Analysis Overview
SHA256
cf1c6c9cd6fe79284928b6e3fbe50e8382f486fedf5e0f982156c1807a8f341a
Threat Level: Known bad
The file cf1c6c9cd6fe79284928b6e3fbe50e8382f486fedf5e0f982156c1807a8f341a.exe was found to be: Known bad.
Malicious Activity Summary
Detected google phishing page
Checks computer location settings
AutoIT Executable
Unsigned PE
Enumerates physical storage devices
Modifies Internet Explorer settings
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
Suspicious use of SendNotifyMessage
Modifies registry class
Suspicious use of FindShellTrayWindow
Uses Task Scheduler COM API
Checks processor information in registry
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-02-06 14:49
Signatures
AutoIT Executable
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-06 14:49
Reported
2024-02-06 14:51
Platform
win7-20231129-en
Max time kernel
50s
Max time network
149s
Command Line
Signatures
Detected google phishing page
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{E1D27721-C4FE-11EE-8DE4-FA7CD17678B7} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath = "C:\\Users\\Admin\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 707ce8b70b59da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000046332ab722508540bf00312f0a24f120000000000200000000001066000000010000200000008c494182c66b8a79f791827183e9cbee14c09d7b4153e3d7405bc153c7abcfa3000000000e8000000002000020000000bc9e08477a9ee69029c8a3b10f2bf7b3174ba20f806475e9eb754e901b460ca620000000ef657896464a117c783fa8ebb0282174cf6c4e32818fd411293d67fe1707b65f40000000795be934a249ece203603b95965bbfd32f0f5faa80dbdd7138a97946807bbac9183bf00218f08a366651184d61ec92fd0fec64eb1bcbd5a3d0f97733439af28a | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{E1D015C1-C4FE-11EE-8DE4-FA7CD17678B7} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000046332ab722508540bf00312f0a24f12000000000020000000000106600000001000020000000f33d9b61c8f80ef4a18763ac282617f8f654207051134fbb0bdf23fcc89dd26c000000000e80000000020000200000008d8b3adbd997ee722f8ff702abe040167c472318d995e92f0b275795762be4f69000000026396666e2e6cbd5e497d1f83ef3c63ddf56a05edd40e1e52c93e3a2ad34fbec32b2ffd2a0ae5cff4fbbe0c2273a1281cbd508297a5a3e3581983a994694b28c3c9f10fc23140fd2561a0f6c8052c02eb8268e74b508dc60d1fe547917607c742e535625d609b6cc1d06fa5ca8b8bc8481420771b37cf6b09ae586a3087c66793b8a24de457b3e3af97566359ced4d9e400000003d9fa034a0557f3b6e5173448b7bf541b0b40541842de4c02bc3f7969b0e856a989e1ffb85e74548f3eb819c3daf7a882fd1d44755bc76301889ae27b799ad47 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\cf1c6c9cd6fe79284928b6e3fbe50e8382f486fedf5e0f982156c1807a8f341a.exe
"C:\Users\Admin\AppData\Local\Temp\cf1c6c9cd6fe79284928b6e3fbe50e8382f486fedf5e0f982156c1807a8f341a.exe"
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/login
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2824 CREDAT:275457 /prefetch:2
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2884 CREDAT:275457 /prefetch:2
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2996 CREDAT:275457 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/login
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6b89758,0x7fef6b89768,0x7fef6b89778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6b89758,0x7fef6b89768,0x7fef6b89778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6b89758,0x7fef6b89768,0x7fef6b89778
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1080.0.1071571423\616427978" -parentBuildID 20221007134813 -prefsHandle 1228 -prefMapHandle 1120 -prefsLen 20600 -prefMapSize 233275 -appDir "C:\Program Files\Mozilla Firefox\browser" - {26bf5dac-0c19-4e0a-a823-751bc662e7f5} 1080 "\\.\pipe\gecko-crash-server-pipe.1080" 1340 100d5a58 gpu
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1184 --field-trial-handle=1208,i,18181445383183436962,15462407002118773914,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1068 --field-trial-handle=1284,i,9482383259625434705,6051003833086501440,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1104 --field-trial-handle=1324,i,3336979372000837731,9965575553479582776,131072 /prefetch:2
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1080.1.496045151\1373499386" -parentBuildID 20221007134813 -prefsHandle 1520 -prefMapHandle 1516 -prefsLen 21461 -prefMapSize 233275 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5890fdcf-3a6a-4a76-a141-3e5d86b7f972} 1080 "\\.\pipe\gecko-crash-server-pipe.1080" 1548 42eb558 socket
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1604 --field-trial-handle=1284,i,9482383259625434705,6051003833086501440,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1524 --field-trial-handle=1208,i,18181445383183436962,15462407002118773914,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1472 --field-trial-handle=1324,i,3336979372000837731,9965575553479582776,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1508 --field-trial-handle=1284,i,9482383259625434705,6051003833086501440,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2248 --field-trial-handle=1284,i,9482383259625434705,6051003833086501440,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2280 --field-trial-handle=1284,i,9482383259625434705,6051003833086501440,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2564 --field-trial-handle=1284,i,9482383259625434705,6051003833086501440,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2584 --field-trial-handle=1284,i,9482383259625434705,6051003833086501440,131072 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1080.2.683654617\2062555952" -childID 1 -isForBrowser -prefsHandle 2244 -prefMapHandle 2240 -prefsLen 21499 -prefMapSize 233275 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5adb277e-f766-4ccf-a785-ad446aaf75fc} 1080 "\\.\pipe\gecko-crash-server-pipe.1080" 2256 17cf6b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1080.3.1702377471\1962341614" -childID 2 -isForBrowser -prefsHandle 2844 -prefMapHandle 2840 -prefsLen 25956 -prefMapSize 233275 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {351e1f24-5982-49a6-b269-c927fb7e5853} 1080 "\\.\pipe\gecko-crash-server-pipe.1080" 2856 1cea3d58 tab
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3348 --field-trial-handle=1284,i,9482383259625434705,6051003833086501440,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1384 --field-trial-handle=1284,i,9482383259625434705,6051003833086501440,131072 /prefetch:2
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1080.4.1829551218\397325281" -childID 3 -isForBrowser -prefsHandle 1920 -prefMapHandle 3692 -prefsLen 26212 -prefMapSize 233275 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {791363e5-1b18-483e-b391-c6055a4fc52e} 1080 "\\.\pipe\gecko-crash-server-pipe.1080" 3716 1f2ca358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1080.5.1406971565\1723852674" -childID 4 -isForBrowser -prefsHandle 1920 -prefMapHandle 3692 -prefsLen 26212 -prefMapSize 233275 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {840c6896-eb01-4c5e-8b82-105b7886a080} 1080 "\\.\pipe\gecko-crash-server-pipe.1080" 3808 1ee82958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1080.6.369583538\1588134496" -childID 5 -isForBrowser -prefsHandle 3732 -prefMapHandle 3736 -prefsLen 26212 -prefMapSize 233275 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1c6845ef-3887-4c59-ac98-afc30fca6e76} 1080 "\\.\pipe\gecko-crash-server-pipe.1080" 3924 1ee82c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1080.7.1602671421\2702139" -childID 6 -isForBrowser -prefsHandle 3808 -prefMapHandle 4012 -prefsLen 26212 -prefMapSize 233275 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {45c0e49e-59e9-45b3-ba7b-c5f50fb94862} 1080 "\\.\pipe\gecko-crash-server-pipe.1080" 4112 1f2c9458 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1080.8.568508811\877818714" -childID 7 -isForBrowser -prefsHandle 4140 -prefMapHandle 4200 -prefsLen 26212 -prefMapSize 233275 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3d940afd-da67-473b-91fd-f9ab9c326deb} 1080 "\\.\pipe\gecko-crash-server-pipe.1080" 4396 1fd39b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1080.9.938746827\1143826242" -childID 8 -isForBrowser -prefsHandle 4480 -prefMapHandle 4484 -prefsLen 26212 -prefMapSize 233275 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {690b5026-9950-4f17-8229-5a4ef1f7edaf} 1080 "\\.\pipe\gecko-crash-server-pipe.1080" 4468 1fd69558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1080.10.1414833474\85056532" -parentBuildID 20221007134813 -prefsHandle 4760 -prefMapHandle 4764 -prefsLen 26212 -prefMapSize 233275 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ac85a3aa-7ea3-4b4e-9abc-b212e0c6916d} 1080 "\\.\pipe\gecko-crash-server-pipe.1080" 4776 20b52958 rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1080.11.1237764233\1423972572" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 4872 -prefMapHandle 4868 -prefsLen 26387 -prefMapSize 233275 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9b624b79-3409-48cb-bb57-e61b83942ba5} 1080 "\\.\pipe\gecko-crash-server-pipe.1080" 4884 20d1a158 utility
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3424 --field-trial-handle=1284,i,9482383259625434705,6051003833086501440,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4284 --field-trial-handle=1284,i,9482383259625434705,6051003833086501440,131072 /prefetch:8
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1080.12.602143440\1619051831" -childID 9 -isForBrowser -prefsHandle 5200 -prefMapHandle 3580 -prefsLen 26387 -prefMapSize 233275 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7a79b21f-dfb9-4308-8487-25564fe8fcc8} 1080 "\\.\pipe\gecko-crash-server-pipe.1080" 5212 20e8f958 tab
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | facebook.com | udp |
| GB | 163.70.147.35:443 | facebook.com | tcp |
| GB | 163.70.147.35:443 | facebook.com | tcp |
| US | 8.8.8.8:53 | fbcdn.net | udp |
| GB | 163.70.147.35:443 | fbcdn.net | tcp |
| GB | 163.70.147.35:443 | fbcdn.net | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | fbsbx.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 163.70.147.35:443 | fbsbx.com | tcp |
| GB | 163.70.147.35:443 | fbsbx.com | tcp |
| US | 8.8.8.8:53 | accounts.youtube.com | udp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| NL | 23.72.254.165:80 | www.bing.com | tcp |
| NL | 23.72.254.165:80 | www.bing.com | tcp |
| GB | 92.123.128.149:80 | www.bing.com | tcp |
| GB | 92.123.128.149:80 | www.bing.com | tcp |
| GB | 92.123.128.150:80 | www.bing.com | tcp |
| GB | 92.123.128.150:80 | www.bing.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 44.238.194.110:443 | location.services.mozilla.com | tcp |
| FR | 157.240.202.35:443 | www.facebook.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | locprod2-elb-us-west-2.prod.mozaws.net | udp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| FR | 157.240.202.35:443 | www.facebook.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | locprod2-elb-us-west-2.prod.mozaws.net | udp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 52.10.159.154:443 | shavar.prod.mozaws.net | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| GB | 142.250.187.238:443 | youtube-ui.l.google.com | udp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.200.54:443 | i.ytimg.com | tcp |
| GB | 142.250.187.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.200.54:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.200.54:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 34.160.144.191:443 | prod.content-signature-chains.prod.webservices.mozgcp.net | tcp |
| US | 34.160.144.191:443 | prod.content-signature-chains.prod.webservices.mozgcp.net | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| FR | 157.240.202.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| FR | 157.240.202.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.187.234:443 | content-autofill.googleapis.com | tcp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | facebook.com | udp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 172.217.16.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| BE | 179.60.195.12:443 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 172.217.16.238:443 | www3.l.google.com | udp |
| BE | 179.60.195.12:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.35:443 | facebook.com | tcp |
| GB | 163.70.147.35:443 | facebook.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | facebook.com | udp |
| US | 8.8.8.8:53 | accounts.youtube.com | udp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| ES | 157.240.5.35:443 | www.facebook.com | udp |
| BE | 179.60.195.12:443 | scontent.xx.fbcdn.net | udp |
| GB | 142.250.187.234:443 | content-autofill.googleapis.com | udp |
| GB | 163.70.147.35:443 | facebook.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | rr5---sn-hgn7rn7r.googlevideo.com | udp |
| FR | 172.217.130.234:443 | rr5---sn-hgn7rn7r.googlevideo.com | tcp |
| FR | 172.217.130.234:443 | rr5---sn-hgn7rn7r.googlevideo.com | tcp |
| US | 8.8.8.8:53 | rr5.sn-hgn7rn7r.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr5.sn-hgn7rn7r.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr5---sn-hgn7rn7r.googlevideo.com | udp |
| FR | 172.217.130.234:443 | rr5---sn-hgn7rn7r.googlevideo.com | tcp |
| FR | 172.217.130.234:443 | rr5---sn-hgn7rn7r.googlevideo.com | tcp |
| US | 8.8.8.8:53 | rr5---sn-hgn7rn7r.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr5---sn-hgn7rn7r.googlevideo.com | udp |
| FR | 172.217.130.234:443 | rr5---sn-hgn7rn7r.googlevideo.com | tcp |
| FR | 172.217.130.234:443 | rr5---sn-hgn7rn7r.googlevideo.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| N/A | 127.0.0.1:50304 | tcp | |
| US | 8.8.8.8:53 | rr2---sn-q4flrnl7.googlevideo.com | udp |
| US | 172.217.131.71:443 | rr2---sn-q4flrnl7.googlevideo.com | tcp |
| US | 172.217.131.71:443 | rr2---sn-q4flrnl7.googlevideo.com | tcp |
| US | 172.217.131.71:443 | rr2---sn-q4flrnl7.googlevideo.com | tcp |
| US | 172.217.131.71:443 | rr2---sn-q4flrnl7.googlevideo.com | tcp |
| US | 172.217.131.71:443 | rr2---sn-q4flrnl7.googlevideo.com | tcp |
| US | 172.217.131.71:443 | rr2---sn-q4flrnl7.googlevideo.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| N/A | 127.0.0.1:50331 | tcp | |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | udp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.187.238:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.187.238:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.187.238:443 | youtube.com | udp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| GB | 88.221.134.155:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 172.217.169.46:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 172.217.169.46:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r4---sn-1gi7znek.gvt1.com | udp |
| CH | 74.125.108.201:443 | r4---sn-1gi7znek.gvt1.com | tcp |
| US | 8.8.8.8:53 | r4.sn-1gi7znek.gvt1.com | udp |
| US | 8.8.8.8:53 | r4.sn-1gi7znek.gvt1.com | udp |
| CH | 74.125.108.201:443 | r4.sn-1gi7znek.gvt1.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| CH | 172.217.168.67:443 | beacons.gcp.gvt2.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.187.238:443 | www.youtube.com | udp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| CH | 172.217.168.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| DE | 157.240.251.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| DE | 157.240.251.35:443 | www.facebook.com | tcp |
Files
memory/2816-0-0x0000000000DA0000-0x0000000000DA1000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E1D4D881-C4FE-11EE-8DE4-FA7CD17678B7}.dat
| MD5 | bccf9149d3eb94a0966b96db4c799208 |
| SHA1 | e9e3caebe5168f1428140c2e4cfe3f142ac0e0a3 |
| SHA256 | 74ee9e0a661b43cd3128714aeed6cf4f03a68365b0344a2597b014119ffdb66d |
| SHA512 | 50ef4a51d3fc1c5aaf5346a7467a462708f39b1e21a771df5377ac8ec549c52a024e80d77443ce21762e7f865826c501ab60edd148e1478ed25e3e27068b39c3 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E1D4D881-C4FE-11EE-8DE4-FA7CD17678B7}.dat
| MD5 | 0cd509d4945a14608e7dbea40aa12add |
| SHA1 | 8e4d2e276d66e3a5c961e61c7fb9d13ddf652ff9 |
| SHA256 | 725e14cfded178798d69815369e222cad9e5ce998299a193f37f26bfa3046b44 |
| SHA512 | 073cf0a09601fe5fde4b5f5840777343787fa89beb9da83543c25c6f86e50b5e80570377adb4c001eb48b9996dd959b824f1b722c017f90ab5cdc754b7f9ca5f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E1D015C1-C4FE-11EE-8DE4-FA7CD17678B7}.dat
| MD5 | 2edd8d3d5dd2aa8db8774a9dc9404c97 |
| SHA1 | 6b39463e7df26dc1af12e707e27173169b3644cc |
| SHA256 | 10e56925211edbf9669c5c4933f581fd4c7925e83c72d481820c28430c5c95e0 |
| SHA512 | 9c08e6c1ba52986a42d63a7aae63a4f46d05b38e11aeb43db17161c08cb5967142dd5554b625b9a52e7a469cd0ffd841933b659fc683fd6a54ed187ba8582dc8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4A9377E7E528F7E56B69A81C500ABC24
| MD5 | 3e455215095192e1b75d379fb187298a |
| SHA1 | b1bc968bd4f49d622aa89a81f2150152a41d829c |
| SHA256 | ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99 |
| SHA512 | 54ba004d5435e8b10531431c392ed99776120d363808137de7eb59030463f863cadd02bdf918f596b6d20964b31725c2363cd7601799caa9360a1c36fe819fbd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4A9377E7E528F7E56B69A81C500ABC24
| MD5 | 951a4d0ba0bed1b8915feb75d65777fc |
| SHA1 | c963a72ba5063a156b5f91e9698c7f196d562079 |
| SHA256 | 8e7bf8cce30b73c0873d49545f3829bbb20383ac8ee53329cd94726978b2a4ab |
| SHA512 | db1b722c4e344547563a650d9450597bb9c3b2e773e3cbc8319044f647bb69e8aa2e738b30d0cb9e477f2c06f86e011483cf53de1c30d029dd93f5decfe9bc68 |
C:\Users\Admin\AppData\Local\Temp\CabD4A.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 582c820e01c7de28fe9d8cf067dca644 |
| SHA1 | 4d713aa3a5226555511b405b201bf179915911f1 |
| SHA256 | b51e55fedabe7359013ae08ebeb71b04f40fc4dfbd09b30dbf6557e2c7f0129c |
| SHA512 | 0a48d5ac04228f6952bd5a760d1ef026e343e11b0c0f49f59b9909bb5decd61c1f42a42be30ac3159da7ce232bd09df43e25697eecc3cbb85d0c5a8f0b82a750 |
C:\Users\Admin\AppData\Local\Temp\TarD4C.tmp
| MD5 | 9c0c641c06238516f27941aa1166d427 |
| SHA1 | 64cd549fb8cf014fcd9312aa7a5b023847b6c977 |
| SHA256 | 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f |
| SHA512 | 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 004cac5fb2ab7c5522860259dfd9a007 |
| SHA1 | 77725b8149479b99261efa784bd5cea1b8c7753b |
| SHA256 | 92a97b3d19a4dd2837ccd3c98ffd3ba3abf0e5ea11290ffb1c92669841e3f243 |
| SHA512 | 3179f50818df81bc353386fdea9fb604b0df3b38aa573c827a3ac04ccc316180d933f608fc09baaebaa92e13e9e3f5688734d7839898bc67bbce7b3c07fc5f13 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | cbccbcea7505ba74ef53a7f099601c25 |
| SHA1 | aa8d823129b5908ba132ebb77c418f890ac3bdb4 |
| SHA256 | 47407b4452a4aebe03aea3aacb06427814d606f85e303698794256ee0932d185 |
| SHA512 | 12a205de3625fb42750989e4e783452d9e6d5d0cd322f3b25cedf6bac2dc5be1c8e6fe8a07e0dbd1ac4d66e59be3f4c0294058878f14c36c177cdf8831e2a072 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 2c0f1721b85d3e5c0b5cb9d7e3eb3f7e |
| SHA1 | f4e9f65f45afdbb53c68407172c688f9a43f0a5c |
| SHA256 | 18d5246a05cde4ed00b08487b21c918b70101f949c0b0b85ba6796b31b718707 |
| SHA512 | 7c8e0f3587e8dc4a95ca467555f1dd854e34ea06f98470bf121a55864ae9094a10ca768d46f87632607a8ec9a20a40737d03b9f5cf4d4171e8e248bfb57ba545 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 64e695dcd0f211b3011f5dc2df010ef2 |
| SHA1 | 2533222f796957095266b943c5bfb01e10cb93bb |
| SHA256 | c720489e3e28974bd4e10fdae77826a68d1124df28f251c3044c9fc1b46fc623 |
| SHA512 | 1ae4857ca891415890f3c27ba45e0e3132d198bea4463991c6887408e94680fdd4e89e0ee33feada81ac9e05e1b77b88c35f6cd88ef051ef238d7596a0cd4468 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | a0b46c9e574b49bb6665d8a362c0e8c5 |
| SHA1 | 74897ca309fb61f87b249d9ddf06c2a0a3e96557 |
| SHA256 | 0ce2a95123857d055f24613d37cb4e454a23fe3708f20c2b2494616b1db4248a |
| SHA512 | af241b3eb35350a2100faa647eedd13ccdc92e7540122e58f8b80d8034dde2d6ecf3d54148d1df3de64b3d6428fe5962847d93d55034f3872c7d6b4e94f43b5f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 45441e2703bd716af8a3be1d86817368 |
| SHA1 | c9680df90c6a60c021fbc5290f8a4f962d43dbd0 |
| SHA256 | eaff208540fa53ce10dbb68a6d9ed87ea6153defbaa9fc7f385de2e17b373495 |
| SHA512 | f8a2eb97033541687250b0c89531b00ab742ae731db5889e8f36ea06a694784785471fbf4e49962e4c63793155ff3bdbff9d8691c0caa2d7fa6190b8f350bb01 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | 878790e78aa10f499a1f90b06316513f |
| SHA1 | e4a4696ea20f4bd6b9b327bb3ec392e68f6bd05e |
| SHA256 | 1b6502a1ad0e0352f4ddabdb74e81a62b4870230fe8fa5a6694b440a337404ab |
| SHA512 | d5896ae88a8c18f68c2f69678d31770798e8051336766dddea3664a5341f31dbf752c0ac68c570f11e9c61cf4a3931839ea58ca373e9b8ce169e7b768fcb54b0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8897c16ea71a3a26a67f0a87abde89d1 |
| SHA1 | 10d140ecdc2685a40a0c026702cde792bfd0d228 |
| SHA256 | d60ca6dd3f8bac6497c5fa40363a367a6dcf06a93a52b4a9b37b6e28104d7637 |
| SHA512 | 749bf77d5ffe511d213348020d2674cef5c0e9c6a8c7bb1f9d3724712d245018030507ed0a2121d443f9b0df9e9039840356b0ce49b7535c141ea86c43306829 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d160ad4b2b33ecaa1011b4eaeb6f0476 |
| SHA1 | 00023c2ed8bb704b5bccbb92de53c0bf0e9ee050 |
| SHA256 | ad27a0052d118fc386805a91c1db4a4a2fcf6f9f509035a1c04dfa987b095c86 |
| SHA512 | 3950ebfda0da05e9e92111ebf6be4d7f7b795833db60cde070839afe6756be42ed723378c3cc56b1ef0887590bda7d1926453030755a6e64e82cce09e1aa1301 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4
| MD5 | 85aba89c53bb7c2a4f540128473bc3b1 |
| SHA1 | 493feea8df0a909b5b0e0cdc04c86b193fc76f27 |
| SHA256 | 98e383259fd9f2d438b50930f12b97f0ecbfc10365e78cc24bb6154e2ca888f1 |
| SHA512 | 08a64ec7a30d04da12cda38456315e19c1816f9382de4dfbc9646a2a755d7eb8c299334246b3831d63c2d668b369e1c2223ed3a570e0fb10537272b2c7402614 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4
| MD5 | 4646951ccce69960439cf87fafec2f81 |
| SHA1 | 6c571428144ddaae86d2638f90e8ded32ec75577 |
| SHA256 | 442ff0395bff0d2bc45439041f7335550ed1a754dbe4c9f486abbbef6e8f4f01 |
| SHA512 | c96a30ec2ca3c78f66e2c3dcbb73ce8c60922246203d319ae53cd41103a1570a7913dfd4fef0ebf3d398d66356c473481571b3e8a0ca9c8782dffc8939ab9c5f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4
| MD5 | de38672e669f8c9ce4539237587e4181 |
| SHA1 | ec4a92c071f8b579c2c7275d277621d5de5c51c7 |
| SHA256 | 7d745f3790f4c7d0e0a1f1c33b8d1061b84b9be05c1b44262e52bad68ed33753 |
| SHA512 | 62cddcbfe2094353e3cda2ee531440a8a9fe5f6a693530d5986f303074f9508c6b2c1d39139d7ae7ba647d0f584622ce4a6da600e63090917f9e2e30ab8aa275 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VPEXDS4\favicon[1].ico
| MD5 | f2a495d85735b9a0ac65deb19c129985 |
| SHA1 | f2e22853e5da3e1017d5e1e319eeefe4f622e8c8 |
| SHA256 | 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d |
| SHA512 | 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\n7bgnbu\imagestore.dat
| MD5 | 267e5e67f25fb6685abb981f201da924 |
| SHA1 | bd210bd5b937a8aff873944942447804bd2ef080 |
| SHA256 | 646e5355c4fafb4d7efbd122eb4e1fa5aff8e71cb0fa12c29bd6cbfc136dd831 |
| SHA512 | 8492e6aa65aad672e1f91d9556146f2c2b1507266f8abb2d4cb3e23ac41a58ebbecc6ba9dcfac3138824935a4c55e6ceb946e20a21b4127cbe5755ded4abb49d |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\4ARG4FRC.txt
| MD5 | 0b100071d5179941509998e2b6d4616a |
| SHA1 | d034f1be5d70cac5d07b37d4585441bbe17dddaf |
| SHA256 | 19abd8a44319248cf2a840b0c42aa33acc3687b870c46632cf4dc863df03a67d |
| SHA512 | f059dc0c69282b81d1128008c153bcc6c7e5e02c8fb2f48785c8da146c8723c9ade9623495920e6d6e9e8b75eb72c7512a9bc26487befc9cee91a7e522e9b6da |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EMF598XK\favicon[1].ico
| MD5 | f3418a443e7d841097c714d69ec4bcb8 |
| SHA1 | 49263695f6b0cdd72f45cf1b775e660fdc36c606 |
| SHA256 | 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770 |
| SHA512 | 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\n7bgnbu\imagestore.dat
| MD5 | 829e413249a32a660807fb808224c860 |
| SHA1 | c1cd3982052d4a3f1062b55388127238dca2c85d |
| SHA256 | cc118f7c7503068b0cef547afb44aec3c2f9fa837fb5c2ee8a1bb82f69bc751d |
| SHA512 | 65bd4d7e2a37b87ecda51a4b695f3961bad478daf2d8ecf9f2516f41fc1d6f4cdb0087657cd4c530edc08cf45d9c199f5497ed6614c8c7f3260cd44add9e0cba |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752
| MD5 | 7d10d6a2d05142b2f7de42728ab93a9d |
| SHA1 | dd26f063d2bf4688cd996ea46ec9c79f9702483a |
| SHA256 | a06c2f6ee0ae9af14551ac19e95835bf20b775d835b558529eb5979d474f0919 |
| SHA512 | 74738a2f5fea62431113b09022d031000ee1ee3fd15d0c02dcce313c1f67d7c9176d13a715653d1fd23ed10c8c8fbdeccfe09bdd17511e3f92e218ba151e9139 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752
| MD5 | 611a23ca7aadec716376e216065eed53 |
| SHA1 | 0b303c483e1b7ab75995c6ded4df2ce964b96b49 |
| SHA256 | 88a32b076ac2f02a943ec921c0120fc72bf8a92cde170c56bf6c3d5df1452578 |
| SHA512 | bbc354bcce1586794339ea911d78e1b63f47b6c55631677a07a67e5046cb5cfe1a374a1f4955b97e6dd8d9126ae3c72fe8c7e283a479dbf416a7f43ede51db68 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\n7bgnbu\imagestore.dat
| MD5 | dfae0ad162b67f87e6ef0cb775f05ff9 |
| SHA1 | a9afe27d47641d6eb5b1c191ef5e07e0b3b4c80b |
| SHA256 | 1c56258a004967738472741d99661252cbe2bcec9c4358a7bcfe26ee8052d6c1 |
| SHA512 | aa5e7c5fd693848b9a55897bab25e66ae79e82f59732e3384fbe542d3545552b0a800f7a4f2a549d68a45120ec37ebdf484e4e87192263b33463262f4a541fab |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YQAI5I6Z\hLRJ1GG_y0J[1].ico
| MD5 | 8cddca427dae9b925e73432f8733e05a |
| SHA1 | 1999a6f624a25cfd938eef6492d34fdc4f55dedc |
| SHA256 | 89676a3fb8639d6531c525e5800ff4cc44d06d27ff5607922d27e390eb5b6e62 |
| SHA512 | 20fbee2886995c253e762f2bb814ad16890b0989deab4d92394363ef0060b96a634d87c380c7ba1b787a8ab312be968fed9329a729b4e0d64235a09e397db740 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0001a9321b1021772b5fb696b985b306 |
| SHA1 | 04acc7a6388d119f0e0684b250c3fe16d066c405 |
| SHA256 | d517919dfaa5f3554a218e0cc489a09f6c338328a666b83094a38d1c87a3da61 |
| SHA512 | b06706182105ec06fa8d25f59ea6ef28dba3faac0068a1ab4b44ebd2f871621a3f4217dc16798091fde73feed672fc820785009eaf91a43563d0ba463bc53f0c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d3d60902351b63cd33ffd8208303ce5d |
| SHA1 | 0c93dfba1c2807a564eac6d6da43a7b1fb5eddd7 |
| SHA256 | 4150d495d9231c9a9c96cd97141d773f6a6364278ecb2ba590f052d38a0847ad |
| SHA512 | 2e1dc08890022ae572f45c9505dc2cc17707f91af319effaf64adfa5b21a1aef9fa948261d08677f94a615ec07b8d7c35b45dcf1d1ce947266249c195f246ecc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 85c8c2dc520ba22a13cd82bbd4edd9c3 |
| SHA1 | 82d46e039e32f65a7bc35d9809ab48380384d3dc |
| SHA256 | d22f70e6a489d82366774bb553308c8b365ba91e2a9e22412af7f4c06e348270 |
| SHA512 | da30db4d581bfe883941930075cab2bbd6b667b96f49e0a8ffa32780919a10b3da105dc09c3cb4b311e4aa5308441f39c1e17e39d181b571331d632906020aef |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | dbeecfcb17216b156667dd4c8eef78d3 |
| SHA1 | ccc26e71fed983110d68042cc688cc31f20ea40e |
| SHA256 | 7f7f3a089022fd8ffe8cf98f89fd1e9c5c9262037c99df58fc080c6a7160ef52 |
| SHA512 | 92d5d38bcc95d66aa923db60d1ce37835b16c0c7ed6a25e44ce70399696ea7676cfc26937b953f006c20be05196b96cf8bb7516b4a5eb19c28c2cbab91cbd754 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2350d7bbcc63c34b433abee97c90d830 |
| SHA1 | 27f91ae5d032f9485c402f96f0a6f0afec490900 |
| SHA256 | 2bd3952702d7c0ada29115d6f4ee2326ba256ba944cf7bacc26b24814f2ba1b2 |
| SHA512 | e03391bc80263d1404ecf029187845a8ea23118f75ae67400a2b91f9d94a746653fe5872bb2eb44d343ab84a4d68c017439586e127b268287b7f7a9944a8bf1a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 08cdeac00d16e1a6a76aced7760f4dcc |
| SHA1 | 711ee259b5f9245ea15354950d0d00d50b92f66c |
| SHA256 | 70ef4ceb7ae88f1f76fbcf0bdccc24743bb0f5898138f30e50db50bbfcb57a92 |
| SHA512 | 3f952f07e6611e81667d796639bc2ca147225e6aac989e3b32f24c8b231ac4ab0f1794d5af9b002431687105565bf797fdb101de2cc538a138f2a9db676a7324 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | da5c9894e999cc66d49efdf40b52924e |
| SHA1 | 8e03b94a9a75b25052abc7c51d2e701f9e1f3eef |
| SHA256 | 699191ba0ed780eb061aee678c785e27234065a9f02057f5d2450066835815ae |
| SHA512 | c17e3df8085af9b27b6dcdb014f7bc28db2be4b60ac062f5274cd766ad90fa55c110f0653e30354c142e2d178191c1725a9c48abcf5f64322f4f98a201f6bd11 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b1521d9b3a823e96af1118a956cdd562 |
| SHA1 | 9221c95319feaca0c3784ec6c5345d5068518296 |
| SHA256 | 2498dfa90b043ff02c15ac666069e34d78113b91b39205e3449539836c013aef |
| SHA512 | b59462ecc252c4ee72843a25c56538e853721fd20a8d20bddfbc8b09f4d00ce3707a2fcc92febf8282c8d749d77462d5843c2544e08c3e62cfe181576826b1fa |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6c3c528dc6091c1aa95a4ccc8383d18a |
| SHA1 | 916e2497d4cf8bbf3ecc603c681ee42a1c2510f9 |
| SHA256 | 608a02cd96b5ef887536b554ce69c4a6141a72ec41d9e4391abc123db4d54505 |
| SHA512 | 605e641beebda5e47c8f12ec1d85fed5260ab6b32e4ec7cd5c88f9d543c4c213aecd0bc3d89ae4481561af79a459911099bb5ce5752f8144c9527b73775fddc4 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YQAI5I6Z\favicon[1].ico
| MD5 | da597791be3b6e732f0bc8b20e38ee62 |
| SHA1 | 1125c45d285c360542027d7554a5c442288974de |
| SHA256 | 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07 |
| SHA512 | d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e |
memory/2816-1029-0x0000000000DA0000-0x0000000000DA1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | fd594fb3d522c7a9f8c0fb3a5681ce2d |
| SHA1 | 49754d03b252e227e501037d3aafc0833dc55b2c |
| SHA256 | 606ae4a11c4621c74b7b28c56ea91c7eed02bdfc9f97b55ac51744b7ec1b52a3 |
| SHA512 | 8e28213f3d390d706bec610924ddd1158ed1980bd5369c4791d5cb78baa96ebff86f9b647ac1b02b93220117803f539870b037c93aeedcb1a6796ea6b84b3312 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 16b7586b9eba5296ea04b791fc3d675e |
| SHA1 | 8890767dd7eb4d1beab829324ba8b9599051f0b0 |
| SHA256 | 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680 |
| SHA512 | 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp
| MD5 | 18e723571b00fb1694a3bad6c78e4054 |
| SHA1 | afcc0ef32d46fe59e0483f9a3c891d3034d12f32 |
| SHA256 | 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa |
| SHA512 | 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2 |
\??\pipe\crashpad_2436_TEACLYYOYEKKEBTF
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | bc6142469cd7dadf107be9ad87ea4753 |
| SHA1 | 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c |
| SHA256 | b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557 |
| SHA512 | 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 9ddfffd569f040aee4abd9f777cbd556 |
| SHA1 | e7bee414fd2eb3794c297cae1e65a6e7c41fb07c |
| SHA256 | de1aa00fa6551d21a7eba24ff8f1d7b99ede0c0552b06008d1917e0da6c1cba4 |
| SHA512 | f12ebc33ef9d735ac5ef44cf5359f484daa2599fb20f8b2be69dea3c4bb35627ae2000ecc89d727ca885acec199b6239e6b982cf79dd2cb8a8da6c87e069ab2f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2f2285ffbe78e236a7ce70eb0aa45129 |
| SHA1 | a49598645a6ac6744bdf86ec8082b0ce87237ee8 |
| SHA256 | 8c1155c4fc37756af11c8bf4fb9269ee698e96aaa7ff3d8893be6c3fd25aa0a9 |
| SHA512 | 244f8db29bd9d9cd44c74d3bce2df93fdf636c4acf61d6187be52dcc690078bd95b6ca395078b0ba64279c7c7d1702da01b68c4b1b94b3069ba7ac576dd1d0c4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_4D5101BE24E3D91707DD60953C1BD871
| MD5 | 404de2ddefd879d7f67b4cc23022a615 |
| SHA1 | c63357fa7e696d469c2d523501bf8358891e0f95 |
| SHA256 | 2ecf5cbf1677d7eaf6de3078e8d00652e0d4dff6faf04f08a77d205153407e1e |
| SHA512 | 1eaab0b8e36dd07af1465dff536df73a25e9a76971f94208ec12d8214b919554eaa59675347c4011f97d143af232882e785c505a737bda473c178c38662cd523 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
| MD5 | 5252066f674ab70eaa9fd575b45d69bd |
| SHA1 | 942d0137d5882feced7f8059fbba819a2defc9fd |
| SHA256 | 38d0f640decb673e79f7d2a16d3dc058d990fd2b102d36d7c3e57f0adbb4fcd0 |
| SHA512 | 6448c139383b7572b881d1fa1c6dfccd11906ee9638c577a9efde4050b8977cd037599d9ab59ca625a4991336c9b7a80925138f37eac06aab0a5a18773e854c9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
| MD5 | 7bdd6372f1ad6cf9081fef859600cde8 |
| SHA1 | b7f6b3e5d9ea6e07ca7112bfffd76fa1918c98c9 |
| SHA256 | c50380f2e942a05b6156bfadb428ea4badd0cbb80069b381c2737fad8a8a9512 |
| SHA512 | efcf819edbf9ffa300882a3413ba9cc866df8de5acc2f63d453ec94e4271c432fa81e1ac817f75b1af6a55fd01258f68c15591a6c25918a7c8433e5a567e9fab |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\datareporting\glean\pending_pings\1825b2e7-40f1-40a7-9905-035cffb50baf
| MD5 | b83d5d305d9a676d2181991586269111 |
| SHA1 | add5848597a9660446a3c4b41986778deef0eb4a |
| SHA256 | 10fe6fe7944329a163ecb21b0e2850002a4f1e5b71a829eed2fbdfae8e42fc70 |
| SHA512 | 41d530d3097f1ddebe8909c567b936e5456da58d6e89e4b9b16901a827a430792a1332472d5efcf00906385186dcbb9da3904d7a53b7e1b9369e3aabee88e2da |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\datareporting\glean\pending_pings\04c4d873-71fc-42c8-a8e6-b42e4b95d80a
| MD5 | e061407c438c09bc175f358ed539d052 |
| SHA1 | 21d14792988e0e6db79fd0caf3a6ae1f305861b1 |
| SHA256 | d07e9a65a0d1fa71bc17380ac40246be6af74bfefd9bf080ef89201aa88a1651 |
| SHA512 | aa69456f189351593650f1a552068a7ac5c634d2e932ffb5541f2df2b498c68352d2aeaa7913298dac06935e4bf2acd1c10da1b79c8cd3ec458d5bd5829575b1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 9751887b94494481ace8599942c950fa |
| SHA1 | c8cbdddb797a34e44b72958584c2cd032cec3e4f |
| SHA256 | d5773d69fcb027cba0cb0a8e223768cc430138d90a4933bcc903c47df2c78328 |
| SHA512 | 0a7e28c4e9791c5587f2dc13e294e7645931f668461dc529834cb93ae3b62d0068383af269fa0c14582c0458cec23d0c53c36e0e735efcdbc73ec68ab718b94d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | 665123a63af0dff8a738b5e3b8ac27f6 |
| SHA1 | f0fbf0a5986887417097f82149314f41c462b188 |
| SHA256 | b77193ce1820b9bcc88f4a661213fdd1424fdae3121270e7a4fa30a2f52a937d |
| SHA512 | e5625369db0d991f036beda18692592bedc4f8f541ca85e8f1389613d0c0bc87968cd271671e4e60bbe1dd2d15f24b92e89a1f4a7cc2bacdb717e22d2d7f967f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\prefs.js
| MD5 | a2a364fca67f1b714624a6fd770c9b43 |
| SHA1 | 180b4941faab9d58938f3275c9e3d33bc09b6713 |
| SHA256 | 6ad6e72366ac65164cd601080a1c415b01deb93dc77ddb692cbc142798d7f5ee |
| SHA512 | 3979595c92c7dc3211d9ae8681b3a5960114ac70502f6c984d1b25be7fa7e7e14361fabcf2f9785595aa3c99d4128c26be3173f50d965bb8eefa745862dd8d83 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\prefs-1.js
| MD5 | 14d36c4a452a7e38f6c34bd515bd0b8b |
| SHA1 | 1cf6952148aab7dbd4b77c00da1a28e81fba486e |
| SHA256 | ca717926ea052f25fbb7b2d9dd7f1057986e2ea503809b6e4239e8f8b3773f69 |
| SHA512 | 5cb338d24f767a851a7e6d3a951f93e8a1a64dba2c7b2c944fdd833474de6ade4f5cb9b5c1b149684784db6be46fe765f6e1ca7be8768527b622521fd665bca7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | a6849bf8113065ac33d45aaa3b360453 |
| SHA1 | 67e5e0923710bdd75dcd2bd8498f98431434b10c |
| SHA256 | b981212e90fb1906f3e63f2881656bf540dd443f9333aadb86f0fec48639e25d |
| SHA512 | f6a85c41b4cfd45da063cdaee754c6647dde76556c8f9ff50a8608370169caa715b697302afac1f7ace1c1a0757b8c07df757cb00bb802873e8e2dc06ff15159 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf769389.TMP
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\storage\default\https+++www.youtube.com\cache\morgue\16\{c4dddc2a-6caa-4004-b0da-b5f011977a10}.final
| MD5 | 2a252393b98be6348c4ba18003cc3471 |
| SHA1 | 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598 |
| SHA256 | 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee |
| SHA512 | 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\storage\default\https+++www.youtube.com\idb\3824876564yCt7-%iCt7-%r9e6s8p3o.sqlite
| MD5 | 5663ced6d5ce105dacf0eb16a8b48490 |
| SHA1 | f1833fc0bc49613049306e4fce8ad9cf2c7c3f4d |
| SHA256 | 5468d324fe8428d5a4dd545097af3521f7cf20b612c19c47073db9684e9a6993 |
| SHA512 | 2a2c62ba0c459a4415128618426ea1c2d0d1be37de351ab2bbbe0f50486f25774680fe1b91e60a7930c5ace808ae982a2668ff7d27b39659bdd8f9991f30915e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png
| MD5 | 7f57c509f12aaae2c269646db7fde6e8 |
| SHA1 | 969d8c0e3d9140f843f36ccf2974b112ad7afc07 |
| SHA256 | 1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f |
| SHA512 | 3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2436_193503910\Shortcuts Menu Icons\0\512.png
| MD5 | 12a429f9782bcff446dc1089b68d44ee |
| SHA1 | e41e5a1a4f2950a7f2da8be77ca26a66da7093b9 |
| SHA256 | e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37 |
| SHA512 | 1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 4ba0ba7d14a82556f3fde99b1f943e6a |
| SHA1 | 9634ec5e79d62249f6d7ff183eed4ca035a5c09d |
| SHA256 | 46883af121da94dea8437848ca6982983b71f3cffc3192e435425a3799e229f6 |
| SHA512 | 4f9d01237d98316a2a33bac1008f781a93cd2f28eb9268c8f5a48fba9a4b824ff8e65063f7f1b8ea3235409c8cc279f3c8b31f35d6dce5435da6018f51a34410 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\storage\default\https+++www.youtube.com\cache\morgue\175\{20730de6-bd31-4a8e-9266-864b4b7ab5af}.final
| MD5 | 51bb0fe00991a2ae6707b3aefc583918 |
| SHA1 | 21ec201ebf41ad57faaab02f7961ce5a746e6dbb |
| SHA256 | 97dc140355b2b45b54c3dab1ac66b951afae0bc742402cbc342be117f4424e0a |
| SHA512 | 41863cc0f1252366a5514dd62a06f4bba493029b8c7a35e19173b6d7f9114e7098fa35d284623b6641d28f7d7bee1ce99064987afc985dbf0354368f71f9a39b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\storage\default\https+++www.youtube.com\cache\morgue\47\{e93727d0-45c1-418c-a450-db0a9c99042f}.final
| MD5 | 45e25bb134343fe4a559478cd56f0971 |
| SHA1 | 79f18ad0b7e3935c3231ced0edd8ea3c7997ca93 |
| SHA256 | dae4dd8e56ccc952312b3b238a1db294d4d7ad4f532c31cd1c2e5f9dee881678 |
| SHA512 | 9b32b125c4183fe992630bc6ce9a511157959556fdce53f8264aba2aa8fb7b0e53b408b505da2cc96cdec771470927e74cba3bbd6eb71a5077e9f933cdc85292 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\storage\default\https+++www.youtube.com\cache\morgue\72\{99ed02cf-3274-4f02-9e4e-499f03723548}.final
| MD5 | 5b0f165bbdb71faa1bb5b26c4f022e96 |
| SHA1 | 704bbe81e0d8370e675246e1cbb347bf8599aa45 |
| SHA256 | b95a445bd9d295276e8423f1ad3fc50c740512a634f2115364217544bc87d44f |
| SHA512 | 6c521b2c55135ec98f79193bf9c62b73cfb1801cdeed03a9871878f677aacea46cae165a4290682768ca1c1192dff2e87b63c39228164d72d2c7abbe732f8d20 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | ce3bd685834c1850b6798ddbe924e8ab |
| SHA1 | 5346787bfb8a85bf69d8399450ece96ce6281310 |
| SHA256 | 7210366ed72a10032a14089bd1210dec6e101b7aaf7f393b736265497e6af1bc |
| SHA512 | e701de51ba198a47934a009d3afa5169c160d792ab8a9f06327e2e1f611f9e7a0535d3131fb92e8af780991dc92602e7575e4fe2996d7e717da72c3b7fb7aac7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\prefs-1.js
| MD5 | 0733037f2d28a117b67b6addb52951c6 |
| SHA1 | 93e6e7f63614a351282876aad7d67cc93c5779d6 |
| SHA256 | c78b1b8edf7e412e9b4036a05ced8c2d96fefa02ab2959d87347aa78c68f12b5 |
| SHA512 | 31790998fe251846ef6c28b46d5522987cc63a676ca6e376beffcb92361f0cf7db20fd20e26fc7881216a8537d173e5390718e614488c6d0144d3c5fa7e74910 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\prefs-1.js
| MD5 | d56ef2819ea92e0242385b75041a4bde |
| SHA1 | 090502fd8c9bf5b02321ff7744f4346062639496 |
| SHA256 | 99fe041a66d42001f2e8d31417514d6471e0594a03e2e4b8af3d8988624239d7 |
| SHA512 | 2146b136927394016ed479625a394729d1a2889dd94860dcd49b4433cb01d8d43bcbd5622bfc96a9a5d8587d951a8e38a23e9aad80a7a3382413c8dd88d8e0a5 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | be28bbb086db64e5b3460ceb908b13c8 |
| SHA1 | 521c19a5dd255e62e70c505bca171e5057ce504b |
| SHA256 | 46f58babf3679461b508445160f582658fd9b30f8c147f9f149b6143557754bc |
| SHA512 | a65668ba96958f1a1d42594a5db96be71743adeeeae632e0314e67ce86eb37848d055ff2793c54de823184da50ddeec5a5b1e3b2c5755e069a77993f26907a72 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | 9e091e6e342700ea67bfcb5fcfa47a1b |
| SHA1 | 596145dfaec5524e5dc1ffc24835ffc96225cc64 |
| SHA256 | eff6a1b88f6df415c80bfc5f6e90215b5b487fe1c795167956f0ea88ee0dddc6 |
| SHA512 | b76aa992ee3e547a5fffff60ac360dd3531cccd5dea1df8569fde4f1a2daf8ed245cb6ae5679309965b727e4122a52268fe3c650ed90ce6d9708250affae9a73 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | a84b33af5e6b0e81704b4a291a2de13c |
| SHA1 | 3f40b1797a62f840b226d49b81cb7030b87f1b32 |
| SHA256 | fb97ac5585f23e9cffb74e4695b143147217e29b3f100c877e4ac3f8b2c2d5ab |
| SHA512 | cb28aab9e81549d5a20121acc9dac991df90ed9b83b7a3c1d5c2158191239049eff944e48885be7abd63256267ef90ae4af7348f162f216d2168abaa1fd73c47 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a6af6961977e4c7185e763a5f93998fa |
| SHA1 | b44f3348e19b593ea1b4fb4a670dfcc991161615 |
| SHA256 | 7e8c7ef124bfcb811b8b5156d40c878d096d8453e99801f03c631905260ccaa0 |
| SHA512 | ba218ef1fa92bf5aceb4010fcd795b0bf39cf89459031fa185ce0a389acdb0e22ce5cb1fc48678cf5798d485d841e410745200d48c9c502e29673064de531e13 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 38ac4e22491e573b94515056f6df4676 |
| SHA1 | 1db81a60acc8925c78cb4be4bf7307003e4b1dfc |
| SHA256 | 9c7703cd4928ecfed4dbc2dc1d18104ae477cd0c5149df4ba7e1f47d41e3c431 |
| SHA512 | 36b1b3eaa9a20d6c63281fa8332f34a73da01188ca539a5073f0c06ffec946cf929bd37e20154bd616b89a5888e9c2e53d4050e4cfff03cb0e23c2bfe5e7d6de |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 89ba19fbb8be65355d6da8a39e21cca2 |
| SHA1 | ca5aa7b324b2fb8de6637897b4742a87689d6ee4 |
| SHA256 | 9c2dfb5d4c5cd74e802d7f21b078ae1414c41765668e60df10d3ee90b00251f1 |
| SHA512 | 1c29076fded84818268be60c9d52ee30bf8c3fbe85bc2cc854ec9ad27cb195d1fc5742e2012ece8794600496502834a7649a9744f4d7b2ff5fd929b088db343e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ac0c9b03e8d1dc2c3a30e8bdc8e5a0c3 |
| SHA1 | 43c6f6ba506a42ff0fa52bc4bbcaaca4f6a19af2 |
| SHA256 | 6cd1654369b5f7bd72cd5e2b8b6d4567405579f5476fb59599e2a4108ab9b1d0 |
| SHA512 | cb94dcfb7b9caf8820ea3dc4e9180eaa43fcd278f865f06061acd4a3a8c8128a3ed4b69579ec907b422162a69b0279fef2966fdcb5634148ab593ceb5a36ec6f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bccdca301c3a245ec418c06fcb1f06b9 |
| SHA1 | d9fb5cec379c3c1c3e6316b121e8f23d20bd5bf0 |
| SHA256 | 08ce09ef0da7a78d039777cb4e77e9c28484b971cfa8cb71bab05ea851d34e29 |
| SHA512 | 8282aecae18d859c6c365ea05352ec5e55a1bd983c1f1b0b7d7cc666e6083ae33cbc6104a275ec0fbe3c431b132d374861b46be39e6dbc54811961f0c4dc47a2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 113a907ce23cea05fd019f0885f40475 |
| SHA1 | 106e75aefdee1ab4c86a2de41d0c79a407cf7c8b |
| SHA256 | 76efb45a630e64bc910ef4b187bb0bb05c829ab8c56ad7b7c4e2f8b4de4b7e4d |
| SHA512 | ef5d6269148fed3a9c19bae993291195920275fb8b06fcdca7775d99dddfdb5ee07cd4665aefb9a91765b289d3936d43cc077085cab4f3198b100a4ecfe94631 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 529340d3daef368e5f83d06903d5e88b |
| SHA1 | 51eee276111c75964fbb90cc79e16ceac964c2d9 |
| SHA256 | 910889c5dd39a2366476d3ee6cf14e15423405078f2e0f63145ccbabe9985a41 |
| SHA512 | 0751e29879b06fc6374c26a8739cc8404794a93f2589fa9161eca1076a9cefac917e89c3abfd7b790d0e65cc824eac84c050a89b617d614a2720d4128eb95aca |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ee001a32efb05f5f739ff65cc324cde0 |
| SHA1 | 6d98342279ed4eb7b19ceee674721b82b3963d66 |
| SHA256 | f523bf62a75e238441a10e3f137e97ccdeeffb55dd69bfcd1527648041409ccb |
| SHA512 | 9a2eb5c14f406a0a0abdc6f9ae231626300e1881f5d89ab0937aa247e66158ad3065ee3ddbfb3d13ee5441a733ed1a0018a0d7c7b369595d4b2c4e805c27fd33 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ebac41c595d5929ea7b08ec363a4f025 |
| SHA1 | 79469732f11e5f1ef747b39b4e1059c2dac3710e |
| SHA256 | 91488a93da2358e959ef8d8e4ac040baadf65cea1343a8890864aab66cb3abe6 |
| SHA512 | b4a146706ca64c65b37d3312897ae76ab70fc8ed3d9c220a50acabdd8d37c56302b117c440435ed3fab3bd94b046eded0041b7991a979e1608d486a835fd7b2c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1ca711f8f9b0f936103e40ad753edec3 |
| SHA1 | a09d9e6b02ddb9310c3b260d5375957ea04aa66e |
| SHA256 | 96f8af2ee4a447f1d5eedfef9bf0832696917fc68502e57fcd3f652ffa341b41 |
| SHA512 | 653a67e775eb59873a6d282aff70ddb248de14dee6a2a8611220d39df5108e22c56a2cc9908f8d211785bec79d5dc6010e1b8747fd9f47c916acbc98c80df394 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 76a5b73054d045a1c7d291ef2f3b2ec5 |
| SHA1 | 18ccdbd09cda902c073d7ed0509b0907a7b2a142 |
| SHA256 | 8f48e99fee0f3577984a1d15b5268f968f9011d928d405e274e0093b0dcdd336 |
| SHA512 | 01f895e313fc7a9c28671edf828f0117e770edb3aa35616a6b73d8f76e2793539d784e8b9026f2d412c1caf1dd7017b0e5080c32826db9bac595cf3c3fce2a7d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\230f7800-51fd-461e-9a2c-249e3f92c1a5.tmp
| MD5 | 99bd8b9052a1f4f3bcaef96ebf4b2d5e |
| SHA1 | ac6e92a790ba260094e6987abf0b038d1da13bca |
| SHA256 | 44ce22757968fa46048d5b76873147cee872165a7203d9724d04e39656dd0afa |
| SHA512 | ac8c1f4ea90be14de727e04240116b6969bcff8cf03860e4edb3cd8b3d1682add112af0698b384e56a00c12b9add4f6353b61ddaff21b8d33116ece1a95696d8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 31a9995fe817edce52b755bfc8711f06 |
| SHA1 | cbb8cd47b6ba3a172f28106c15b25430267b9569 |
| SHA256 | 6a71fe90b1283249dd297b5604e0db7ce99a9b840674fe102e47591824fa6a98 |
| SHA512 | 229b5eb9b1ecdd5a685f2621ac3d9d12c9284c1c2460656dfdb6d033a517423a29906cab69e8e961b44f45c60e0202b7c9e847d95d7076f68ec21902a9eb950a |
Analysis: behavioral2
Detonation Overview
Submitted
2024-02-06 14:49
Reported
2024-02-06 14:51
Platform
win10v2004-20231215-en
Max time kernel
149s
Max time network
151s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\cf1c6c9cd6fe79284928b6e3fbe50e8382f486fedf5e0f982156c1807a8f341a.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1497073144-2389943819-3385106915-1000\{F2A36B00-81B0-4802-9E62-97F5AC10AC5A} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\cf1c6c9cd6fe79284928b6e3fbe50e8382f486fedf5e0f982156c1807a8f341a.exe
"C:\Users\Admin\AppData\Local\Temp\cf1c6c9cd6fe79284928b6e3fbe50e8382f486fedf5e0f982156c1807a8f341a.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa73e346f8,0x7ffa73e34708,0x7ffa73e34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa73e346f8,0x7ffa73e34708,0x7ffa73e34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa73e346f8,0x7ffa73e34708,0x7ffa73e34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa73e346f8,0x7ffa73e34708,0x7ffa73e34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0x9c,0x104,0x7ffa73e346f8,0x7ffa73e34708,0x7ffa73e34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa73e346f8,0x7ffa73e34708,0x7ffa73e34718
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xb4,0xe0,0x104,0x40,0x108,0x7ffa73cd9758,0x7ffa73cd9768,0x7ffa73cd9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/login
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa73cd9758,0x7ffa73cd9768,0x7ffa73cd9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa73cd9758,0x7ffa73cd9768,0x7ffa73cd9778
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2744 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2016 /prefetch:2
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,6598643571893660394,510754838676372350,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,14387283530295283449,15336772005691792300,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2052,10030208719392820825,8232116366488481113,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 /prefetch:3
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2180 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.0.1555739574\1777187826" -parentBuildID 20221007134813 -prefsHandle 1860 -prefMapHandle 1852 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f64e9b5c-185c-4d26-bae7-586287f6cea7} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 1944 139511d8e58 gpu
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2032,16114267844514504504,17908525918511292994,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 /prefetch:3
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,4406603887303026838,1169055950860296036,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4280 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.1.1594945042\2063812015" -parentBuildID 20221007134813 -prefsHandle 2396 -prefMapHandle 2392 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {403d7802-3883-424c-9fc4-a2be0ef74439} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 2416 139510fa558 socket
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4716 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.2.1961711078\2049298817" -childID 1 -isForBrowser -prefsHandle 3160 -prefMapHandle 3156 -prefsLen 21603 -prefMapSize 233444 -jsInitHandle 1148 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c32b985d-8076-4a63-ab17-1de676e89920} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 3032 13954e06d58 tab
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2220 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3056 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.4.232467981\2144525570" -childID 3 -isForBrowser -prefsHandle 3500 -prefMapHandle 3516 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1148 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d6e4a59d-8cba-421c-8a38-5f32a6fc2994} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 3644 139558d3858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.5.964717366\207357517" -childID 4 -isForBrowser -prefsHandle 3624 -prefMapHandle 3856 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1148 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0abde5d3-798d-4b2d-a3f5-75641d115da8} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 3928 139558d6b58 tab
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.3.564115670\1613692178" -childID 2 -isForBrowser -prefsHandle 3500 -prefMapHandle 3516 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1148 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {56e670d9-3cb4-44f0-9829-c65cfbe260ad} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 3152 13954e8dd58 tab
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4888 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4040 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3904 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1916 --field-trial-handle=1992,i,3517788134178320976,254382332758753450,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1992,i,3517788134178320976,254382332758753450,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1904 --field-trial-handle=1972,i,15572328037368092650,1971796060405680205,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1776 --field-trial-handle=1972,i,15572328037368092650,1971796060405680205,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3048 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1664 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:2
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.6.2003535079\657439751" -childID 5 -isForBrowser -prefsHandle 4728 -prefMapHandle 4724 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1148 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {44bd641c-9ed2-482d-8bb0-b14e47de987e} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 4732 13956a41e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.7.261363543\374411290" -childID 6 -isForBrowser -prefsHandle 5512 -prefMapHandle 5516 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1148 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3e0f9353-321c-462d-a328-ee69cb44c0e1} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 5560 1395824cd58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.9.2081791469\1874659061" -childID 8 -isForBrowser -prefsHandle 5948 -prefMapHandle 5944 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1148 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7042a571-4719-4e46-9b3e-b31c48322082} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 5868 1395824b558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.8.281872215\1562079409" -childID 7 -isForBrowser -prefsHandle 5692 -prefMapHandle 5696 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1148 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {229346c7-1f95-46e1-8094-e879be78e7df} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 5684 1395824df58 tab
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6120 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5808 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5808 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5700 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3980 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4f4 0x504
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5456 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5452 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6176 /prefetch:8
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.10.1273339247\941126425" -parentBuildID 20221007134813 -prefsHandle 1740 -prefMapHandle 1736 -prefsLen 26381 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4ea3fdea-0eed-4885-9a2c-b47ce8e4184c} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 1764 13956a3e558 rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.11.906235256\1491793583" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 6184 -prefMapHandle 5508 -prefsLen 26381 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {961236b9-6ed9-4421-a6ab-74060d2446b0} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 6192 13956a40058 utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3628.12.361932767\1838049697" -childID 9 -isForBrowser -prefsHandle 6524 -prefMapHandle 6520 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1148 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3c4b5269-eb73-4662-b637-b2d4b50d5609} 3628 "\\.\pipe\gecko-crash-server-pipe.3628" 6532 13958194458 tab
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,13262119545121224686,14198239418049595509,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2540 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4260 --field-trial-handle=1912,i,3835834792034248343,10467358685593782705,131072 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.147.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 142.250.187.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | 84.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | facebook.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 163.70.147.35:443 | facebook.com | tcp |
| US | 8.8.8.8:53 | 12.195.60.179.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.187.238:443 | www.youtube.com | udp |
| GB | 142.250.200.54:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | fbcdn.net | udp |
| GB | 163.70.147.35:443 | fbcdn.net | tcp |
| US | 8.8.8.8:53 | 54.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| GB | 142.250.200.54:443 | i.ytimg.com | tcp |
| GB | 142.250.200.54:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | fbsbx.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| BE | 179.60.195.36:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 52.10.159.154:443 | shavar.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| GB | 142.250.187.238:443 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 34.107.243.93:443 | push.services.mozilla.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| GB | 142.250.200.54:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 142.250.200.54:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 154.159.10.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.youtube.com | udp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| GB | 172.217.16.238:443 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 4.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | tcp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | udp |
| N/A | 127.0.0.1:58707 | tcp | |
| GB | 163.70.147.35:443 | star-mini.c10r.facebook.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| BE | 179.60.195.12:443 | static.xx.fbcdn.net | udp |
| GB | 142.250.178.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| N/A | 127.0.0.1:65201 | tcp | |
| GB | 142.250.178.10:443 | content-autofill.googleapis.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | accounts.youtube.com | udp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 76.246.100.95.in-addr.arpa | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | rr2---sn-q4flrnl7.googlevideo.com | udp |
| US | 172.217.131.71:443 | rr2---sn-q4flrnl7.googlevideo.com | tcp |
| US | 172.217.131.71:443 | rr2---sn-q4flrnl7.googlevideo.com | tcp |
| US | 8.8.8.8:53 | rr1---sn-q4fzen7e.googlevideo.com | udp |
| US | 173.194.57.230:443 | rr1---sn-q4fzen7e.googlevideo.com | tcp |
| US | 173.194.57.230:443 | rr1---sn-q4fzen7e.googlevideo.com | tcp |
| US | 8.8.8.8:53 | 71.131.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.57.194.173.in-addr.arpa | udp |
| US | 172.217.131.71:443 | rr2---sn-q4flrnl7.googlevideo.com | tcp |
| US | 172.217.131.71:443 | rr2---sn-q4flrnl7.googlevideo.com | tcp |
| US | 173.194.57.230:443 | rr1---sn-q4fzen7e.googlevideo.com | tcp |
| US | 173.194.57.230:443 | rr1---sn-q4fzen7e.googlevideo.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 172.217.131.71:443 | rr2---sn-q4flrnl7.googlevideo.com | tcp |
| US | 172.217.131.71:443 | rr2---sn-q4flrnl7.googlevideo.com | tcp |
| US | 173.194.57.230:443 | rr1---sn-q4fzen7e.googlevideo.com | tcp |
| US | 173.194.57.230:443 | rr1---sn-q4fzen7e.googlevideo.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.187.238:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.187.238:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.187.238:443 | youtube.com | udp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| GB | 88.221.134.209:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 172.217.169.46:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 172.217.169.46:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r4---sn-1gi7znek.gvt1.com | udp |
| CH | 74.125.108.201:443 | r4---sn-1gi7znek.gvt1.com | tcp |
| US | 8.8.8.8:53 | r4.sn-1gi7znek.gvt1.com | udp |
| US | 8.8.8.8:53 | r4.sn-1gi7znek.gvt1.com | udp |
| CH | 74.125.108.201:443 | r4.sn-1gi7znek.gvt1.com | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.108.125.74.in-addr.arpa | udp |
| GB | 142.250.187.238:443 | youtube.com | tcp |
| GB | 142.250.187.238:443 | youtube.com | udp |
| GB | 216.58.201.110:443 | youtube-ui.l.google.com | udp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 193.78.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 216.58.201.110:443 | youtube-ui.l.google.com | tcp |
| GB | 216.58.201.110:443 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| GB | 142.250.187.238:443 | youtube.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | 35.169.217.172.in-addr.arpa | udp |
| GB | 216.58.201.110:443 | youtube-ui.l.google.com | udp |
| GB | 216.58.201.110:443 | youtube-ui.l.google.com | udp |
| GB | 142.250.187.238:443 | youtube.com | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| US | 8.8.8.8:53 | beacons4.gvt2.com | udp |
| GB | 142.250.200.3:443 | beacons.gvt2.com | tcp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| GB | 142.250.200.3:443 | beacons.gvt2.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.32.239.216.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0bd5c93de6441cd85df33f5858ead08c |
| SHA1 | c9e9a6c225ae958d5725537fac596b4d89ccb621 |
| SHA256 | 6e881c02306f0b1f4d926f77b32c57d4ba98db35a573562a017ae9e357fcb2d2 |
| SHA512 | 19073981f96ba488d87665cfa7ffc126b1b577865f36a53233f15d2773eabe5200a2a64874a3b180913ef95efdece3954169bdcb4232ee793670b100109f6ae2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4d6e17218d9a99976d1a14c6f6944c96 |
| SHA1 | 9e54a19d6c61d99ac8759c5f07b2f0d5faab447f |
| SHA256 | 32e343d2794af8bc6f2f7c905b5df11d53db4ad8922b92ad5e7cc9c856509d93 |
| SHA512 | 3fa166b3e2d1236298d8dda7071a6fcf2bde283f181b8b0a07c0bb8ba756d6f55fa8a847ca5286d4dbabc6dace67e842a118866320ac01bd5f93cccd3a032e47 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | bc16ebe41a9fc2938c4060992a92b0af |
| SHA1 | 1719af3e339b187d984a76437eb80cae5dc50e6f |
| SHA256 | 5874dbe9583546eb24cfb2b237d58f97ef186cd72866dd224df82e62817744ae |
| SHA512 | c78d4be86a3f35ae07375b37fd39f869d317a6ec6699d7673731e6f9b255d7bcbfacf58ca71c3f51baac1e2b2bbee7da58603efa5bd51a31162c481aab7a912c |
\??\pipe\LOCAL\crashpad_2284_KTTJKUDXLRSZHCCS
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | f732dbed9289177d15e236d0f8f2ddd3 |
| SHA1 | 53f822af51b014bc3d4b575865d9c3ef0e4debde |
| SHA256 | 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93 |
| SHA512 | b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 768dc9018ec9eb767f52c32a9a2bfa4a |
| SHA1 | adb5dde6450cb2b8c52b5668efe7e44129281d02 |
| SHA256 | 28f784c60d5059ad5e132b6288d01822b2d22211fe8d44d0bb10861734b3d9db |
| SHA512 | 872f279c6594f924c900f6ae1fb64ff17b6b7a3b3b8c6ce30e49f0c661c2d457bd4150e6c9a3823c3bfafe39fae8106aea0afc1a792c5c1dd1a199f5ac1550eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 16b7586b9eba5296ea04b791fc3d675e |
| SHA1 | 8890767dd7eb4d1beab829324ba8b9599051f0b0 |
| SHA256 | 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680 |
| SHA512 | 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e811500b40292b57b25d39cbdda54ef8 |
| SHA1 | e802521fdfa8b50b4f88a799182ed4dc866f629d |
| SHA256 | 7deaf968655a85c6fcab910a5c25ce093f3f0cf42a6fcc1487f0bd0efbb05ea6 |
| SHA512 | 579e3ee40d047e961477f861a09faf61a2268a614cf4ae54b57cbd426d92209e6f6577ee0336ec97dd1ec58c269bf3d13fb229966392e0f9e5bafaac904dc71a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9450eb853e785f67384e24d0baf27129 |
| SHA1 | ec151e8974d23bc83e0b02cbb2d0d0031dcfa814 |
| SHA256 | ae8f39160138186b52741b38838f4bb57f20ba78b0b7669d5d4d17d9d65b0537 |
| SHA512 | e3e044ed7de5ee4f54b2f2c59ddba2789e8d1c1ce33d0a0665e93e036309029fe0fa1b9f9f7e5b19d056f4da80c679c3d19c784fe7e74674ab903548050b1463 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 92ff772952b39aff9d3e6aeedff221fd |
| SHA1 | b9250b2ef94397ddff98389b00af2c3fe7b0ce79 |
| SHA256 | c4a300d74103129056df975764349d2ea4eedb5dcce40f2ff7a3a094b854ed2c |
| SHA512 | ca7675a00d0702a06716be11a9a938ffcb363416926b17d142105f70256d5deba90afe6d4d6cfd6b5d3dd0cc47f46f646db65a55c7d709213c415855cbaa40cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 36c26ba0a9152f24b7ac4a315c16d8cc |
| SHA1 | 2bc5c693f0f935df9725fc9939e888c09cd27bc9 |
| SHA256 | d2a2c33f0951250b0bb46f996359553c30ed697ca7540b960c92296464143e7d |
| SHA512 | 2202e3d522b52705cd81806c753bbff35ae903e3d50f8a32ed439cc6284e390bd35e99120f64d3deb8220da7ca9406a2dc85808bd5098107cf53768e578a05f7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 034f865eebaff7cb0d8b0c3ed6fa0c17 |
| SHA1 | 8851466399e4517062d0409af5ddcc5db1fd877b |
| SHA256 | a5cca41ba471f75cf68e63cc68665a35abdad5dd4cc68fcdbafb2aa223ff33f4 |
| SHA512 | 2cf7b86985d24acb83809693baf0f07686747403563aaa282a827144910658337ef66ecccc189b1f5b7f8306da2acfdcc849be9ef029a60520bf305b1fa79415 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | bc6142469cd7dadf107be9ad87ea4753 |
| SHA1 | 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c |
| SHA256 | b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557 |
| SHA512 | 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 898af8492eae5a3307d22569b39821eb |
| SHA1 | 01b27e05f786c4f4970fa811a506fb1bd2bd6975 |
| SHA256 | b291f94770c57cd8b48529be34c47ce797a6971f8caa731f0b0c5fe56a8873c0 |
| SHA512 | 78b2b7494aee6fff54ec412a07b95268c4811d4051f65cb6ce0fd3ab548f639452c080c6db17a0fdfa9b5d9519bc436a7bfd0c67d6a10f7299d3bf374e450b99 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e391263f0b60ba69d9683c3b0cc29ae9 |
| SHA1 | 99449495c8e480049c6413304cf434446d2c7f5b |
| SHA256 | 820b3a8caafe5b22858969a58dbb9533519f54e975a3ee9274c9b80421a86f33 |
| SHA512 | 43604f98ae59382196f692ec4a02c1a43cb0cbf4ad7f01d6ccecaaa607215edc1b68e799e1f50bbd5f7e9bfb9c068cc4bc8b08f750772a06311d33bacb7d49f0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 06b01d83feb19e73d5755a244700fca8 |
| SHA1 | 863879146a11e60e6a1a671b842f5ee9ae7f5e96 |
| SHA256 | 36f488494cce2f3a46e8ef77710cbb1eacc36f9432818602d54eca92e91b5354 |
| SHA512 | a2c6d48322079c75069ef5d8a1b269a78637ca0a3723d0e91e84a32e0d568411786a88c0fb1f2cfe9c0685310d9cd6dfc1dbd817e8df1a93f66eb56a988c6766 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | 8eff070195653e2a131a916680cd18c2 |
| SHA1 | 7f5dc88fc5d5969b25d5e75cccabd37362b31a94 |
| SHA256 | 61c22934bcca9275d3aa4a9548828b028aaa84a0c1d977d50daeb889e02dbfd3 |
| SHA512 | 18ed6beca1a23e74571ee365b3c5e1b92686188178fa5481d41dd4c991286d5b3599613a870a8d371eb886f82b1b5e35be10ae82b0a95452a53f9cffed73f507 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\datareporting\glean\pending_pings\d8fec8f7-18e9-4f3e-b0f9-164c446102df
| MD5 | 9fde763a6d89965fa5c2f52ae2f49cb3 |
| SHA1 | c48147349674fb4ce660cc4172f98ad037bd69d5 |
| SHA256 | 254529330ad19aa74f447a04ddcc9f4313fba05f8891cf6765d3a6d0cf383bfc |
| SHA512 | 035dbc4695d5195f51a05509224876ed0f9594fa17367a039c8bbb842dca16b88cb23877dc9b1981565ff7feaa6dba280aa25b359cd2736d65166ed605da55e1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\datareporting\glean\pending_pings\01c6c0b7-dcb4-43ba-9d0d-3f9c98c9fd37
| MD5 | 2a03b18260f091a37f5806cf432d6f94 |
| SHA1 | 10c83f3748adf3d2d6b718a1ba7319e80057f758 |
| SHA256 | 3e056e57e5a8cc58b266571fd652f99beccbde1d864f3e30bd14177a9dad2d68 |
| SHA512 | ed8016c87e7e7a4f86ba007a1d70be9f9b1b7c03721052ba964ecd40a7e208fd2f1b342eb77738c366ee74f1f82d9d4124ed71fd97b5dbfbe1a125f1998979e8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\prefs.js
| MD5 | 462e15a38cb4f4728018edb44a2464ea |
| SHA1 | 4f4db3008f46f9db0df541458b6e292bd294fd9a |
| SHA256 | 82cab9a9849d19f3bd4b567e5587e20f6f13911f3a6073cbe6086d42c2205377 |
| SHA512 | 41681bb3f4b97f5a3ba64b6c6cbd018f06bb76111f35a40440f4a087dc65b6e5e382d3def48cbe37df13785686b8726fddcf72d7c7c68fe666b10a83ea00fc24 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 8f9ce682e84e448d36918ae959e12e3b |
| SHA1 | 00c45ff227c9653cc47befb9cddaf07943d12ce1 |
| SHA256 | fc848631cebaa40fb9ef0e1e01875a3c9fb5874806569af9cadb05074be62e1d |
| SHA512 | 57f75735508ce01a843714aa780a2f7f031c39b43e766304ccdd345cb66af2a8cc16cb54122afedc92f5349d951f737e290b1d7593d068c304b26e6b4382a0d2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\prefs.js
| MD5 | 6694329a800e7a59ac23ce6fca089dc3 |
| SHA1 | 0e7ce84a0eeea28af09db546c9c8dac931e0f414 |
| SHA256 | 781c401158dcb72f6f67285cbe9a722903e724acddd53f9731f873be6ecda251 |
| SHA512 | 21863515c7a70ebc06fdb64c76100b4fc2df931424429e1a3a17be96f560b39c66b8ffb71c577132ecf62f9b45b5d219468047d5857fd7db4a17cf01f19597b4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\prefs-1.js
| MD5 | 24cf5a94d097b1932f3f645f72c56d7c |
| SHA1 | cd17311860fb2fbec71121652b38df146e02ecda |
| SHA256 | d62f8bc1facfc585918da3b25d0cf0930b2f49410712530ad5c5265d792dc0c0 |
| SHA512 | 1da07790ed69164957b7f396eb6447e1637bab375acea64166d1da2b59ab124b4587ce51af93487286c2e6323adab88fe807de7702c95f4f127df984592d311a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | 7a204d478c8dfe822bf86f9103bbd9b3 |
| SHA1 | 7114b36ea1588d9372d730b2ee5dec7a3aee36d1 |
| SHA256 | d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb |
| SHA512 | f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | bccab91368a69a04924b663c732431b3 |
| SHA1 | 66db78606bd2446c777bbd19ccb4618187e62805 |
| SHA256 | 3e17fd1ab2433e5c122b515caec2e0ca3f1ad689ab4a6cd6f565c4c8a0e27832 |
| SHA512 | 77e7a2f92d6fc4b3b9fd9a169c27f2f50ae150a64bcf49b952b90d501afaf3b974e7de4e4ea391b3b8ace3f87394e3b1eab0210bc7d96d834208726400fadda1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9aff622d91346743e71cb2a7cb3ed496 |
| SHA1 | 80a412968e85bef3d28220f46bbf15bb3926c5f1 |
| SHA256 | c862a2ced2bf82ce90abcea306fdecbd38e7d15a67699ba464d4842ddfed8358 |
| SHA512 | a9dd76f5ea3201750b6feefc2ac8cb60101c4a9d9069daa9ab32e3e90bd0749c1e752ae8db0b16ca4e527478595b6f75ec5d9b4c26111d74a84713fba88baebb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
| MD5 | 923a543cc619ea568f91b723d9fb1ef0 |
| SHA1 | 6f4ade25559645c741d7327c6e16521e43d7e1f9 |
| SHA256 | bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd |
| SHA512 | a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b77fa6c66cee57cd302b49d77e85ed66 |
| SHA1 | ec9ed73ede3e2b93341b905a656327002cde1529 |
| SHA256 | 3911ad4d7c122724218b149755f4af61f2d8925ef64210e6935e06d824caffdd |
| SHA512 | 615d3e319ee501bfb0d478433eb4c76cf1603488fd3f76dd4f7871fac283703a8e5aee796be855f38362efc649a7dc1380ce9d2e1e6f706d810f088156f3be62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | c2ef1d773c3f6f230cedf469f7e34059 |
| SHA1 | e410764405adcfead3338c8d0b29371fd1a3f292 |
| SHA256 | 185450d538a894e4dcf55b428f506f3d7baa86664fbbc67afd6c255b65178521 |
| SHA512 | 2ef93803da4d630916bed75d678382fd1c72bff1700a1a72e2612431c6d5e11410ced4eaf522b388028aeadb08e8a77513e16594e6ab081f6d6203e4caa7d549 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010
| MD5 | 7d75a9eb3b38b5dd04b8a7ce4f1b87cc |
| SHA1 | 68f598c84936c9720c5ffd6685294f5c94000dff |
| SHA256 | 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7 |
| SHA512 | cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | df9d5a1dab4a00fb7a74a2706844295f |
| SHA1 | e77bd49c9df831f37a246f1e88711fcc0615c490 |
| SHA256 | 1c4d02b1f4c4d49e6da234df589d147a9be69316c506d945f4b4f7d4a0331a24 |
| SHA512 | 8751067641da7b8903e282692c3e8d6b08ddf0084a95025df2e7445ffd5e2eb3a51a6c1ed240129b75e49be3a1acecea5c586925b26e211d82ab49979e2de0f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
| MD5 | 85b2f70f7cca6ac183b1c48cb0198d98 |
| SHA1 | b9c226a60c83280f96ac76c3fcbfcb7547fbacf8 |
| SHA256 | c8cdeeebc42c8dd3140e12b64b94f1606d9960af22b6feaf834f4eadf8e1ea33 |
| SHA512 | 79cb317cad7739b3f23988e3f430f8f9ebb4fb42a1fbb3c8672a835fd343c5588e6f912c2831909a1bf0729ddb2c820deed51d7dca050c303975230664570b48 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
| MD5 | d1a0d8504b6a46215e2a4cf521ddb7b5 |
| SHA1 | 3d6e16808a1e17ccdaca99f37ed30468391c62e0 |
| SHA256 | cb357178d5e09917800b0669d958b5517c4f8b322c01f2adeca3ea7fa4e707c1 |
| SHA512 | 2ee68d71b04a78e1bc353f66daaeac1ab9f2e1119d7b6974571f8ef1a7a20fc1ea3903f3d90f3feffe7d820339abed4a26cabb230ddba3baa415309daad2d570 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | b1375326603fe65cd42df7fed7ce5c45 |
| SHA1 | a7fc9a7c979e62a0bed17ae5e8da74738d3e25ba |
| SHA256 | c9088547ff6883a0646b7ca0c27b0696524be01431ce0059c4ebe765d48dae06 |
| SHA512 | 1a381b6193bd8380bdb81934bb0b5f75a514c5fb878ab70dd1f7ff5c5be397298d0ca4cbe1c65ca245074ee2052322f89487807b9f73f780851f3a074f74ced3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | afaa9efe51fa68f5c279bedcc6a79987 |
| SHA1 | f58b601f38ca4a0ecf0f70ef6986837456a020c8 |
| SHA256 | 72599d3ce31ebd53e1caaa6cd812641307b4389cab9f723ddce83c2b5ab9a816 |
| SHA512 | 89bac79e00a1a48ff334df8354655a0d618f2c8d121234abc21d0b50b3d7bffa30858414562b41536787864e99252d374bfe7c8e9075abc3b8e3cbe6096d482f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d
| MD5 | 2ba277bbbcc8715291613160a997cebd |
| SHA1 | e64ee67165bbadd3b8bde989c3e5b1d2540cf09b |
| SHA256 | 00ffe000f78ae3c8c8d5557e3ab0089e29730ed10b2a190bd2b7a569812afd96 |
| SHA512 | c0f7840f181ad991c45ed1be0fcc0d90be100f8bbf36c54418ebe66f46d776652447eb5b7eaffbd2eb07c04455841d8e5d74f404eddf3c22daa34269d842435e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012
| MD5 | d8e56edd91e6a8e254c9df3c3619f493 |
| SHA1 | e5bb299b458c95e5575da0a42ff7b49969b880b4 |
| SHA256 | 8b598d7196aef8cb9eacf393e5b2520f5387f125552e1fefb6f373be30f64e97 |
| SHA512 | 46d3bb6eeba235ed9e2621cf6bf89c10c78fbbee1bec31d59347532d9d242de4bb533911d0981d3c1af85a1d51226ca694ccbcef178adda1fb71e9634820027b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013
| MD5 | 57ae6558fd495a4c05692113c7315b1e |
| SHA1 | edcf35929545ae68664779e0254b67e720e1a0b3 |
| SHA256 | fc01d1f63650df9b53e5ed7f8ad20f8ca46a194533f72ab431ce862d1f310b63 |
| SHA512 | 51fe9f8eee096ecaec21a1b1ccc72ddefa178627cf8809daf12713c70edc075bd1b03f277a505b2357076a278afd11a4f853132d8fbae53361a36438fd8951f4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | e2b3dc9c6d3e4562da2e0c6d6e36e981 |
| SHA1 | 9adffc121495f27865dd1b34009a76b1db7b4b05 |
| SHA256 | 6f52fa2e02323fe3d2f17b12d802a6881b06315d6bfccd254938632b8978170a |
| SHA512 | 94f0f32da0f60cbb29bbdf3f67ba5e13e08f8b392154e834fae38734fc6bac7d51ed7eca085d169a6e25dec493f9bd707daa01c3a845bd093731920996e8a639 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57827e.TMP
| MD5 | 7f3fa8979e80ad3e6106624cbcf33e37 |
| SHA1 | 481731c016b906da4d9784a413183063d920fcb9 |
| SHA256 | a79b06d754a629d392cb372c9341c5119c2c4520529ba8376430ff560b283e4b |
| SHA512 | 64e2b31b3ce615af2e4d817f969043cc4446be6bbc3adcd30463f03fa076585e4faeb99360da6d90d47a39eaaee99c4708015dc698ba63b50e55e3fc29858c90 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | d9c1dac836df4250573c92c6f4af4f3b |
| SHA1 | da9e20fb88c16219e7cf8b4d8a7161fef43f1549 |
| SHA256 | f439b52303c81f17ebc3ddc195c9bc9377072ea592da4a2fea0de9482e63950b |
| SHA512 | b03b2a6a39ffe3e071813ae92fa6f31a782db76706b1a70c0b8a401f765e30ef0f2f8f9f8eaffc2387db7cb62dd090761cdceccc8fff4e1c092cdde748c4d037 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014
| MD5 | 3669e98b2ae9734d101d572190d0c90d |
| SHA1 | 5e36898bebc6b11d8e985173fd8b401dc1820852 |
| SHA256 | 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a |
| SHA512 | 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015
| MD5 | c1164ab65ff7e42adb16975e59216b06 |
| SHA1 | ac7204effb50d0b350b1e362778460515f113ecc |
| SHA256 | d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb |
| SHA512 | 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016
| MD5 | 9978db669e49523b7adb3af80d561b1b |
| SHA1 | 7eb15d01e2afd057188741fad9ea1719bccc01ea |
| SHA256 | 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c |
| SHA512 | 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017
| MD5 | b63bcace3731e74f6c45002db72b2683 |
| SHA1 | 99898168473775a18170adad4d313082da090976 |
| SHA256 | ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085 |
| SHA512 | d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018
| MD5 | 55abcc758ea44e30cc6bf29a8e961169 |
| SHA1 | 3b3717aeebb58d07f553c1813635eadb11fda264 |
| SHA256 | dada70d2614b10f6666b149d2864fdcf8f944bf748dcf79b2fe6dad73e4ef7b6 |
| SHA512 | 12e2405f5412c427bee4edd9543f4ea40502eaace30b24fe1ae629895b787ea5a959903a2e32abe341cd8136033a61b802b57fe862efba5f5a1b167176dd2454 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019
| MD5 | beafc7738da2d4d503d2b7bdb5b5ee9b |
| SHA1 | a4fd5eb4624236bc1a482d1b2e25b0f65e1cc0e0 |
| SHA256 | bb77e10b27807cbec9a9f7a4aeefaa41d66a4360ed33e55450aaf7a47f0da4b4 |
| SHA512 | a0b7cf6df6e8cc2b11e05099253c07042ac474638cc9e7fb0a6816e70f43e400e356d41bde995dce7ff11da65f75e7dc7a7f8593c6b031a0aa17b7181f51312f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a
| MD5 | 621714e5257f6d356c5926b13b8c2018 |
| SHA1 | 95fbe9dcf1ae01e969d3178e2efd6df377f5f455 |
| SHA256 | b6c5da3bf2ae9801a3c1c61328d54f9d3889dcea4049851b4ed4a2ff9ba16800 |
| SHA512 | b39ea7c8b6bb14a5a86d121c9afc4e2fc1b46a8f8c8a8ddacfa53996c0c94f39d436479d923bf3da45f04431d93d8b0908c50d586181326f68e7675c530218ed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b
| MD5 | 01ef159c14690afd71c42942a75d5b2d |
| SHA1 | a38b58196f3e8c111065deb17420a06b8ff8e70f |
| SHA256 | 118d6f295fd05bc547835ba1c4360250e97677c0419c03928fd611f4f3e3104b |
| SHA512 | 12292194bb089f50bb73507d4324ea691cc853a6e7b8d637c231fadb4f465246b97fd3684162467989b1c3c46eabb3595adb0350c6cf41921213620d0cff455b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3192_528624080\Shortcuts Menu Icons\Monochrome\0\512.png
| MD5 | 12a429f9782bcff446dc1089b68d44ee |
| SHA1 | e41e5a1a4f2950a7f2da8be77ca26a66da7093b9 |
| SHA256 | e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37 |
| SHA512 | 1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png
| MD5 | 7f57c509f12aaae2c269646db7fde6e8 |
| SHA1 | 969d8c0e3d9140f843f36ccf2974b112ad7afc07 |
| SHA256 | 1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f |
| SHA512 | 3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 8843437d7f38ab30de51996c2d119201 |
| SHA1 | 3728e44197514e93970905c5d5f45fb9a71ca6e4 |
| SHA256 | 64cb14bd64ecd1b364d2ec5559a84bca9f30124d737b9e137a844cffb7e37fff |
| SHA512 | ec69b6c0958be16052aa620e4f427145ea50076562c397b0dcf419cba54f069c155248f1d78071be8000c2e234b1a7a9c7e6ec688f61e7389049416590067b1d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | edbeeab36c9b04130f3601559c707110 |
| SHA1 | 378d9361a64c7d9f07a1172f29a4a756a4b4e469 |
| SHA256 | da623bf84262c7cde71d4eee40d71ff7860c5c9ab1b419ec51f40ceb195bc820 |
| SHA512 | 8af5525ed9e432a8ce4d8dee0f6fffde78aee8e0f9e89b82bd2866edce816e8f1ca24422577cd23874dd075ef71b3afa54b9f70683f1a9596e025d57766b4b9e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe579dd6.TMP
| MD5 | ec9b6532af5da88661ee81ff94034b30 |
| SHA1 | 67fa10a9f85a7cd71ecf0561a210159877254217 |
| SHA256 | 44d2abc4ca525adfc99fb1f789cd1af9fa387cd9c6343a4b70df04e8dfe654b8 |
| SHA512 | 79a251b81bfb0eb5d65e1970816e1e1c0d54369a1ac2a1aa6ba90453b0597fd09ac2575c53f38820a126c96f95f6d43e03c24849272fd02ed0a8684dba20e046 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c434d6b971add89e78683b0d7056d3a1 |
| SHA1 | 0936c9c3930656f94dae1dc0373cabf4fa105b07 |
| SHA256 | 103b13036924301582b6e2f608267f7b8ab7bd29c3916f686e27aa6faf62ef55 |
| SHA512 | f61c406508ef2339080bd3f23b18d40ab2c9f8f943010720646d8aad2d4beac9801a175a2082975df7270b9c2055078a42cd04331fd9b9dcde0b0ac527caef5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 20c9fd04ee98d1bcdfde186eb834acb0 |
| SHA1 | 2e74362490991c7ba0b4e4905ca0147e67142433 |
| SHA256 | f6e0ac0732203fcb51092932bf9d9693b151f78247e1b771f0e70e96de4f3b28 |
| SHA512 | e408e15b9a4977c1aa2c059f889ac3accb4fc9dbce820617908d2bf2365cb81a8e48d6f8d1520bc846dddddeb81ac2912cc4201a3c97dc64e463c5f1ecc522e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | eb445c7d7b7ce8bf92a4f9f666da222c |
| SHA1 | a9c71b8975c7a84fe8909994870eb0477a507781 |
| SHA256 | 5a79438aca298b7c1b73e83d09345e30d00f80feaab45ffdad56f815557dfd71 |
| SHA512 | c254ec731e7cbbcf583c58ddb3cdf8a0e02614612f16de171a66ab49f3206ce11e3c08aa1a4fb4564040c3f9fe343a68a2e4ac69b2c95027662467624d5a35d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\9a545f39-f62a-464f-8912-0597b739b221\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | b632a0bcd7f0999220b4f6e69854dd83 |
| SHA1 | a83d21b2b10d28def54d9318c071d65b93e6410d |
| SHA256 | 3d3ab6672660fa2cfa4795093f2c5459ac001e554e7473ae591402f2ddcc4135 |
| SHA512 | f97506e6bca88f6db80dc4527db0f55dc98fb84b4a4aefd44c5b3bfc4a0da2977120ab8e2bb42dae882c3952fe23c521a82658c15fd0d660ca7dc3c4ac9ae1de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | a895db1022b9e417c029e5716482df8a |
| SHA1 | 1140cca28739be91d992d0dffbf2b1bb94ccce34 |
| SHA256 | c56911c01307b15335ea6c7084ca2475d98bd3c1dd52620becdfa42293079f41 |
| SHA512 | 5282c508aa01bd8611256e134236cd61ff8a27ce3844fd94c524973ca8293127fd2c09a42ec31061402c441448aa65651aa38b55732261b3550edd528ec82de3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4ec82e4dc0a59379dd4c15546bc0a6f0 |
| SHA1 | 920b0c5f5f7f1fc7b02643ad1bee25f7674ab1e5 |
| SHA256 | 53f41cdd10d404305a1843290297f68cbb53e65711e4150c7d3b462f35c7dacb |
| SHA512 | f3a70c0e5aa6d23d638b060a44cf08bb4910b00924f9032079bda07c985b4ee734f25a51227339fa70ea24f089b3d2ab12f3897008f9c83e77a043abc281ae48 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\storage\default\https+++www.youtube.com\cache\morgue\202\{4def5282-d3c3-4f39-8d3a-be57584f7eca}.final
| MD5 | 2a252393b98be6348c4ba18003cc3471 |
| SHA1 | 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598 |
| SHA256 | 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee |
| SHA512 | 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\storage\default\https+++www.youtube.com\idb\595286561yCt7-%iCt7-%rdedsepco.sqlite
| MD5 | 57f6e2f5d7715327696f1ff4639454f6 |
| SHA1 | 3b4e46afd57487c2ae45330ad661ea69d1130340 |
| SHA256 | 9bd062b10db755853a62901e0ec6e57690a2075920d17a6b3439d4eecc3c73b6 |
| SHA512 | d2a542591f5926003d4ec107a05f9b81169fe294d9a370c659fdaa15f541ffe2113083732093cb723c3e6cd054cf4fa5d4d9135ebc3f3f52926ac55504b17e7f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016
| MD5 | 81ac05c6d01d84d913a56c11909cdc7d |
| SHA1 | 55f6bd5429c5a35ed53caae2cd50d856edcb7883 |
| SHA256 | b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5 |
| SHA512 | 0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017
| MD5 | 3ba7e6919bc260bb6ab523197f2be3e1 |
| SHA1 | ce2d7fe3aa42d99d733266d023f6aef3766e7785 |
| SHA256 | 1032fd6f298c16aaae3f1ae2059591f2f5d40e839de4f22a5bb6d41c38a39818 |
| SHA512 | 2806c96ff57678813e20abc51ffbcb8ebe8986b3775df5d42812be6b50c905840503486d1b963d1fcc6c3de572da4bf9ee175b802032753785d3de69fb0768fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018
| MD5 | 3b2df667a176193cba046f74787e731d |
| SHA1 | 0525109b7a249a66df8c8eb7d24b49852cd076cc |
| SHA256 | f38e1d77aa0173d1c110ebbc24f55704f74d28b33c70302f1170c1f4213f611e |
| SHA512 | f6a90da9852126be776f2b7b488e04d8ff3cc6e0f4b222e1d9fb7aa2c938d586d4c88150dae1fecc24606c5a80270eb7c70ca4286a0efd2c2478aa2701056ebf |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\prefs-1.js
| MD5 | 18647d7ebaa9da0bc95c01074460962f |
| SHA1 | 8bf85d1db40ddad0b0e17007d9339cfe1fa8fb30 |
| SHA256 | 7a3e2782b715d7a553095442ebb35ea87b958ad9968fb1e3efe50f8dfe7736b0 |
| SHA512 | aa93ea55df1df8cb50f3b8dfbdbb11c1c2992f8fa6a4840fb29fdcae96002bfbbc19374137f2559e18e1f0798fc1696908ea7a5eb7588dc37545f316df8576d5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 3aa4e312981bb007216b1bba7a5db04e |
| SHA1 | 5401ceccac2c4fd1bbf4905183fe2046e02ce060 |
| SHA256 | c20cc635ce7be85522a5fc8edde80e85bad720a8f5986472d9107d1cecef4671 |
| SHA512 | 922e261a133906fafc41655c924774f7e9f9733d9753b08dc6d5e0bbf9a8f2937c40e27ba94ded9cd39fc1d629214cff1f78f2c511d19b6407bfeff09e3553e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3191d0a8408544acc60dfd06a407094b |
| SHA1 | d3baf087396052ebcb10d1ebed44d280b9c735e1 |
| SHA256 | 6ca360f052671b56de7a8471b914ad02d30a73c9c217696984bd72a72ce683d3 |
| SHA512 | 8d0697124aff4d5c40bdd36bd585fc2583a75ddd8fdcdf47459490319b09b9b2fb03fa934466ad387a31a1e5a1b955f2b17fc4c2a0014e7e85817a6d11b6f7f1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57d9c6.TMP
| MD5 | fee61b6bdafefcda4f45596ca23fc498 |
| SHA1 | 66981721a99803446037be9448d4c8d2bd54aa1c |
| SHA256 | ca0c52955c9f359609317376eeac7cf1b2f7de4e0e4da400807908ef3b2c7eae |
| SHA512 | 76320657746799701884125ccb7ed6d21cca8a52df4ee5104040e2a1af4ef860e0d3baa0af7aab90b527001482ce7c3f49d48ed94f0fd7f39b6fc49ec04cfd75 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 3b41316d6f0aa87eda5d2a606fbc230b |
| SHA1 | 5a88d95d4c0aa21fde4f3ee2f3d89dcd4a09b3ad |
| SHA256 | cad54fa8c9a79e22ff5cc6548433c6911b213b3d6f2cca78a9c2586a5f7adc7e |
| SHA512 | fdd8fc7060c44aa91c1a5db163d2a3fa6b14e0e1ca6ee57c9f26c7677fd3cbe28cdf2130572ed0d701cf686eadf5fa63132dc6e925a8f429d59bbfc6b241ac7b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f6ae4ab9b47e7748a6d748480512b932 |
| SHA1 | bd6aabb0af0a8524efa3627f1189b304c6092d2a |
| SHA256 | 5e58bb808e0499fd65dbd3cbc73c0810fcb7ab088d7b3fb7b2a264c38f441f15 |
| SHA512 | f76381b37b29866d07fdd359a074a4316429b8aad769cbd7f88e731d2013a5d8ef82e78a60f7cc162ff2ae4678234f64678fb49f31e5c9943aca462d6dd704ae |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\storage\default\https+++www.youtube.com\cache\morgue\104\{3cfae486-d8e3-4001-91c2-46c8e8929268}.final
| MD5 | 2300eafff09d478fbf68f49fdafbff49 |
| SHA1 | 12f127da15a69beece4f71f600975e0503c77ce1 |
| SHA256 | f8c94c9f9dd4455eb89053d024bfd28afa482a9c697732ce5acb2df3144e885f |
| SHA512 | 93d447b0a87e4c25dbca71a80a198693b12c684c0a96b370693d693899230460bbd8c85c137dcc0b4872bd2d85fd0d10bfe3f4137c1b08f01da3a9bbfa481447 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e676c9d3-79f2-41a5-9a85-0e17844ecabf\index-dir\the-real-index
| MD5 | 6b88e5ac421e8a772f025b6cd09f62c9 |
| SHA1 | e48d91a82bbb8f387a659e0ff1e7ccbdff1dc7ba |
| SHA256 | 177ade47ae4ecffa53a743b8844ceec6a912d9f3ea0a75e2d31658f004dcd135 |
| SHA512 | 63c56e364de5f8815a3d13ed563109dff23f830e89c69ffb5e9d30d43a92bb2a27874f786cf06583b1fc600a0410e0dfcff2bcc9d97b2c4cea9b3447b2dadd5c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e676c9d3-79f2-41a5-9a85-0e17844ecabf\index-dir\the-real-index~RFe57edbb.TMP
| MD5 | 83c106889de03ab288f067af3f857560 |
| SHA1 | 0d22554c4dc3c0d16ee0411e7403e60bbaed91fb |
| SHA256 | b4776a4df40e2b69547e2dc39458d5e1defb711ba08147b003da45d1f7fab290 |
| SHA512 | b2384f050aafb73032ce1aac9073c828c47b9f80a7cf263d245a3b2f61d210cb2f7748e46f80da326e0a158035de0da83ad1cdd4c3fcd83da7c3111247d6c64d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 2ff96e4ceddfbfe2ba5244e311ac4493 |
| SHA1 | e690335dc4e1bce8f380a2a5b94c2389e85695dc |
| SHA256 | 2b0eb31ef14e3465a31531b849bddf2eaf4332b369ee0f52f2f8512c9bd2d8d3 |
| SHA512 | 4a2c54b31d845e04707da3e56421f812f7a1476084ad09f7b9fad7b0d1fd61684b05b2b1ea57265896d89305245af72a6544a1f3b5b7d28ee347d2eaa15e4efe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0d5f6fe9ed5e8c7adce099c145db3f34 |
| SHA1 | c6e7f688d966e4fef3fc0fca61c462db5f8a8acd |
| SHA256 | 4653aa356ed5943bfb664ccede808af3b54d1366f7f350865bef81afb71eb1af |
| SHA512 | 7762e2108f6b381dcb6e0634dc2b2b3c98ddd6ef65714fc1264a4ca410593cffbd01b97e2a3daa6b5974736066cb92c26c022a2ab05a53a14975d58944002b07 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\prefs-1.js
| MD5 | 6a55354c7d99d6dfdea8222eb674b7f1 |
| SHA1 | fcd11f8434d764a314a7569e61422282c94d28af |
| SHA256 | cf66db14e7938443ee4b86024cf855dd025f2d74c1c97b9bf47985f814a5a434 |
| SHA512 | 0693ac99e87c9f83473e293a766192389b0e5cb8a1b118403f390100a8a1a1fdd9e67254ef44f2b4d5ff4b09060e5ecc4df5eb52a89c34a7935d4d0f819f071e |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | 5f232566916657c701a4a67debd6f16f |
| SHA1 | 21ff935abd89f292d8843d95e5cf3694a56d2db3 |
| SHA256 | ad9ee15beaf63d1bde5bbfb4666b48bf1196b4e5b45bdd7aade58a86219267cd |
| SHA512 | 9324156a669067835974dfdd2d96b67e799db731ad8026868cf4871e89ed0a0ed436e3406556257f09ce4730472d82f53eebe006009e50d99df4e847632318f0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | b192f6624f7e0ec05de42cee8282951a |
| SHA1 | 7c5cfba7fc4151eeb321573454d3e7ca8f328a93 |
| SHA256 | 7594563767c6d2424c5de2dbd69b3e83181f59a4aba3f48e1ccabb3a12336fe3 |
| SHA512 | ed80f495561c1a06d74efee10dbf2be3b79e15527cf21b6be0b3f67e1777f3b431018cb5112caf7e823982f3012bc85a4447656a5394d462f9af7c203e619f71 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 3fa3ecb4b6d971ba0da4d175abf35932 |
| SHA1 | 1f54199fc48ec50994f49567ec4b810a443836b1 |
| SHA256 | f0607cb7312f6006d555ee3fd89545803febfb1ee67a2ae5d55d04e08e5ecdf3 |
| SHA512 | bf63280812662decac574b3de3b16774442e51aa5d5a0f5a39b10bb195db07f743f5d8b6c4146a16bef5477a2c7398c887eca6d82ee1cd743cbd6a5de5b563df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57ffbd.TMP
| MD5 | b1c9fec64f60333a8df51179d03244ff |
| SHA1 | be67f9605aa7fd0b58a3b1eaf4c87091f23f7a2a |
| SHA256 | 5fab2ab4c56080961bbc2e4f8006fa10ca24ac0e82ad1f77793531a5a2c4dc80 |
| SHA512 | cad4ca76db56f28458891eda53fc90f6de16e8a41cf89fb37b81c51457abea91f27529f8a3105e6fb9c0b12813d26083fe1df97af4b45f31eeb35e81c977d48b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 5186e7d5704a1d8f3ca34da44cbb1682 |
| SHA1 | 5ed8a58ddf42a82137e5d7983630c6117f116299 |
| SHA256 | 9ff75ce70a76d03f10bf25cf7782cd3e6098e92b7697dc5e3b72cec9bb7708b3 |
| SHA512 | c22a9f93185a6305bf2bbc41590a72e53d047af3484033d18abe91d174a77a3fc61685d6d555c457c573988d224d00caa1a11d555df6681d34b162e349d2a0a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1f2642c2c112af84bccbeed3ada281d8 |
| SHA1 | e0129d305d2bf22d89a02acc3a7467009c08ee01 |
| SHA256 | 71d9ff0ad0f24e551aefbd7b1221e6dca9199f393658d8a835c44cb3aa960838 |
| SHA512 | 902d3a1054953450ef52859fc4319f15e053edd7e35e0f7a52ea81de538844b5eaf45433575edca44c9d61778d776955f446d30970d89c1c09ed6697aa4cfc9b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4b398ec37266e41d07537d21eaa5daa0 |
| SHA1 | 4a6f6d7390020ad087e3329672a571ab8c131658 |
| SHA256 | 421e155d98cb1f9f55fa38936cc91360f87f9697070363f4781b9ab0324ca0a5 |
| SHA512 | 72925ec1793bf02a8e7051f789aedf3d8ce77629a8cf50835170e12bc903e48c63480933963f0129876bbc4f6caaa3204d54c899d4f454a8d8b67b0eadffd0dc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019
| MD5 | aaba5e872ba07d60f556b78df854279e |
| SHA1 | 93d1494959f4027195f527db143e5aa89d60925b |
| SHA256 | 0d950d310c06f5df42df4c095f087e9e04f1df621baed053ad73b6c526cdb75c |
| SHA512 | fb9f3fe53d97caf3624a5cfc952daa6fc486e153f9fb33a3456c7f86c655214b520432d150286dbe383bb30fee251f1f63e89e6bb5b45618a541ec03f8a94346 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | bd7e450a5f79ada1bd68ddac2021d727 |
| SHA1 | 4bf5670185280a448c4e713279c64fd54270fded |
| SHA256 | dd0dddacbbd6bb4ad1aa2bd4bc7978ff97512a23d587935ec6db467ffbe13dff |
| SHA512 | 6f4227ef303e349fb8b4939c86f4b6a58e3c796217d5ef7157631a04726df97e791f566bc9390087200310f57b9f34aceb543f427f9d804909867f1aa7c59383 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a
| MD5 | bbac7bb99faedea9a0cb17dfcad195af |
| SHA1 | 409312e9c3a5eaa03f2c8227a3693e8a6dc850ff |
| SHA256 | b286f84ee8d1ad423d6c6d681d44ec338a542abff016773fd133db9eecbcb3a3 |
| SHA512 | 727cc47adb0225730fa4dc9b2a791fc9b88660082bc9ab4e2bb65633a666772a75bac12cede3feab5609fcbb3c4807fad4a3b499d5633ab273e625b3650e2e5e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b
| MD5 | e337014ceba65092b027bdeddc48b00b |
| SHA1 | 98ad97b8adbb411d6d4623fab506924aa6772304 |
| SHA256 | c8376c9fa189541da0b65cbac556fea079eba00755803b97808f79b6d2b07c95 |
| SHA512 | 24dc7ea8954498d7eb926f6ff07d245d82dff98ecbf77093b717351328434306d37c0a95aac208f711c8f3bb901ffa05daa974aa719518eeb14bb844df5e3d6d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ce541552a729bac4f8d907854324d489 |
| SHA1 | 8e7bd3bde888fa5837ac1961fadd2c6f604e4779 |
| SHA256 | 66f397e2c5a75c3bf08054288044c1dbb55f508168e4e4681ab016df917ad1d5 |
| SHA512 | 0f9a5bb0472dc0616b95c97952d6d9452c73beaad9c416653d9112461ba58105a422781d86afbac8fb2f07ad42da72d359c59775f229667f18a263429bb468ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 178a3e5a10de1dbfae940f311a0ed939 |
| SHA1 | a23d3c4b035586efdf5e51663831fed6345be4b4 |
| SHA256 | 5bc2f9559d6a5ef25591546327453ee9b0212157206503476073e4bc7761b0ed |
| SHA512 | e63ce997c58dac94eb4653066e71adcba494c52f13f841f87f96d273d1a787fbdee7b873d03c2fa59cfba6f3a4721fae8d31f96f0e8ad28c84e0e0ba761d27db |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d9f46896da8349a6c01f88639fd14dbc |
| SHA1 | d625ed82b0eb3b65eade0ce884dbd19db0377e97 |
| SHA256 | c1430bf5b484baeb51b38268ed9ff6b4b0e9658377f50614dd9671fdd72c5821 |
| SHA512 | 2837bc73364a31b7b88bd6b12c688de173630ef4ebb4c2b70809e438093a501249724533c1fe358c081cf86627cb2b9302dd1b22dc430ab2ba3be346db5df361 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b6921249799cc5e6014467af108ab203 |
| SHA1 | 55e993f8e6fc6a4730f50ff1f42faa3a66bb4c1f |
| SHA256 | ccca89d67dea425b076818ba194a2f1fb1e9222a820a13806df483230713a23d |
| SHA512 | 80838bc454e5ed8dce53db1c684c21b8aa9e78bffb4dc8add317bf82a979f86de98c902b0d3f04f2057935f7c89b969e9c8415bca1926d9c49b05936d523b695 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d538f1cf13fbe946c6d51ecc9f91ddb7 |
| SHA1 | 72470137fa6f275acccb30c2d5f728e48799960c |
| SHA256 | e32f66bda957765b03d4aa74c8b0ca7ba60fcc0210a05114c8d4594540a40cd3 |
| SHA512 | fc4e6cb6660b7a99413c8aa5eb7cf399f9966ac3957ec5d3ccd469f12551ff9326458880422854fec7f2863944c50bddd37242d24d3273f41cf536f6019d4df6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 4903fad87b54f51afee14929a9dc55fa |
| SHA1 | 0ccf526058ba2fa43fbb574b81e8b7cc91ea2f27 |
| SHA256 | 1f21a164e398f29fd5db4dee31a97b5ef804a3c0a9efadf601db6f0ec4b58edc |
| SHA512 | 6977772e6784af8778ab29988754763479e23423868313f483be846cad32d4db1c07263ff259a124b6566d5a2f57ce2668d234d7c84130c84cf612c787bf8baa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2dfa563ee1702031270a5e21b224b414 |
| SHA1 | 4a5ba5eb8fc3e5f352556855b4eb293a6773d381 |
| SHA256 | 4f3f28c033c7e68323f947e860fd2eb12f6d53a01143576af785191d8aeb874f |
| SHA512 | 3a557b3407de878988ddf9868c4d98539d47da0e2d4285f59b72bf3f608d92443534893502604370e4c574ff5aa9aad87700f21ae0622dab5ed4c6c0ce49cf48 |