                                                                          MD5

                                                                                                                          2ba277bbbcc8715291613160a997cebd

                                                                                                                          SHA1

                                                                                                                          e64ee67165bbadd3b8bde989c3e5b1d2540cf09b

                                                                                                                          SHA256

                                                                                                                          00ffe000f78ae3c8c8d5557e3ab0089e29730ed10b2a190bd2b7a569812afd96

                                                                                                                          SHA512

                                                                                                                          c0f7840f181ad991c45ed1be0fcc0d90be100f8bbf36c54418ebe66f46d776652447eb5b7eaffbd2eb07c04455841d8e5d74f404eddf3c22daa34269d842435e

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

                                                                                                                          Filesize

                                                                                                                          16KB

                                                                                                                          MD5

                                                                                                                          d8e56edd91e6a8e254c9df3c3619f493

                                                                                                                          SHA1

                                                                                                                          e5bb299b458c95e5575da0a42ff7b49969b880b4

                                                                                                                          SHA256

                                                                                                                          8b598d7196aef8cb9eacf393e5b2520f5387f125552e1fefb6f373be30f64e97

                                                                                                                          SHA512

                                                                                                                          46d3bb6eeba235ed9e2621cf6bf89c10c78fbbee1bec31d59347532d9d242de4bb533911d0981d3c1af85a1d51226ca694ccbcef178adda1fb71e9634820027b

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

                                                                                                                          Filesize

                                                                                                                          56KB

                                                                                                                          MD5

                                                                                                                          57ae6558fd495a4c05692113c7315b1e

                                                                                                                          SHA1

                                                                                                                          edcf35929545ae68664779e0254b67e720e1a0b3

                                                                                                                          SHA256

                                                                                                                          fc01d1f63650df9b53e5ed7f8ad20f8ca46a194533f72ab431ce862d1f310b63

                                                                                                                          SHA512

                                                                                                                          51fe9f8eee096ecaec21a1b1ccc72ddefa178627cf8809daf12713c70edc075bd1b03f277a505b2357076a278afd11a4f853132d8fbae53361a36438fd8951f4

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

                                                                                                                          Filesize

                                                                                                                          21KB

                                                                                                                          MD5

                                                                                                                          3669e98b2ae9734d101d572190d0c90d

                                                                                                                          SHA1

                                                                                                                          5e36898bebc6b11d8e985173fd8b401dc1820852

                                                                                                                          SHA256

                                                                                                                          7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a

                                                                                                                          SHA512

                                                                                                                          0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

                                                                                                                          Filesize

                                                                                                                          20KB

                                                                                                                          MD5

                                                                                                                          c1164ab65ff7e42adb16975e59216b06

                                                                                                                          SHA1

                                                                                                                          ac7204effb50d0b350b1e362778460515f113ecc

                                                                                                                          SHA256

                                                                                                                          d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb

                                                                                                                          SHA512

                                                                                                                          1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

                                                                                                                          Filesize

                                                                                                                          16KB

                                                                                                                          MD5

                                                                                                                          9978db669e49523b7adb3af80d561b1b

                                                                                                                          SHA1

                                                                                                                          7eb15d01e2afd057188741fad9ea1719bccc01ea

                                                                                                                          SHA256

                                                                                                                          4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c

                                                                                                                          SHA512

                                                                                                                          04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

                                                                                                                          Filesize

                                                                                                                          34KB

                                                                                                                          MD5

                                                                                                                          b63bcace3731e74f6c45002db72b2683

                                                                                                                          SHA1

                                                                                                                          99898168473775a18170adad4d313082da090976

                                                                                                                          SHA256

                                                                                                                          ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085

                                                                                                                          SHA512

                                                                                                                          d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

                                                                                                                          Filesize

                                                                                                                          49KB

                                                                                                                          MD5

                                                                                                                          55abcc758ea44e30cc6bf29a8e961169

                                                                                                                          SHA1

                                                                                                                          3b3717aeebb58d07f553c1813635eadb11fda264

                                                                                                                          SHA256

                                                                                                                          dada70d2614b10f6666b149d2864fdcf8f944bf748dcf79b2fe6dad73e4ef7b6

                                                                                                                          SHA512

                                                                                                                          12e2405f5412c427bee4edd9543f4ea40502eaace30b24fe1ae629895b787ea5a959903a2e32abe341cd8136033a61b802b57fe862efba5f5a1b167176dd2454

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

                                                                                                                          Filesize

                                                                                                                          46KB

                                                                                                                          MD5

                                                                                                                          beafc7738da2d4d503d2b7bdb5b5ee9b

                                                                                                                          SHA1

                                                                                                                          a4fd5eb4624236bc1a482d1b2e25b0f65e1cc0e0

                                                                                                                          SHA256

                                                                                                                          bb77e10b27807cbec9a9f7a4aeefaa41d66a4360ed33e55450aaf7a47f0da4b4

                                                                                                                          SHA512

                                                                                                                          a0b7cf6df6e8cc2b11e05099253c07042ac474638cc9e7fb0a6816e70f43e400e356d41bde995dce7ff11da65f75e7dc7a7f8593c6b031a0aa17b7181f51312f

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

                                                                                                                          Filesize

                                                                                                                          46KB

                                                                                                                          MD5

                                                                                                                          621714e5257f6d356c5926b13b8c2018

                                                                                                                          SHA1

                                                                                                                          95fbe9dcf1ae01e969d3178e2efd6df377f5f455

                                                                                                                          SHA256

                                                                                                                          b6c5da3bf2ae9801a3c1c61328d54f9d3889dcea4049851b4ed4a2ff9ba16800

                                                                                                                          SHA512

                                                                                                                          b39ea7c8b6bb14a5a86d121c9afc4e2fc1b46a8f8c8a8ddacfa53996c0c94f39d436479d923bf3da45f04431d93d8b0908c50d586181326f68e7675c530218ed

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

                                                                                                                          Filesize

                                                                                                                          37KB

                                                                                                                          MD5

                                                                                                                          01ef159c14690afd71c42942a75d5b2d

                                                                                                                          SHA1

                                                                                                                          a38b58196f3e8c111065deb17420a06b8ff8e70f

                                                                                                                          SHA256

                                                                                                                          118d6f295fd05bc547835ba1c4360250e97677c0419c03928fd611f4f3e3104b

                                                                                                                          SHA512

                                                                                                                          12292194bb089f50bb73507d4324ea691cc853a6e7b8d637c231fadb4f465246b97fd3684162467989b1c3c46eabb3595adb0350c6cf41921213620d0cff455b

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                          Filesize

                                                                                                                          1KB

                                                                                                                          MD5

                                                                                                                          0d5f6fe9ed5e8c7adce099c145db3f34

                                                                                                                          SHA1

                                                                                                                          c6e7f688d966e4fef3fc0fca61c462db5f8a8acd

                                                                                                                          SHA256

                                                                                                                          4653aa356ed5943bfb664ccede808af3b54d1366f7f350865bef81afb71eb1af

                                                                                                                          SHA512

                                                                                                                          7762e2108f6b381dcb6e0634dc2b2b3c98ddd6ef65714fc1264a4ca410593cffbd01b97e2a3daa6b5974736066cb92c26c022a2ab05a53a14975d58944002b07

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                                                          Filesize

                                                                                                                          3KB

                                                                                                                          MD5

                                                                                                                          d9f46896da8349a6c01f88639fd14dbc

                                                                                                                          SHA1

                                                                                                                          d625ed82b0eb3b65eade0ce884dbd19db0377e97

                                                                                                                          SHA256

                                                                                                                          c1430bf5b484baeb51b38268ed9ff6b4b0e9658377f50614dd9671fdd72c5821

                                                                                                                          SHA512

                                                                                                                          2837bc73364a31b7b88bd6b12c688de173630ef4ebb4c2b70809e438093a501249724533c1fe358c081cf86627cb2b9302dd1b22dc430ab2ba3be346db5df361

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                                                          Filesize

                                                                                                                          4KB

                                                                                                                          MD5

                                                                                                                          4903fad87b54f51afee14929a9dc55fa

                                                                                                                          SHA1

                                                                                                                          0ccf526058ba2fa43fbb574b81e8b7cc91ea2f27

                                                                                                                          SHA256

                                                                                                                          1f21a164e398f29fd5db4dee31a97b5ef804a3c0a9efadf601db6f0ec4b58edc

                                                                                                                          SHA512

                                                                                                                          6977772e6784af8778ab29988754763479e23423868313f483be846cad32d4db1c07263ff259a124b6566d5a2f57ce2668d234d7c84130c84cf612c787bf8baa

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                          Filesize

                                                                                                                          539B

                                                                                                                          MD5

                                                                                                                          afaa9efe51fa68f5c279bedcc6a79987

                                                                                                                          SHA1

                                                                                                                          f58b601f38ca4a0ecf0f70ef6986837456a020c8

                                                                                                                          SHA256

                                                                                                                          72599d3ce31ebd53e1caaa6cd812641307b4389cab9f723ddce83c2b5ab9a816

                                                                                                                          SHA512

                                                                                                                          89bac79e00a1a48ff334df8354655a0d618f2c8d121234abc21d0b50b3d7bffa30858414562b41536787864e99252d374bfe7c8e9075abc3b8e3cbe6096d482f

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                          Filesize

                                                                                                                          1KB

                                                                                                                          MD5

                                                                                                                          f6ae4ab9b47e7748a6d748480512b932

                                                                                                                          SHA1

                                                                                                                          bd6aabb0af0a8524efa3627f1189b304c6092d2a

                                                                                                                          SHA256

                                                                                                                          5e58bb808e0499fd65dbd3cbc73c0810fcb7ab088d7b3fb7b2a264c38f441f15

                                                                                                                          SHA512

                                                                                                                          f76381b37b29866d07fdd359a074a4316429b8aad769cbd7f88e731d2013a5d8ef82e78a60f7cc162ff2ae4678234f64678fb49f31e5c9943aca462d6dd704ae

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                          Filesize

                                                                                                                          1KB

                                                                                                                          MD5

                                                                                                                          bd7e450a5f79ada1bd68ddac2021d727

                                                                                                                          SHA1

                                                                                                                          4bf5670185280a448c4e713279c64fd54270fded

                                                                                                                          SHA256

                                                                                                                          dd0dddacbbd6bb4ad1aa2bd4bc7978ff97512a23d587935ec6db467ffbe13dff

                                                                                                                          SHA512

                                                                                                                          6f4227ef303e349fb8b4939c86f4b6a58e3c796217d5ef7157631a04726df97e791f566bc9390087200310f57b9f34aceb543f427f9d804909867f1aa7c59383

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                          Filesize

                                                                                                                          874B

                                                                                                                          MD5

                                                                                                                          4ec82e4dc0a59379dd4c15546bc0a6f0

                                                                                                                          SHA1

                                                                                                                          920b0c5f5f7f1fc7b02643ad1bee25f7674ab1e5

                                                                                                                          SHA256

                                                                                                                          53f41cdd10d404305a1843290297f68cbb53e65711e4150c7d3b462f35c7dacb

                                                                                                                          SHA512

                                                                                                                          f3a70c0e5aa6d23d638b060a44cf08bb4910b00924f9032079bda07c985b4ee734f25a51227339fa70ea24f089b3d2ab12f3897008f9c83e77a043abc281ae48

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                          Filesize

                                                                                                                          7KB

                                                                                                                          MD5

                                                                                                                          df9d5a1dab4a00fb7a74a2706844295f

                                                                                                                          SHA1

                                                                                                                          e77bd49c9df831f37a246f1e88711fcc0615c490

                                                                                                                          SHA256

                                                                                                                          1c4d02b1f4c4d49e6da234df589d147a9be69316c506d945f4b4f7d4a0331a24

                                                                                                                          SHA512

                                                                                                                          8751067641da7b8903e282692c3e8d6b08ddf0084a95025df2e7445ffd5e2eb3a51a6c1ed240129b75e49be3a1acecea5c586925b26e211d82ab49979e2de0f6

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e676c9d3-79f2-41a5-9a85-0e17844ecabf\index-dir\the-real-index

                                                                                                                          Filesize

                                                                                                                          144B

                                                                                                                          MD5

                                                                                                                          6b88e5ac421e8a772f025b6cd09f62c9

                                                                                                                          SHA1

                                                                                                                          e48d91a82bbb8f387a659e0ff1e7ccbdff1dc7ba

                                                                                                                          SHA256

                                                                                                                          177ade47ae4ecffa53a743b8844ceec6a912d9f3ea0a75e2d31658f004dcd135

                                                                                                                          SHA512

                                                                                                                          63c56e364de5f8815a3d13ed563109dff23f830e89c69ffb5e9d30d43a92bb2a27874f786cf06583b1fc600a0410e0dfcff2bcc9d97b2c4cea9b3447b2dadd5c

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e676c9d3-79f2-41a5-9a85-0e17844ecabf\index-dir\the-real-index~RFe57edbb.TMP

                                                                                                                          Filesize

                                                                                                                          48B

                                                                                                                          MD5

                                                                                                                          83c106889de03ab288f067af3f857560

                                                                                                                          SHA1

                                                                                                                          0d22554c4dc3c0d16ee0411e7403e60bbaed91fb

                                                                                                                          SHA256

                                                                                                                          b4776a4df40e2b69547e2dc39458d5e1defb711ba08147b003da45d1f7fab290

                                                                                                                          SHA512

                                                                                                                          b2384f050aafb73032ce1aac9073c828c47b9f80a7cf263d245a3b2f61d210cb2f7748e46f80da326e0a158035de0da83ad1cdd4c3fcd83da7c3111247d6c64d

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                          Filesize

                                                                                                                          176B

                                                                                                                          MD5

                                                                                                                          e2b3dc9c6d3e4562da2e0c6d6e36e981

                                                                                                                          SHA1

                                                                                                                          9adffc121495f27865dd1b34009a76b1db7b4b05

                                                                                                                          SHA256

                                                                                                                          6f52fa2e02323fe3d2f17b12d802a6881b06315d6bfccd254938632b8978170a

                                                                                                                          SHA512

                                                                                                                          94f0f32da0f60cbb29bbdf3f67ba5e13e08f8b392154e834fae38734fc6bac7d51ed7eca085d169a6e25dec493f9bd707daa01c3a845bd093731920996e8a639

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                          Filesize

                                                                                                                          112B

                                                                                                                          MD5

                                                                                                                          d9c1dac836df4250573c92c6f4af4f3b

                                                                                                                          SHA1

                                                                                                                          da9e20fb88c16219e7cf8b4d8a7161fef43f1549

                                                                                                                          SHA256

                                                                                                                          f439b52303c81f17ebc3ddc195c9bc9377072ea592da4a2fea0de9482e63950b

                                                                                                                          SHA512

                                                                                                                          b03b2a6a39ffe3e071813ae92fa6f31a782db76706b1a70c0b8a401f765e30ef0f2f8f9f8eaffc2387db7cb62dd090761cdceccc8fff4e1c092cdde748c4d037

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                          Filesize

                                                                                                                          113B

                                                                                                                          MD5

                                                                                                                          2ff96e4ceddfbfe2ba5244e311ac4493

                                                                                                                          SHA1

                                                                                                                          e690335dc4e1bce8f380a2a5b94c2389e85695dc

                                                                                                                          SHA256

                                                                                                                          2b0eb31ef14e3465a31531b849bddf2eaf4332b369ee0f52f2f8512c9bd2d8d3

                                                                                                                          SHA512

                                                                                                                          4a2c54b31d845e04707da3e56421f812f7a1476084ad09f7b9fad7b0d1fd61684b05b2b1ea57265896d89305245af72a6544a1f3b5b7d28ee347d2eaa15e4efe

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57827e.TMP

                                                                                                                          Filesize

                                                                                                                          119B

                                                                                                                          MD5

                                                                                                                          7f3fa8979e80ad3e6106624cbcf33e37

                                                                                                                          SHA1

                                                                                                                          481731c016b906da4d9784a413183063d920fcb9

                                                                                                                          SHA256

                                                                                                                          a79b06d754a629d392cb372c9341c5119c2c4520529ba8376430ff560b283e4b

                                                                                                                          SHA512

                                                                                                                          64e2b31b3ce615af2e4d817f969043cc4446be6bbc3adcd30463f03fa076585e4faeb99360da6d90d47a39eaaee99c4708015dc698ba63b50e55e3fc29858c90

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

                                                                                                                          Filesize

                                                                                                                          16B

                                                                                                                          MD5

                                                                                                                          46295cac801e5d4857d09837238a6394

                                                                                                                          SHA1

                                                                                                                          44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                                                          SHA256

                                                                                                                          0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                                                          SHA512

                                                                                                                          8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                                                                                                          Filesize

                                                                                                                          72B

                                                                                                                          MD5

                                                                                                                          3b41316d6f0aa87eda5d2a606fbc230b

                                                                                                                          SHA1

                                                                                                                          5a88d95d4c0aa21fde4f3ee2f3d89dcd4a09b3ad

                                                                                                                          SHA256

                                                                                                                          cad54fa8c9a79e22ff5cc6548433c6911b213b3d6f2cca78a9c2586a5f7adc7e

                                                                                                                          SHA512

                                                                                                                          fdd8fc7060c44aa91c1a5db163d2a3fa6b14e0e1ca6ee57c9f26c7677fd3cbe28cdf2130572ed0d701cf686eadf5fa63132dc6e925a8f429d59bbfc6b241ac7b

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57d9c6.TMP

                                                                                                                          Filesize

                                                                                                                          48B

                                                                                                                          MD5

                                                                                                                          fee61b6bdafefcda4f45596ca23fc498

                                                                                                                          SHA1

                                                                                                                          66981721a99803446037be9448d4c8d2bd54aa1c

                                                                                                                          SHA256

                                                                                                                          ca0c52955c9f359609317376eeac7cf1b2f7de4e0e4da400807908ef3b2c7eae

                                                                                                                          SHA512

                                                                                                                          76320657746799701884125ccb7ed6d21cca8a52df4ee5104040e2a1af4ef860e0d3baa0af7aab90b527001482ce7c3f49d48ed94f0fd7f39b6fc49ec04cfd75

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png

                                                                                                                          Filesize

                                                                                                                          10KB

                                                                                                                          MD5

                                                                                                                          7f57c509f12aaae2c269646db7fde6e8

                                                                                                                          SHA1

                                                                                                                          969d8c0e3d9140f843f36ccf2974b112ad7afc07

                                                                                                                          SHA256

                                                                                                                          1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

                                                                                                                          SHA512

                                                                                                                          3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3192_528624080\Shortcuts Menu Icons\Monochrome\0\512.png

                                                                                                                          Filesize

                                                                                                                          2KB

                                                                                                                          MD5

                                                                                                                          12a429f9782bcff446dc1089b68d44ee

                                                                                                                          SHA1

                                                                                                                          e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

                                                                                                                          SHA256

                                                                                                                          e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

                                                                                                                          SHA512

                                                                                                                          1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                          Filesize

                                                                                                                          233KB

                                                                                                                          MD5

                                                                                                                          bccab91368a69a04924b663c732431b3

                                                                                                                          SHA1

                                                                                                                          66db78606bd2446c777bbd19ccb4618187e62805

                                                                                                                          SHA256

                                                                                                                          3e17fd1ab2433e5c122b515caec2e0ca3f1ad689ab4a6cd6f565c4c8a0e27832

                                                                                                                          SHA512

                                                                                                                          77e7a2f92d6fc4b3b9fd9a169c27f2f50ae150a64bcf49b952b90d501afaf3b974e7de4e4ea391b3b8ace3f87394e3b1eab0210bc7d96d834208726400fadda1

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                          Filesize

                                                                                                                          114KB

                                                                                                                          MD5

                                                                                                                          e391263f0b60ba69d9683c3b0cc29ae9

                                                                                                                          SHA1

                                                                                                                          99449495c8e480049c6413304cf434446d2c7f5b

                                                                                                                          SHA256

                                                                                                                          820b3a8caafe5b22858969a58dbb9533519f54e975a3ee9274c9b80421a86f33

                                                                                                                          SHA512

                                                                                                                          43604f98ae59382196f692ec4a02c1a43cb0cbf4ad7f01d6ccecaaa607215edc1b68e799e1f50bbd5f7e9bfb9c068cc4bc8b08f750772a06311d33bacb7d49f0

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                          Filesize

                                                                                                                          114KB

                                                                                                                          MD5

                                                                                                                          898af8492eae5a3307d22569b39821eb

                                                                                                                          SHA1

                                                                                                                          01b27e05f786c4f4970fa811a506fb1bd2bd6975

                                                                                                                          SHA256

                                                                                                                          b291f94770c57cd8b48529be34c47ce797a6971f8caa731f0b0c5fe56a8873c0

                                                                                                                          SHA512

                                                                                                                          78b2b7494aee6fff54ec412a07b95268c4811d4051f65cb6ce0fd3ab548f639452c080c6db17a0fdfa9b5d9519bc436a7bfd0c67d6a10f7299d3bf374e450b99

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                                                          Filesize

                                                                                                                          85B

                                                                                                                          MD5

                                                                                                                          bc6142469cd7dadf107be9ad87ea4753

                                                                                                                          SHA1

                                                                                                                          72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c

                                                                                                                          SHA256

                                                                                                                          b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557

                                                                                                                          SHA512

                                                                                                                          47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                                                          Filesize

                                                                                                                          86B

                                                                                                                          MD5

                                                                                                                          f732dbed9289177d15e236d0f8f2ddd3

                                                                                                                          SHA1

                                                                                                                          53f822af51b014bc3d4b575865d9c3ef0e4debde

                                                                                                                          SHA256

                                                                                                                          2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93

                                                                                                                          SHA512

                                                                                                                          b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

                                                                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                                                          Filesize

                                                                                                                          86B

                                                                                                                          MD5

                                                                                                                          16b7586b9eba5296ea04b791fc3d675e

                                                                                                                          SHA1

                                                                                                                          8890767dd7eb4d1beab829324ba8b9599051f0b0

                                                                                                                          SHA256

                                                                                                                          474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680

                                                                                                                          SHA512

                                                                                                                          58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                          Filesize

                                                                                                                          152B

                                                                                                                          MD5

                                                                                                                          0bd5c93de6441cd85df33f5858ead08c

                                                                                                                          SHA1

                                                                                                                          c9e9a6c225ae958d5725537fac596b4d89ccb621

                                                                                                                          SHA256

                                                                                                                          6e881c02306f0b1f4d926f77b32c57d4ba98db35a573562a017ae9e357fcb2d2

                                                                                                                          SHA512

                                                                                                                          19073981f96ba488d87665cfa7ffc126b1b577865f36a53233f15d2773eabe5200a2a64874a3b180913ef95efdece3954169bdcb4232ee793670b100109f6ae2

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                          Filesize

                                                                                                                          152B

                                                                                                                          MD5

                                                                                                                          4d6e17218d9a99976d1a14c6f6944c96

                                                                                                                          SHA1

                                                                                                                          9e54a19d6c61d99ac8759c5f07b2f0d5faab447f

                                                                                                                          SHA256

                                                                                                                          32e343d2794af8bc6f2f7c905b5df11d53db4ad8922b92ad5e7cc9c856509d93

                                                                                                                          SHA512

                                                                                                                          3fa166b3e2d1236298d8dda7071a6fcf2bde283f181b8b0a07c0bb8ba756d6f55fa8a847ca5286d4dbabc6dace67e842a118866320ac01bd5f93cccd3a032e47

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

                                                                                                                          Filesize

                                                                                                                          20KB

                                                                                                                          MD5

                                                                                                                          923a543cc619ea568f91b723d9fb1ef0

                                                                                                                          SHA1

                                                                                                                          6f4ade25559645c741d7327c6e16521e43d7e1f9

                                                                                                                          SHA256

                                                                                                                          bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

                                                                                                                          SHA512

                                                                                                                          a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

                                                                                                                          Filesize

                                                                                                                          21KB

                                                                                                                          MD5

                                                                                                                          7d75a9eb3b38b5dd04b8a7ce4f1b87cc

                                                                                                                          SHA1

                                                                                                                          68f598c84936c9720c5ffd6685294f5c94000dff

                                                                                                                          SHA256

                                                                                                                          6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7

                                                                                                                          SHA512

                                                                                                                          cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

                                                                                                                          Filesize

                                                                                                                          34KB

                                                                                                                          MD5

                                                                                                                          d1a0d8504b6a46215e2a4cf521ddb7b5

                                                                                                                          SHA1

                                                                                                                          3d6e16808a1e17ccdaca99f37ed30468391c62e0

                                                                                                                          SHA256

                                                                                                                          cb357178d5e09917800b0669d958b5517c4f8b322c01f2adeca3ea7fa4e707c1

                                                                                                                          SHA512

                                                                                                                          2ee68d71b04a78e1bc353f66daaeac1ab9f2e1119d7b6974571f8ef1a7a20fc1ea3903f3d90f3feffe7d820339abed4a26cabb230ddba3baa415309daad2d570

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

                                                                                                                          Filesize

                                                                                                                          22KB

                                                                                                                          MD5

                                                                                                                          7a204d478c8dfe822bf86f9103bbd9b3

                                                                                                                          SHA1

                                                                                                                          7114b36ea1588d9372d730b2ee5dec7a3aee36d1

                                                                                                                          SHA256

                                                                                                                          d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb

                                                                                                                          SHA512

                                                                                                                          f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

                                                                                                                          Filesize

                                                                                                                          1.5MB

                                                                                                                          MD5

                                                                                                                          b1375326603fe65cd42df7fed7ce5c45

                                                                                                                          SHA1

                                                                                                                          a7fc9a7c979e62a0bed17ae5e8da74738d3e25ba

                                                                                                                          SHA256

                                                                                                                          c9088547ff6883a0646b7ca0c27b0696524be01431ce0059c4ebe765d48dae06

                                                                                                                          SHA512

                                                                                                                          1a381b6193bd8380bdb81934bb0b5f75a514c5fb878ab70dd1f7ff5c5be397298d0ca4cbe1c65ca245074ee2052322f89487807b9f73f780851f3a074f74ced3

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

                                                                                                                          Filesize

                                                                                                                          31KB

                                                                                                                          MD5

                                                                                                                          81ac05c6d01d84d913a56c11909cdc7d

                                                                                                                          SHA1

                                                                                                                          55f6bd5429c5a35ed53caae2cd50d856edcb7883

                                                                                                                          SHA256

                                                                                                                          b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5

                                                                                                                          SHA512

                                                                                                                          0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

                                                                                                                          Filesize

                                                                                                                          46KB

                                                                                                                          MD5

                                                                                                                          3ba7e6919bc260bb6ab523197f2be3e1

                                                                                                                          SHA1

                                                                                                                          ce2d7fe3aa42d99d733266d023f6aef3766e7785

                                                                                                                          SHA256

                                                                                                                          1032fd6f298c16aaae3f1ae2059591f2f5d40e839de4f22a5bb6d41c38a39818

                                                                                                                          SHA512

                                                                                                                          2806c96ff57678813e20abc51ffbcb8ebe8986b3775df5d42812be6b50c905840503486d1b963d1fcc6c3de572da4bf9ee175b802032753785d3de69fb0768fc

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

                                                                                                                          Filesize

                                                                                                                          771KB

                                                                                                                          MD5

                                                                                                                          3b2df667a176193cba046f74787e731d

                                                                                                                          SHA1

                                                                                                                          0525109b7a249a66df8c8eb7d24b49852cd076cc

                                                                                                                          SHA256

                                                                                                                          f38e1d77aa0173d1c110ebbc24f55704f74d28b33c70302f1170c1f4213f611e

                                                                                                                          SHA512

                                                                                                                          f6a90da9852126be776f2b7b488e04d8ff3cc6e0f4b222e1d9fb7aa2c938d586d4c88150dae1fecc24606c5a80270eb7c70ca4286a0efd2c2478aa2701056ebf

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

                                                                                                                          Filesize

                                                                                                                          30KB

                                                                                                                          MD5

                                                                                                                          aaba5e872ba07d60f556b78df854279e

                                                                                                                          SHA1

                                                                                                                          93d1494959f4027195f527db143e5aa89d60925b

                                                                                                                          SHA256

                                                                                                                          0d950d310c06f5df42df4c095f087e9e04f1df621baed053ad73b6c526cdb75c

                                                                                                                          SHA512

                                                                                                                          fb9f3fe53d97caf3624a5cfc952daa6fc486e153f9fb33a3456c7f86c655214b520432d150286dbe383bb30fee251f1f63e89e6bb5b45618a541ec03f8a94346

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

                                                                                                                          Filesize

                                                                                                                          32KB

                                                                                                                          MD5

                                                                                                                          bbac7bb99faedea9a0cb17dfcad195af

                                                                                                                          SHA1

                                                                                                                          409312e9c3a5eaa03f2c8227a3693e8a6dc850ff

                                                                                                                          SHA256

                                                                                                                          b286f84ee8d1ad423d6c6d681d44ec338a542abff016773fd133db9eecbcb3a3

                                                                                                                          SHA512

                                                                                                                          727cc47adb0225730fa4dc9b2a791fc9b88660082bc9ab4e2bb65633a666772a75bac12cede3feab5609fcbb3c4807fad4a3b499d5633ab273e625b3650e2e5e

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

                                                                                                                          Filesize

                                                                                                                          19KB

                                                                                                                          MD5

                                                                                                                          e337014ceba65092b027bdeddc48b00b

                                                                                                                          SHA1

                                                                                                                          98ad97b8adbb411d6d4623fab506924aa6772304

                                                                                                                          SHA256

                                                                                                                          c8376c9fa189541da0b65cbac556fea079eba00755803b97808f79b6d2b07c95

                                                                                                                          SHA512

                                                                                                                          24dc7ea8954498d7eb926f6ff07d245d82dff98ecbf77093b717351328434306d37c0a95aac208f711c8f3bb901ffa05daa974aa719518eeb14bb844df5e3d6d

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                          Filesize

                                                                                                                          1KB

                                                                                                                          MD5

                                                                                                                          b6921249799cc5e6014467af108ab203

                                                                                                                          SHA1

                                                                                                                          55e993f8e6fc6a4730f50ff1f42faa3a66bb4c1f

                                                                                                                          SHA256

                                                                                                                          ccca89d67dea425b076818ba194a2f1fb1e9222a820a13806df483230713a23d

                                                                                                                          SHA512

                                                                                                                          80838bc454e5ed8dce53db1c684c21b8aa9e78bffb4dc8add317bf82a979f86de98c902b0d3f04f2057935f7c89b969e9c8415bca1926d9c49b05936d523b695

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                          Filesize

                                                                                                                          1KB

                                                                                                                          MD5

                                                                                                                          4b398ec37266e41d07537d21eaa5daa0

                                                                                                                          SHA1

                                                                                                                          4a6f6d7390020ad087e3329672a571ab8c131658

                                                                                                                          SHA256

                                                                                                                          421e155d98cb1f9f55fa38936cc91360f87f9697070363f4781b9ab0324ca0a5

                                                                                                                          SHA512

                                                                                                                          72925ec1793bf02a8e7051f789aedf3d8ce77629a8cf50835170e12bc903e48c63480933963f0129876bbc4f6caaa3204d54c899d4f454a8d8b67b0eadffd0dc

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                                          Filesize

                                                                                                                          2KB

                                                                                                                          MD5

                                                                                                                          2dfa563ee1702031270a5e21b224b414

                                                                                                                          SHA1

                                                                                                                          4a5ba5eb8fc3e5f352556855b4eb293a6773d381

                                                                                                                          SHA256

                                                                                                                          4f3f28c033c7e68323f947e860fd2eb12f6d53a01143576af785191d8aeb874f

                                                                                                                          SHA512

                                                                                                                          3a557b3407de878988ddf9868c4d98539d47da0e2d4285f59b72bf3f608d92443534893502604370e4c574ff5aa9aad87700f21ae0622dab5ed4c6c0ce49cf48

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                                          Filesize

                                                                                                                          2KB

                                                                                                                          MD5

                                                                                                                          178a3e5a10de1dbfae940f311a0ed939

                                                                                                                          SHA1

                                                                                                                          a23d3c4b035586efdf5e51663831fed6345be4b4

                                                                                                                          SHA256

                                                                                                                          5bc2f9559d6a5ef25591546327453ee9b0212157206503476073e4bc7761b0ed

                                                                                                                          SHA512

                                                                                                                          e63ce997c58dac94eb4653066e71adcba494c52f13f841f87f96d273d1a787fbdee7b873d03c2fa59cfba6f3a4721fae8d31f96f0e8ad28c84e0e0ba761d27db

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                                          Filesize

                                                                                                                          111B

                                                                                                                          MD5

                                                                                                                          285252a2f6327d41eab203dc2f402c67

                                                                                                                          SHA1

                                                                                                                          acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                                                                                                          SHA256

                                                                                                                          5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                                                                                                          SHA512

                                                                                                                          11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                          Filesize

                                                                                                                          7KB

                                                                                                                          MD5

                                                                                                                          b77fa6c66cee57cd302b49d77e85ed66

                                                                                                                          SHA1

                                                                                                                          ec9ed73ede3e2b93341b905a656327002cde1529

                                                                                                                          SHA256

                                                                                                                          3911ad4d7c122724218b149755f4af61f2d8925ef64210e6935e06d824caffdd

                                                                                                                          SHA512

                                                                                                                          615d3e319ee501bfb0d478433eb4c76cf1603488fd3f76dd4f7871fac283703a8e5aee796be855f38362efc649a7dc1380ce9d2e1e6f706d810f088156f3be62

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                          Filesize

                                                                                                                          7KB

                                                                                                                          MD5

                                                                                                                          20c9fd04ee98d1bcdfde186eb834acb0

                                                                                                                          SHA1

                                                                                                                          2e74362490991c7ba0b4e4905ca0147e67142433

                                                                                                                          SHA256

                                                                                                                          f6e0ac0732203fcb51092932bf9d9693b151f78247e1b771f0e70e96de4f3b28

                                                                                                                          SHA512

                                                                                                                          e408e15b9a4977c1aa2c059f889ac3accb4fc9dbce820617908d2bf2365cb81a8e48d6f8d1520bc846dddddeb81ac2912cc4201a3c97dc64e463c5f1ecc522e6

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                          Filesize

                                                                                                                          5KB

                                                                                                                          MD5

                                                                                                                          034f865eebaff7cb0d8b0c3ed6fa0c17

                                                                                                                          SHA1

                                                                                                                          8851466399e4517062d0409af5ddcc5db1fd877b

                                                                                                                          SHA256

                                                                                                                          a5cca41ba471f75cf68e63cc68665a35abdad5dd4cc68fcdbafb2aa223ff33f4

                                                                                                                          SHA512

                                                                                                                          2cf7b86985d24acb83809693baf0f07686747403563aaa282a827144910658337ef66ecccc189b1f5b7f8306da2acfdcc849be9ef029a60520bf305b1fa79415

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

                                                                                                                          Filesize

                                                                                                                          24KB

                                                                                                                          MD5

                                                                                                                          c2ef1d773c3f6f230cedf469f7e34059

                                                                                                                          SHA1

                                                                                                                          e410764405adcfead3338c8d0b29371fd1a3f292

                                                                                                                          SHA256

                                                                                                                          185450d538a894e4dcf55b428f506f3d7baa86664fbbc67afd6c255b65178521

                                                                                                                          SHA512

                                                                                                                          2ef93803da4d630916bed75d678382fd1c72bff1700a1a72e2612431c6d5e11410ced4eaf522b388028aeadb08e8a77513e16594e6ab081f6d6203e4caa7d549

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\9a545f39-f62a-464f-8912-0597b739b221\index

                                                                                                                          Filesize

                                                                                                                          24B

                                                                                                                          MD5

                                                                                                                          54cb446f628b2ea4a5bce5769910512e

                                                                                                                          SHA1

                                                                                                                          c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

                                                                                                                          SHA256

                                                                                                                          fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

                                                                                                                          SHA512

                                                                                                                          8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                          Filesize

                                                                                                                          89B

                                                                                                                          MD5

                                                                                                                          8843437d7f38ab30de51996c2d119201

                                                                                                                          SHA1

                                                                                                                          3728e44197514e93970905c5d5f45fb9a71ca6e4

                                                                                                                          SHA256

                                                                                                                          64cb14bd64ecd1b364d2ec5559a84bca9f30124d737b9e137a844cffb7e37fff

                                                                                                                          SHA512

                                                                                                                          ec69b6c0958be16052aa620e4f427145ea50076562c397b0dcf419cba54f069c155248f1d78071be8000c2e234b1a7a9c7e6ec688f61e7389049416590067b1d

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                          Filesize

                                                                                                                          146B

                                                                                                                          MD5

                                                                                                                          eb445c7d7b7ce8bf92a4f9f666da222c

                                                                                                                          SHA1

                                                                                                                          a9c71b8975c7a84fe8909994870eb0477a507781

                                                                                                                          SHA256

                                                                                                                          5a79438aca298b7c1b73e83d09345e30d00f80feaab45ffdad56f815557dfd71

                                                                                                                          SHA512

                                                                                                                          c254ec731e7cbbcf583c58ddb3cdf8a0e02614612f16de171a66ab49f3206ce11e3c08aa1a4fb4564040c3f9fe343a68a2e4ac69b2c95027662467624d5a35d5

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                          Filesize

                                                                                                                          82B

                                                                                                                          MD5

                                                                                                                          b632a0bcd7f0999220b4f6e69854dd83

                                                                                                                          SHA1

                                                                                                                          a83d21b2b10d28def54d9318c071d65b93e6410d

                                                                                                                          SHA256

                                                                                                                          3d3ab6672660fa2cfa4795093f2c5459ac001e554e7473ae591402f2ddcc4135

                                                                                                                          SHA512

                                                                                                                          f97506e6bca88f6db80dc4527db0f55dc98fb84b4a4aefd44c5b3bfc4a0da2977120ab8e2bb42dae882c3952fe23c521a82658c15fd0d660ca7dc3c4ac9ae1de

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                          Filesize

                                                                                                                          146B

                                                                                                                          MD5

                                                                                                                          a895db1022b9e417c029e5716482df8a

                                                                                                                          SHA1

                                                                                                                          1140cca28739be91d992d0dffbf2b1bb94ccce34

                                                                                                                          SHA256

                                                                                                                          c56911c01307b15335ea6c7084ca2475d98bd3c1dd52620becdfa42293079f41

                                                                                                                          SHA512

                                                                                                                          5282c508aa01bd8611256e134236cd61ff8a27ce3844fd94c524973ca8293127fd2c09a42ec31061402c441448aa65651aa38b55732261b3550edd528ec82de3

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

                                                                                                                          Filesize

                                                                                                                          41B

                                                                                                                          MD5

                                                                                                                          5af87dfd673ba2115e2fcf5cfdb727ab

                                                                                                                          SHA1

                                                                                                                          d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                                                                          SHA256

                                                                                                                          f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                                                                          SHA512

                                                                                                                          de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                                                                                                          Filesize

                                                                                                                          72B

                                                                                                                          MD5

                                                                                                                          3fa3ecb4b6d971ba0da4d175abf35932

                                                                                                                          SHA1

                                                                                                                          1f54199fc48ec50994f49567ec4b810a443836b1

                                                                                                                          SHA256

                                                                                                                          f0607cb7312f6006d555ee3fd89545803febfb1ee67a2ae5d55d04e08e5ecdf3

                                                                                                                          SHA512

                                                                                                                          bf63280812662decac574b3de3b16774442e51aa5d5a0f5a39b10bb195db07f743f5d8b6c4146a16bef5477a2c7398c887eca6d82ee1cd743cbd6a5de5b563df

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57ffbd.TMP

                                                                                                                          Filesize

                                                                                                                          48B

                                                                                                                          MD5

                                                                                                                          b1c9fec64f60333a8df51179d03244ff

                                                                                                                          SHA1

                                                                                                                          be67f9605aa7fd0b58a3b1eaf4c87091f23f7a2a

                                                                                                                          SHA256

                                                                                                                          5fab2ab4c56080961bbc2e4f8006fa10ca24ac0e82ad1f77793531a5a2c4dc80

                                                                                                                          SHA512

                                                                                                                          cad4ca76db56f28458891eda53fc90f6de16e8a41cf89fb37b81c51457abea91f27529f8a3105e6fb9c0b12813d26083fe1df97af4b45f31eeb35e81c977d48b

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                          Filesize

                                                                                                                          1KB

                                                                                                                          MD5

                                                                                                                          1f2642c2c112af84bccbeed3ada281d8

                                                                                                                          SHA1

                                                                                                                          e0129d305d2bf22d89a02acc3a7467009c08ee01

                                                                                                                          SHA256

                                                                                                                          71d9ff0ad0f24e551aefbd7b1221e6dca9199f393658d8a835c44cb3aa960838

                                                                                                                          SHA512

                                                                                                                          902d3a1054953450ef52859fc4319f15e053edd7e35e0f7a52ea81de538844b5eaf45433575edca44c9d61778d776955f446d30970d89c1c09ed6697aa4cfc9b

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                          Filesize

                                                                                                                          1KB

                                                                                                                          MD5

                                                                                                                          ce541552a729bac4f8d907854324d489

                                                                                                                          SHA1

                                                                                                                          8e7bd3bde888fa5837ac1961fadd2c6f604e4779

                                                                                                                          SHA256

                                                                                                                          66f397e2c5a75c3bf08054288044c1dbb55f508168e4e4681ab016df917ad1d5

                                                                                                                          SHA512

                                                                                                                          0f9a5bb0472dc0616b95c97952d6d9452c73beaad9c416653d9112461ba58105a422781d86afbac8fb2f07ad42da72d359c59775f229667f18a263429bb468ca

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                          Filesize

                                                                                                                          1KB

                                                                                                                          MD5

                                                                                                                          d538f1cf13fbe946c6d51ecc9f91ddb7

                                                                                                                          SHA1

                                                                                                                          72470137fa6f275acccb30c2d5f728e48799960c

                                                                                                                          SHA256

                                                                                                                          e32f66bda957765b03d4aa74c8b0ca7ba60fcc0210a05114c8d4594540a40cd3

                                                                                                                          SHA512

                                                                                                                          fc4e6cb6660b7a99413c8aa5eb7cf399f9966ac3957ec5d3ccd469f12551ff9326458880422854fec7f2863944c50bddd37242d24d3273f41cf536f6019d4df6

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                          Filesize

                                                                                                                          1KB

                                                                                                                          MD5

                                                                                                                          c434d6b971add89e78683b0d7056d3a1

                                                                                                                          SHA1

                                                                                                                          0936c9c3930656f94dae1dc0373cabf4fa105b07

                                                                                                                          SHA256

                                                                                                                          103b13036924301582b6e2f608267f7b8ab7bd29c3916f686e27aa6faf62ef55

                                                                                                                          SHA512

                                                                                                                          f61c406508ef2339080bd3f23b18d40ab2c9f8f943010720646d8aad2d4beac9801a175a2082975df7270b9c2055078a42cd04331fd9b9dcde0b0ac527caef5c

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                          Filesize

                                                                                                                          1KB

                                                                                                                          MD5

                                                                                                                          3191d0a8408544acc60dfd06a407094b

                                                                                                                          SHA1

                                                                                                                          d3baf087396052ebcb10d1ebed44d280b9c735e1

                                                                                                                          SHA256

                                                                                                                          6ca360f052671b56de7a8471b914ad02d30a73c9c217696984bd72a72ce683d3

                                                                                                                          SHA512

                                                                                                                          8d0697124aff4d5c40bdd36bd585fc2583a75ddd8fdcdf47459490319b09b9b2fb03fa934466ad387a31a1e5a1b955f2b17fc4c2a0014e7e85817a6d11b6f7f1

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe579dd6.TMP

                                                                                                                          Filesize

                                                                                                                          1KB

                                                                                                                          MD5

                                                                                                                          ec9b6532af5da88661ee81ff94034b30

                                                                                                                          SHA1

                                                                                                                          67fa10a9f85a7cd71ecf0561a210159877254217

                                                                                                                          SHA256

                                                                                                                          44d2abc4ca525adfc99fb1f789cd1af9fa387cd9c6343a4b70df04e8dfe654b8

                                                                                                                          SHA512

                                                                                                                          79a251b81bfb0eb5d65e1970816e1e1c0d54369a1ac2a1aa6ba90453b0597fd09ac2575c53f38820a126c96f95f6d43e03c24849272fd02ed0a8684dba20e046

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                                                                                          Filesize

                                                                                                                          16B

                                                                                                                          MD5

                                                                                                                          6752a1d65b201c13b62ea44016eb221f

                                                                                                                          SHA1

                                                                                                                          58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                                                          SHA256

                                                                                                                          0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                                                          SHA512

                                                                                                                          9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                          Filesize

                                                                                                                          2KB

                                                                                                                          MD5

                                                                                                                          768dc9018ec9eb767f52c32a9a2bfa4a

                                                                                                                          SHA1

                                                                                                                          adb5dde6450cb2b8c52b5668efe7e44129281d02

                                                                                                                          SHA256

                                                                                                                          28f784c60d5059ad5e132b6288d01822b2d22211fe8d44d0bb10861734b3d9db

                                                                                                                          SHA512

                                                                                                                          872f279c6594f924c900f6ae1fb64ff17b6b7a3b3b8c6ce30e49f0c661c2d457bd4150e6c9a3823c3bfafe39fae8106aea0afc1a792c5c1dd1a199f5ac1550eb

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                          Filesize

                                                                                                                          2KB

                                                                                                                          MD5

                                                                                                                          e811500b40292b57b25d39cbdda54ef8

                                                                                                                          SHA1

                                                                                                                          e802521fdfa8b50b4f88a799182ed4dc866f629d

                                                                                                                          SHA256

                                                                                                                          7deaf968655a85c6fcab910a5c25ce093f3f0cf42a6fcc1487f0bd0efbb05ea6

                                                                                                                          SHA512

                                                                                                                          579e3ee40d047e961477f861a09faf61a2268a614cf4ae54b57cbd426d92209e6f6577ee0336ec97dd1ec58c269bf3d13fb229966392e0f9e5bafaac904dc71a

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                          Filesize

                                                                                                                          2KB

                                                                                                                          MD5

                                                                                                                          9450eb853e785f67384e24d0baf27129

                                                                                                                          SHA1

                                                                                                                          ec151e8974d23bc83e0b02cbb2d0d0031dcfa814

                                                                                                                          SHA256

                                                                                                                          ae8f39160138186b52741b38838f4bb57f20ba78b0b7669d5d4d17d9d65b0537

                                                                                                                          SHA512

                                                                                                                          e3e044ed7de5ee4f54b2f2c59ddba2789e8d1c1ce33d0a0665e93e036309029fe0fa1b9f9f7e5b19d056f4da80c679c3d19c784fe7e74674ab903548050b1463

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                          Filesize

                                                                                                                          2KB

                                                                                                                          MD5

                                                                                                                          92ff772952b39aff9d3e6aeedff221fd

                                                                                                                          SHA1

                                                                                                                          b9250b2ef94397ddff98389b00af2c3fe7b0ce79

                                                                                                                          SHA256

                                                                                                                          c4a300d74103129056df975764349d2ea4eedb5dcce40f2ff7a3a094b854ed2c

                                                                                                                          SHA512

                                                                                                                          ca7675a00d0702a06716be11a9a938ffcb363416926b17d142105f70256d5deba90afe6d4d6cfd6b5d3dd0cc47f46f646db65a55c7d709213c415855cbaa40cf

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                          Filesize

                                                                                                                          2KB

                                                                                                                          MD5

                                                                                                                          36c26ba0a9152f24b7ac4a315c16d8cc

                                                                                                                          SHA1

                                                                                                                          2bc5c693f0f935df9725fc9939e888c09cd27bc9

                                                                                                                          SHA256

                                                                                                                          d2a2c33f0951250b0bb46f996359553c30ed697ca7540b960c92296464143e7d

                                                                                                                          SHA512

                                                                                                                          2202e3d522b52705cd81806c753bbff35ae903e3d50f8a32ed439cc6284e390bd35e99120f64d3deb8220da7ca9406a2dc85808bd5098107cf53768e578a05f7

                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                          Filesize

                                                                                                                          10KB

                                                                                                                          MD5

                                                                                                                          9aff622d91346743e71cb2a7cb3ed496

                                                                                                                          SHA1

                                                                                                                          80a412968e85bef3d28220f46bbf15bb3926c5f1

                                                                                                                          SHA256

                                                                                                                          c862a2ced2bf82ce90abcea306fdecbd38e7d15a67699ba464d4842ddfed8358

                                                                                                                          SHA512

                                                                                                                          a9dd76f5ea3201750b6feefc2ac8cb60101c4a9d9069daa9ab32e3e90bd0749c1e752ae8db0b16ca4e527478595b6f75ec5d9b4c26111d74a84713fba88baebb

                                                                                                                        • C:\Users\Admin\AppData\Local\Temp\tmpaddon

                                                                                                                          Filesize

                                                                                                                          442KB

                                                                                                                          MD5

                                                                                                                          85430baed3398695717b0263807cf97c

                                                                                                                          SHA1

                                                                                                                          fffbee923cea216f50fce5d54219a188a5100f41

                                                                                                                          SHA256

                                                                                                                          a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

                                                                                                                          SHA512

                                                                                                                          06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

                                                                                                                        • C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

                                                                                                                          Filesize

                                                                                                                          2.8MB

                                                                                                                          MD5

                                                                                                                          5f232566916657c701a4a67debd6f16f

                                                                                                                          SHA1

                                                                                                                          21ff935abd89f292d8843d95e5cf3694a56d2db3

                                                                                                                          SHA256

                                                                                                                          ad9ee15beaf63d1bde5bbfb4666b48bf1196b4e5b45bdd7aade58a86219267cd

                                                                                                                          SHA512

                                                                                                                          9324156a669067835974dfdd2d96b67e799db731ad8026868cf4871e89ed0a0ed436e3406556257f09ce4730472d82f53eebe006009e50d99df4e847632318f0

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\datareporting\glean\db\data.safe.bin

                                                                                                                          Filesize

                                                                                                                          2KB

                                                                                                                          MD5

                                                                                                                          06b01d83feb19e73d5755a244700fca8

                                                                                                                          SHA1

                                                                                                                          863879146a11e60e6a1a671b842f5ee9ae7f5e96

                                                                                                                          SHA256

                                                                                                                          36f488494cce2f3a46e8ef77710cbb1eacc36f9432818602d54eca92e91b5354

                                                                                                                          SHA512

                                                                                                                          a2c6d48322079c75069ef5d8a1b269a78637ca0a3723d0e91e84a32e0d568411786a88c0fb1f2cfe9c0685310d9cd6dfc1dbd817e8df1a93f66eb56a988c6766

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\datareporting\glean\pending_pings\01c6c0b7-dcb4-43ba-9d0d-3f9c98c9fd37

                                                                                                                          Filesize

                                                                                                                          10KB

                                                                                                                          MD5

                                                                                                                          2a03b18260f091a37f5806cf432d6f94

                                                                                                                          SHA1

                                                                                                                          10c83f3748adf3d2d6b718a1ba7319e80057f758

                                                                                                                          SHA256

                                                                                                                          3e056e57e5a8cc58b266571fd652f99beccbde1d864f3e30bd14177a9dad2d68

                                                                                                                          SHA512

                                                                                                                          ed8016c87e7e7a4f86ba007a1d70be9f9b1b7c03721052ba964ecd40a7e208fd2f1b342eb77738c366ee74f1f82d9d4124ed71fd97b5dbfbe1a125f1998979e8

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\datareporting\glean\pending_pings\d8fec8f7-18e9-4f3e-b0f9-164c446102df

                                                                                                                          Filesize

                                                                                                                          746B

                                                                                                                          MD5

                                                                                                                          9fde763a6d89965fa5c2f52ae2f49cb3

                                                                                                                          SHA1

                                                                                                                          c48147349674fb4ce660cc4172f98ad037bd69d5

                                                                                                                          SHA256

                                                                                                                          254529330ad19aa74f447a04ddcc9f4313fba05f8891cf6765d3a6d0cf383bfc

                                                                                                                          SHA512

                                                                                                                          035dbc4695d5195f51a05509224876ed0f9594fa17367a039c8bbb842dca16b88cb23877dc9b1981565ff7feaa6dba280aa25b359cd2736d65166ed605da55e1

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

                                                                                                                          Filesize

                                                                                                                          997KB

                                                                                                                          MD5

                                                                                                                          fe3355639648c417e8307c6d051e3e37

                                                                                                                          SHA1

                                                                                                                          f54602d4b4778da21bc97c7238fc66aa68c8ee34

                                                                                                                          SHA256

                                                                                                                          1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

                                                                                                                          SHA512

                                                                                                                          8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

                                                                                                                          Filesize

                                                                                                                          116B

                                                                                                                          MD5

                                                                                                                          3d33cdc0b3d281e67dd52e14435dd04f

                                                                                                                          SHA1

                                                                                                                          4db88689282fd4f9e9e6ab95fcbb23df6e6485db

                                                                                                                          SHA256

                                                                                                                          f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

                                                                                                                          SHA512

                                                                                                                          a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

                                                                                                                          Filesize

                                                                                                                          479B

                                                                                                                          MD5

                                                                                                                          49ddb419d96dceb9069018535fb2e2fc

                                                                                                                          SHA1

                                                                                                                          62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

                                                                                                                          SHA256

                                                                                                                          2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

                                                                                                                          SHA512

                                                                                                                          48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

                                                                                                                          Filesize

                                                                                                                          372B

                                                                                                                          MD5

                                                                                                                          8be33af717bb1b67fbd61c3f4b807e9e

                                                                                                                          SHA1

                                                                                                                          7cf17656d174d951957ff36810e874a134dd49e0

                                                                                                                          SHA256

                                                                                                                          e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

                                                                                                                          SHA512

                                                                                                                          6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

                                                                                                                          Filesize

                                                                                                                          5.2MB

                                                                                                                          MD5

                                                                                                                          b192f6624f7e0ec05de42cee8282951a

                                                                                                                          SHA1

                                                                                                                          7c5cfba7fc4151eeb321573454d3e7ca8f328a93

                                                                                                                          SHA256

                                                                                                                          7594563767c6d2424c5de2dbd69b3e83181f59a4aba3f48e1ccabb3a12336fe3

                                                                                                                          SHA512

                                                                                                                          ed80f495561c1a06d74efee10dbf2be3b79e15527cf21b6be0b3f67e1777f3b431018cb5112caf7e823982f3012bc85a4447656a5394d462f9af7c203e619f71

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

                                                                                                                          Filesize

                                                                                                                          1KB

                                                                                                                          MD5

                                                                                                                          688bed3676d2104e7f17ae1cd2c59404

                                                                                                                          SHA1

                                                                                                                          952b2cdf783ac72fcb98338723e9afd38d47ad8e

                                                                                                                          SHA256

                                                                                                                          33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

                                                                                                                          SHA512

                                                                                                                          7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

                                                                                                                          Filesize

                                                                                                                          1KB

                                                                                                                          MD5

                                                                                                                          937326fead5fd401f6cca9118bd9ade9

                                                                                                                          SHA1

                                                                                                                          4526a57d4ae14ed29b37632c72aef3c408189d91

                                                                                                                          SHA256

                                                                                                                          68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

                                                                                                                          SHA512

                                                                                                                          b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\prefs-1.js

                                                                                                                          Filesize

                                                                                                                          6KB

                                                                                                                          MD5

                                                                                                                          24cf5a94d097b1932f3f645f72c56d7c

                                                                                                                          SHA1

                                                                                                                          cd17311860fb2fbec71121652b38df146e02ecda

                                                                                                                          SHA256

                                                                                                                          d62f8bc1facfc585918da3b25d0cf0930b2f49410712530ad5c5265d792dc0c0

                                                                                                                          SHA512

                                                                                                                          1da07790ed69164957b7f396eb6447e1637bab375acea64166d1da2b59ab124b4587ce51af93487286c2e6323adab88fe807de7702c95f4f127df984592d311a

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\prefs-1.js

                                                                                                                          Filesize

                                                                                                                          6KB

                                                                                                                          MD5

                                                                                                                          18647d7ebaa9da0bc95c01074460962f

                                                                                                                          SHA1

                                                                                                                          8bf85d1db40ddad0b0e17007d9339cfe1fa8fb30

                                                                                                                          SHA256

                                                                                                                          7a3e2782b715d7a553095442ebb35ea87b958ad9968fb1e3efe50f8dfe7736b0

                                                                                                                          SHA512

                                                                                                                          aa93ea55df1df8cb50f3b8dfbdbb11c1c2992f8fa6a4840fb29fdcae96002bfbbc19374137f2559e18e1f0798fc1696908ea7a5eb7588dc37545f316df8576d5

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\prefs-1.js

                                                                                                                          Filesize

                                                                                                                          7KB

                                                                                                                          MD5

                                                                                                                          6a55354c7d99d6dfdea8222eb674b7f1

                                                                                                                          SHA1

                                                                                                                          fcd11f8434d764a314a7569e61422282c94d28af

                                                                                                                          SHA256

                                                                                                                          cf66db14e7938443ee4b86024cf855dd025f2d74c1c97b9bf47985f814a5a434

                                                                                                                          SHA512

                                                                                                                          0693ac99e87c9f83473e293a766192389b0e5cb8a1b118403f390100a8a1a1fdd9e67254ef44f2b4d5ff4b09060e5ecc4df5eb52a89c34a7935d4d0f819f071e

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\prefs.js

                                                                                                                          Filesize

                                                                                                                          6KB

                                                                                                                          MD5

                                                                                                                          6694329a800e7a59ac23ce6fca089dc3

                                                                                                                          SHA1

                                                                                                                          0e7ce84a0eeea28af09db546c9c8dac931e0f414

                                                                                                                          SHA256

                                                                                                                          781c401158dcb72f6f67285cbe9a722903e724acddd53f9731f873be6ecda251

                                                                                                                          SHA512

                                                                                                                          21863515c7a70ebc06fdb64c76100b4fc2df931424429e1a3a17be96f560b39c66b8ffb71c577132ecf62f9b45b5d219468047d5857fd7db4a17cf01f19597b4

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\prefs.js

                                                                                                                          Filesize

                                                                                                                          6KB

                                                                                                                          MD5

                                                                                                                          462e15a38cb4f4728018edb44a2464ea

                                                                                                                          SHA1

                                                                                                                          4f4db3008f46f9db0df541458b6e292bd294fd9a

                                                                                                                          SHA256

                                                                                                                          82cab9a9849d19f3bd4b567e5587e20f6f13911f3a6073cbe6086d42c2205377

                                                                                                                          SHA512

                                                                                                                          41681bb3f4b97f5a3ba64b6c6cbd018f06bb76111f35a40440f4a087dc65b6e5e382d3def48cbe37df13785686b8726fddcf72d7c7c68fe666b10a83ea00fc24

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionstore-backups\recovery.jsonlz4

                                                                                                                          Filesize

                                                                                                                          1KB

                                                                                                                          MD5

                                                                                                                          8f9ce682e84e448d36918ae959e12e3b

                                                                                                                          SHA1

                                                                                                                          00c45ff227c9653cc47befb9cddaf07943d12ce1

                                                                                                                          SHA256

                                                                                                                          fc848631cebaa40fb9ef0e1e01875a3c9fb5874806569af9cadb05074be62e1d

                                                                                                                          SHA512

                                                                                                                          57f75735508ce01a843714aa780a2f7f031c39b43e766304ccdd345cb66af2a8cc16cb54122afedc92f5349d951f737e290b1d7593d068c304b26e6b4382a0d2

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionstore-backups\recovery.jsonlz4

                                                                                                                          Filesize

                                                                                                                          6KB

                                                                                                                          MD5

                                                                                                                          5186e7d5704a1d8f3ca34da44cbb1682

                                                                                                                          SHA1

                                                                                                                          5ed8a58ddf42a82137e5d7983630c6117f116299

                                                                                                                          SHA256

                                                                                                                          9ff75ce70a76d03f10bf25cf7782cd3e6098e92b7697dc5e3b72cec9bb7708b3

                                                                                                                          SHA512

                                                                                                                          c22a9f93185a6305bf2bbc41590a72e53d047af3484033d18abe91d174a77a3fc61685d6d555c457c573988d224d00caa1a11d555df6681d34b162e349d2a0a7

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionstore-backups\recovery.jsonlz4

                                                                                                                          Filesize

                                                                                                                          6KB

                                                                                                                          MD5

                                                                                                                          3aa4e312981bb007216b1bba7a5db04e

                                                                                                                          SHA1

                                                                                                                          5401ceccac2c4fd1bbf4905183fe2046e02ce060

                                                                                                                          SHA256

                                                                                                                          c20cc635ce7be85522a5fc8edde80e85bad720a8f5986472d9107d1cecef4671

                                                                                                                          SHA512

                                                                                                                          922e261a133906fafc41655c924774f7e9f9733d9753b08dc6d5e0bbf9a8f2937c40e27ba94ded9cd39fc1d629214cff1f78f2c511d19b6407bfeff09e3553e9

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionstore-backups\recovery.jsonlz4

                                                                                                                          Filesize

                                                                                                                          6KB

                                                                                                                          MD5

                                                                                                                          edbeeab36c9b04130f3601559c707110

                                                                                                                          SHA1

                                                                                                                          378d9361a64c7d9f07a1172f29a4a756a4b4e469

                                                                                                                          SHA256

                                                                                                                          da623bf84262c7cde71d4eee40d71ff7860c5c9ab1b419ec51f40ceb195bc820

                                                                                                                          SHA512

                                                                                                                          8af5525ed9e432a8ce4d8dee0f6fffde78aee8e0f9e89b82bd2866edce816e8f1ca24422577cd23874dd075ef71b3afa54b9f70683f1a9596e025d57766b4b9e

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\storage\default\https+++www.youtube.com\cache\morgue\104\{3cfae486-d8e3-4001-91c2-46c8e8929268}.final

                                                                                                                          Filesize

                                                                                                                          465B

                                                                                                                          MD5

                                                                                                                          2300eafff09d478fbf68f49fdafbff49

                                                                                                                          SHA1

                                                                                                                          12f127da15a69beece4f71f600975e0503c77ce1

                                                                                                                          SHA256

                                                                                                                          f8c94c9f9dd4455eb89053d024bfd28afa482a9c697732ce5acb2df3144e885f

                                                                                                                          SHA512

                                                                                                                          93d447b0a87e4c25dbca71a80a198693b12c684c0a96b370693d693899230460bbd8c85c137dcc0b4872bd2d85fd0d10bfe3f4137c1b08f01da3a9bbfa481447

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\storage\default\https+++www.youtube.com\cache\morgue\202\{4def5282-d3c3-4f39-8d3a-be57584f7eca}.final

                                                                                                                          Filesize

                                                                                                                          192B

                                                                                                                          MD5

                                                                                                                          2a252393b98be6348c4ba18003cc3471

                                                                                                                          SHA1

                                                                                                                          40f75302fcbe4a8ac2e33a8d9daf801abc2a9598

                                                                                                                          SHA256

                                                                                                                          04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee

                                                                                                                          SHA512

                                                                                                                          07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\storage\default\https+++www.youtube.com\idb\595286561yCt7-%iCt7-%rdedsepco.sqlite

                                                                                                                          Filesize

                                                                                                                          48KB

                                                                                                                          MD5

                                                                                                                          57f6e2f5d7715327696f1ff4639454f6

                                                                                                                          SHA1

                                                                                                                          3b4e46afd57487c2ae45330ad661ea69d1130340

                                                                                                                          SHA256

                                                                                                                          9bd062b10db755853a62901e0ec6e57690a2075920d17a6b3439d4eecc3c73b6

                                                                                                                          SHA512

                                                                                                                          d2a542591f5926003d4ec107a05f9b81169fe294d9a370c659fdaa15f541ffe2113083732093cb723c3e6cd054cf4fa5d4d9135ebc3f3f52926ac55504b17e7f

                                                                                                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

                                                                                                                          Filesize

                                                                                                                          184KB

                                                                                                                          MD5

                                                                                                                          8eff070195653e2a131a916680cd18c2

                                                                                                                          SHA1

                                                                                                                          7f5dc88fc5d5969b25d5e75cccabd37362b31a94

                                                                                                                          SHA256

                                                                                                                          61c22934bcca9275d3aa4a9548828b028aaa84a0c1d977d50daeb889e02dbfd3

                                                                                                                          SHA512

                                                                                                                          18ed6beca1a23e74571ee365b3c5e1b92686188178fa5481d41dd4c991286d5b3599613a870a8d371eb886f82b1b5e35be10ae82b0a95452a53f9cffed73f507

                                                                                                                        • \??\pipe\LOCAL\crashpad_2284_KTTJKUDXLRSZHCCS

                                                                                                                          MD5

                                                                                                                          d41d8cd98f00b204e9800998ecf8427e

                                                                                                                          SHA1

                                                                                                                          da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                                                                          SHA256

                                                                                                                          e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                                                                          SHA512

                                                                                                                          cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e