Analysis

  • max time kernel
    19s
  • max time network
    159s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-02-2024 14:58

General

  • Target

    afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe

  • Size

    896KB

  • MD5

    5bb2d0c9ee6a86afb4169f89f6b9216a

  • SHA1

    f2a455a5f76807faf077b61a3ed61ea6a5d11a59

  • SHA256

    afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c

  • SHA512

    59b693615980a38acc5726a03a7bf5688b0f3440eb714c87e97e86bfba18d8f3362d36bcbd9eac3158e15d1f9f67ff745f3d00343c39dde7f3e0143376bed7ed

  • SSDEEP

    12288:pqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDga7Tx:pqDEvCTbMWu7rQYlBQcBiT6rprG8a/x

Score
7/10

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of FindShellTrayWindow 15 IoCs
  • Suspicious use of SendNotifyMessage 15 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe
    "C:\Users\Admin\AppData\Local\Temp\afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe"
    1⤵
    • Checks computer location settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4080
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:4040
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9a75c46f8,0x7ff9a75c4708,0x7ff9a75c4718
        3⤵
          PID:4872
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2256,10955279448191143421,9314510969501174619,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
          3⤵
            PID:5512
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login
          2⤵
          • Suspicious use of WriteProcessMemory
          PID:4148
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff9a75c46f8,0x7ff9a75c4708,0x7ff9a75c4718
            3⤵
              PID:512
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,2436463008587790356,13439423435326725191,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
              3⤵
                PID:2476
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,2436463008587790356,13439423435326725191,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
                3⤵
                  PID:3696
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
                2⤵
                • Suspicious use of WriteProcessMemory
                PID:3068
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9a75c46f8,0x7ff9a75c4708,0x7ff9a75c4718
                  3⤵
                    PID:208
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:3
                    3⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:1976
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2156 /prefetch:2
                    3⤵
                      PID:916
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2868 /prefetch:8
                      3⤵
                        PID:3716
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
                        3⤵
                          PID:2036
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1
                          3⤵
                            PID:228
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4132 /prefetch:1
                            3⤵
                              PID:6040
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3988 /prefetch:1
                              3⤵
                                PID:5788
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4356 /prefetch:1
                                3⤵
                                  PID:5872
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4532 /prefetch:1
                                  3⤵
                                    PID:6212
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4732 /prefetch:1
                                    3⤵
                                      PID:6300
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1
                                      3⤵
                                        PID:6480
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:1
                                        3⤵
                                          PID:6496
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6312 /prefetch:1
                                          3⤵
                                            PID:7240
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6264 /prefetch:1
                                            3⤵
                                              PID:5368
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4008 /prefetch:1
                                              3⤵
                                                PID:2672
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6076 /prefetch:1
                                                3⤵
                                                  PID:1612
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7104 /prefetch:8
                                                  3⤵
                                                    PID:5848
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7476 /prefetch:8
                                                    3⤵
                                                      PID:4312
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5288 /prefetch:8
                                                      3⤵
                                                        PID:3544
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5288 /prefetch:8
                                                        3⤵
                                                          PID:7224
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5944 /prefetch:2
                                                          3⤵
                                                            PID:4252
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com
                                                          2⤵
                                                          • Suspicious use of WriteProcessMemory
                                                          PID:2420
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9a75c46f8,0x7ff9a75c4708,0x7ff9a75c4718
                                                            3⤵
                                                              PID:4712
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,4979463977477782421,16750175067482570718,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 /prefetch:3
                                                              3⤵
                                                                PID:5836
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/login
                                                              2⤵
                                                              • Suspicious use of WriteProcessMemory
                                                              PID:1968
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff9a75c46f8,0x7ff9a75c4708,0x7ff9a75c4718
                                                                3⤵
                                                                  PID:4196
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,14143256269344200472,13120577941437117128,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 /prefetch:3
                                                                  3⤵
                                                                    PID:5580
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com
                                                                  2⤵
                                                                  • Suspicious use of WriteProcessMemory
                                                                  PID:3956
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff9a75c46f8,0x7ff9a75c4708,0x7ff9a75c4718
                                                                    3⤵
                                                                      PID:1816
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,11490084373704009750,17151436194870376980,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 /prefetch:3
                                                                      3⤵
                                                                        PID:6164
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com
                                                                      2⤵
                                                                      • Suspicious use of WriteProcessMemory
                                                                      PID:4792
                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9a71b9758,0x7ff9a71b9768,0x7ff9a71b9778
                                                                        3⤵
                                                                          PID:3380
                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2264 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:8
                                                                          3⤵
                                                                            PID:4568
                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3156 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:1
                                                                            3⤵
                                                                              PID:7596
                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4872 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:1
                                                                              3⤵
                                                                                PID:4388
                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3988 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:1
                                                                                3⤵
                                                                                  PID:8180
                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3840 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:1
                                                                                  3⤵
                                                                                    PID:8164
                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3124 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:1
                                                                                    3⤵
                                                                                      PID:7576
                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5284 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:8
                                                                                      3⤵
                                                                                        PID:8140
                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5296 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:8
                                                                                        3⤵
                                                                                          PID:8160
                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:8
                                                                                          3⤵
                                                                                            PID:5516
                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1728 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:2
                                                                                            3⤵
                                                                                              PID:5904
                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6016 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:8
                                                                                              3⤵
                                                                                                PID:2440
                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3788 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:8
                                                                                                3⤵
                                                                                                  PID:3628
                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5520 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:8
                                                                                                  3⤵
                                                                                                    PID:3828
                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5752 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:2
                                                                                                    3⤵
                                                                                                      PID:7752
                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/login
                                                                                                    2⤵
                                                                                                    • Suspicious use of WriteProcessMemory
                                                                                                    PID:1592
                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff9a71b9758,0x7ff9a71b9768,0x7ff9a71b9778
                                                                                                      3⤵
                                                                                                        PID:1860
                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1940 --field-trial-handle=1860,i,654115429641251039,11968038513871290164,131072 /prefetch:8
                                                                                                        3⤵
                                                                                                          PID:3504
                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1668 --field-trial-handle=1860,i,654115429641251039,11968038513871290164,131072 /prefetch:2
                                                                                                          3⤵
                                                                                                            PID:7112
                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com
                                                                                                          2⤵
                                                                                                            PID:872
                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9a71b9758,0x7ff9a71b9768,0x7ff9a71b9778
                                                                                                              3⤵
                                                                                                                PID:1732
                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1928 --field-trial-handle=2000,i,2378003689172351826,13642443351284793026,131072 /prefetch:8
                                                                                                                3⤵
                                                                                                                  PID:8024
                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1820 --field-trial-handle=2000,i,2378003689172351826,13642443351284793026,131072 /prefetch:2
                                                                                                                  3⤵
                                                                                                                    PID:8016
                                                                                                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                  "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
                                                                                                                  2⤵
                                                                                                                    PID:4212
                                                                                                                    • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                      "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
                                                                                                                      3⤵
                                                                                                                        PID:3340
                                                                                                                        • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3340.0.593704617\65470616" -parentBuildID 20221007134813 -prefsHandle 1712 -prefMapHandle 1704 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {84878546-6715-4e04-8434-619e7869497c} 3340 "\\.\pipe\gecko-crash-server-pipe.3340" 1804 1ead42d8c58 gpu
                                                                                                                          4⤵
                                                                                                                            PID:5916
                                                                                                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3340.1.1469971027\1330999687" -parentBuildID 20221007134813 -prefsHandle 2284 -prefMapHandle 2280 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5c6e37c6-a36e-40e6-bb62-ddc54abc7231} 3340 "\\.\pipe\gecko-crash-server-pipe.3340" 2320 1ead3de6558 socket
                                                                                                                            4⤵
                                                                                                                              PID:6444
                                                                                                                            • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3340.2.1919038876\781525886" -childID 1 -isForBrowser -prefsHandle 3056 -prefMapHandle 3052 -prefsLen 21668 -prefMapSize 233444 -jsInitHandle 888 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6988ae5e-9b8e-423a-989c-79ff63508ad6} 3340 "\\.\pipe\gecko-crash-server-pipe.3340" 2960 1ead8e4e258 tab
                                                                                                                              4⤵
                                                                                                                                PID:6268
                                                                                                                              • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3340.3.601113508\2007394026" -childID 2 -isForBrowser -prefsHandle 2964 -prefMapHandle 3224 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 888 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {51a7ec33-856a-4720-9aa3-2b3af9c1cf61} 3340 "\\.\pipe\gecko-crash-server-pipe.3340" 3364 1ead9190358 tab
                                                                                                                                4⤵
                                                                                                                                  PID:6844
                                                                                                                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3340.4.1517700557\207250587" -childID 3 -isForBrowser -prefsHandle 2984 -prefMapHandle 3364 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 888 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {04704ecf-e071-41f5-92dc-a4f5c8e57986} 3340 "\\.\pipe\gecko-crash-server-pipe.3340" 3372 1ead9461558 tab
                                                                                                                                  4⤵
                                                                                                                                    PID:7008
                                                                                                                                  • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3340.5.287771171\1401798519" -childID 4 -isForBrowser -prefsHandle 4284 -prefMapHandle 4276 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 888 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ad9b73d1-84b4-46fd-821c-554771668782} 3340 "\\.\pipe\gecko-crash-server-pipe.3340" 4296 1ead6186558 tab
                                                                                                                                    4⤵
                                                                                                                                      PID:6236
                                                                                                                                    • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3340.7.1046650635\706142378" -childID 6 -isForBrowser -prefsHandle 6060 -prefMapHandle 6064 -prefsLen 29440 -prefMapSize 233444 -jsInitHandle 888 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d9b25250-01ac-4265-bcfd-ac8456aef9d2} 3340 "\\.\pipe\gecko-crash-server-pipe.3340" 5920 1eae2a10558 tab
                                                                                                                                      4⤵
                                                                                                                                        PID:5596
                                                                                                                                      • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3340.6.975366728\1164877497" -childID 5 -isForBrowser -prefsHandle 6008 -prefMapHandle 5812 -prefsLen 29440 -prefMapSize 233444 -jsInitHandle 888 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1e98c094-8846-4076-8d6a-e8a944a2fb56} 3340 "\\.\pipe\gecko-crash-server-pipe.3340" 6016 1eae2a0ea58 tab
                                                                                                                                        4⤵
                                                                                                                                          PID:5564
                                                                                                                                        • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3340.8.1036338012\1147439604" -childID 7 -isForBrowser -prefsHandle 5808 -prefMapHandle 5260 -prefsLen 29440 -prefMapSize 233444 -jsInitHandle 888 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {aa24b959-1d20-4354-82df-8c6b926fa925} 3340 "\\.\pipe\gecko-crash-server-pipe.3340" 5780 1eae2b68258 tab
                                                                                                                                          4⤵
                                                                                                                                            PID:8172
                                                                                                                                      • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                        "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login
                                                                                                                                        2⤵
                                                                                                                                          PID:2912
                                                                                                                                        • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                          "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
                                                                                                                                          2⤵
                                                                                                                                            PID:4312
                                                                                                                                            • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                              "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
                                                                                                                                              3⤵
                                                                                                                                                PID:2900
                                                                                                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                            1⤵
                                                                                                                                              PID:4492
                                                                                                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                              1⤵
                                                                                                                                                PID:5828
                                                                                                                                              • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                                                                                                                                "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                                                                                                                                1⤵
                                                                                                                                                  PID:5980
                                                                                                                                                • C:\Windows\system32\AUDIODG.EXE
                                                                                                                                                  C:\Windows\system32\AUDIODG.EXE 0x40c 0x514
                                                                                                                                                  1⤵
                                                                                                                                                    PID:4912
                                                                                                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                    1⤵
                                                                                                                                                      PID:5872

                                                                                                                                                    Network

                                                                                                                                                    MITRE ATT&CK Enterprise v15

                                                                                                                                                    Replay Monitor

                                                                                                                                                    Loading Replay Monitor...

                                                                                                                                                    Downloads

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

                                                                                                                                                      Filesize

                                                                                                                                                      40B

                                                                                                                                                      MD5

                                                                                                                                                      8ae25b226e0662d256cdb32f2777f840

                                                                                                                                                      SHA1

                                                                                                                                                      39594f82a6dd98b6e4a341648cd56e9efc6aa16e

                                                                                                                                                      SHA256

                                                                                                                                                      935b4cba7114f9adb0c7ae6acbc8903ec672ae318ac63c5d5e5edf857b4db207

                                                                                                                                                      SHA512

                                                                                                                                                      e529649b71c7a7fccaabc2833af3cbfc9bb15b66cc5735fc95a2bd741c502bd11af05853946d045a49d823e3f6899523d050fe7d33c485af5abccc8e2ca02e8f

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

                                                                                                                                                      Filesize

                                                                                                                                                      16KB

                                                                                                                                                      MD5

                                                                                                                                                      d8e56edd91e6a8e254c9df3c3619f493

                                                                                                                                                      SHA1

                                                                                                                                                      e5bb299b458c95e5575da0a42ff7b49969b880b4

                                                                                                                                                      SHA256

                                                                                                                                                      8b598d7196aef8cb9eacf393e5b2520f5387f125552e1fefb6f373be30f64e97

                                                                                                                                                      SHA512

                                                                                                                                                      46d3bb6eeba235ed9e2621cf6bf89c10c78fbbee1bec31d59347532d9d242de4bb533911d0981d3c1af85a1d51226ca694ccbcef178adda1fb71e9634820027b

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                                                      Filesize

                                                                                                                                                      576B

                                                                                                                                                      MD5

                                                                                                                                                      e840c8408774ddc5a09bec063d60662f

                                                                                                                                                      SHA1

                                                                                                                                                      cdc896b5be008cacd4d585f54ebcbb2abfa1de89

                                                                                                                                                      SHA256

                                                                                                                                                      9213c79c33a663dd94cbabaa7e5a05b59c724a037584380fa20103ff64a26844

                                                                                                                                                      SHA512

                                                                                                                                                      8326eb1a6f7abf44f228caded0be53c67a06dee0f3ebd6262bceef873e51b3ed9c5cf0c374050b7f07d4d1c073fc7df2030eb718d30fdf28a220cac1da1f9152

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                                                      Filesize

                                                                                                                                                      720B

                                                                                                                                                      MD5

                                                                                                                                                      0500520df399d05919e74e0e69ae78f7

                                                                                                                                                      SHA1

                                                                                                                                                      683d7a977818e2fc5e5cdf8678fe04989d9bf359

                                                                                                                                                      SHA256

                                                                                                                                                      593b151e37002e5d8620e5fee2692b5589b63019a0c21c608fb8b3b8cc50a74e

                                                                                                                                                      SHA512

                                                                                                                                                      7bcb576a19e938e6c6c4c5d4276072f70d72c8cec55c18b827a715a907b8a0801fb65b22b58fdad2039b28057c26952ccbc936acb26ce47a33f7fc8c1b677995

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                                                                                      Filesize

                                                                                                                                                      3KB

                                                                                                                                                      MD5

                                                                                                                                                      60e0abd7ec41f17b97746d1c331d5f47

                                                                                                                                                      SHA1

                                                                                                                                                      7a0ba67cee15e1189409449ba0e4d8d6f01f72b9

                                                                                                                                                      SHA256

                                                                                                                                                      4961eea3b81d4a47095b2a1ae17d5974f945528f85ee316f7208748c65f66f3f

                                                                                                                                                      SHA512

                                                                                                                                                      65acd09643c8fb39395915b1e1e0dcd11690ae3c20161d7c603281fc6c147a51525d27862cbb36fc95560b907b7b9c70cf640d96a5843bc712b1647a619c9de2

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                      Filesize

                                                                                                                                                      870B

                                                                                                                                                      MD5

                                                                                                                                                      a69c705db7fc42416ddd6e3172e8c9c8

                                                                                                                                                      SHA1

                                                                                                                                                      234ee38b3fdbb5ecc5a2be3b09d123435754fb19

                                                                                                                                                      SHA256

                                                                                                                                                      31299288ba861707cc958eb8049244fdd033711f94cf5133bf086d1c775215f4

                                                                                                                                                      SHA512

                                                                                                                                                      c4fe5155ce526983fc2ed0e16b843f7d316ad308e4f33cf9d030c5e4e5a94deb10d9f45639dcd50b9ccf158b7ad6fe8e8852c19046dcdaa222e6f8e33f5cc77d

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                      Filesize

                                                                                                                                                      872B

                                                                                                                                                      MD5

                                                                                                                                                      edda92db0656fb5aeeb53cfd56a148d5

                                                                                                                                                      SHA1

                                                                                                                                                      436e2c03c8eafe0ad638b657fb8352bed07ff6ed

                                                                                                                                                      SHA256

                                                                                                                                                      f2a45c4600b6eb63fd00aa33d0a0a7c219d62d94bd18d133caf7da34cd8c4443

                                                                                                                                                      SHA512

                                                                                                                                                      ddc5d6e6f77bd5485646b3a0b3f04e83261cf6a2763fcd0ab3a6af32825ba14be674787b9afb809d1aaf68668ea4256fb06e47df732f89ac47192b569b1e96d6

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                      Filesize

                                                                                                                                                      707B

                                                                                                                                                      MD5

                                                                                                                                                      c3bfb6db7f7adff58aae9dff789d8bda

                                                                                                                                                      SHA1

                                                                                                                                                      e847986f28adbfa3a3fae998178da6bb845bbca4

                                                                                                                                                      SHA256

                                                                                                                                                      f0ed4c95923bc5208b825edc6543c8f1c36714edacfc3acfa5e326823aa50fb7

                                                                                                                                                      SHA512

                                                                                                                                                      e62291e4643c333dc992dff10fd229b36fa14cc0d94b1735406c174c5f3ab61b25910844004151faf171ffe39810873bcc43d89792b6bf41007192747eaee044

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                      Filesize

                                                                                                                                                      535B

                                                                                                                                                      MD5

                                                                                                                                                      40f6989ea15d4b043e938f7bb4298434

                                                                                                                                                      SHA1

                                                                                                                                                      6985475af44513fd53464cb05255e318dd95b125

                                                                                                                                                      SHA256

                                                                                                                                                      adaa02c6ca20149bada4d372702df05fe1a7a63124c5dd6b34b6a40e67dc3a6e

                                                                                                                                                      SHA512

                                                                                                                                                      ec5f2abe0afece378c0ec5a5c8125531b511dbadbc60df7e5e1645ebf0593228ea1ec026fe41fad50e5acb703c70d2e497e048ca499fb79d0b1671e15e091c81

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                      Filesize

                                                                                                                                                      367B

                                                                                                                                                      MD5

                                                                                                                                                      c9a22108982b743aa785dd679639e50f

                                                                                                                                                      SHA1

                                                                                                                                                      75a252f98a41fb3ab42c0633c4e7e53ea8cda8d7

                                                                                                                                                      SHA256

                                                                                                                                                      b122eb1ab44ab668f6f05dbae026a18ab273aba377d9ad49cc4a2dced88555e6

                                                                                                                                                      SHA512

                                                                                                                                                      bb865a0e420e62c949c768d142828940d58c0b43638b5161597186aecc3a135a1d3e1fd0a6f1b99affa6c31cee9361755c9bd6d61c83628d7298af9cc0d37d63

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\MANIFEST-000001

                                                                                                                                                      Filesize

                                                                                                                                                      41B

                                                                                                                                                      MD5

                                                                                                                                                      5af87dfd673ba2115e2fcf5cfdb727ab

                                                                                                                                                      SHA1

                                                                                                                                                      d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                                                                                                      SHA256

                                                                                                                                                      f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                                                                                                      SHA512

                                                                                                                                                      de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                      Filesize

                                                                                                                                                      6KB

                                                                                                                                                      MD5

                                                                                                                                                      a53a89fac61e03da589b8a2024fb3df6

                                                                                                                                                      SHA1

                                                                                                                                                      5ba522c9f887c7543626018dc212655067383426

                                                                                                                                                      SHA256

                                                                                                                                                      3a69842085c621ba202ba25ac67a41e7cbaa24c87183cc0810d96191bfb1f900

                                                                                                                                                      SHA512

                                                                                                                                                      a1b1d16cc02368c602f7d25c5ddcedd04133b58dcd4cf6c906900e8105590839f8724006e0f6d799a60c7d96f5eb8f71caf47701252950957559061bcbaaf32e

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                      Filesize

                                                                                                                                                      6KB

                                                                                                                                                      MD5

                                                                                                                                                      cefbab74e3874a9e471453e50a498507

                                                                                                                                                      SHA1

                                                                                                                                                      044e16d6a0d4e773905e2c8541ba662b9cb93962

                                                                                                                                                      SHA256

                                                                                                                                                      7c6bc7dfb06e49683e0120dfbca6d151502037268727ef3da83fcbc0f669575d

                                                                                                                                                      SHA512

                                                                                                                                                      1dfd42355975108b1936822eb1d584af0759c3903fc76b59bf5da1eac95630b021545a163f51dfad1f08c345bcf6d4d59c6f594f462b2f61670e5e86cbef886f

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\aefdd126-3338-4a21-a7f5-17b861586299\index

                                                                                                                                                      Filesize

                                                                                                                                                      24B

                                                                                                                                                      MD5

                                                                                                                                                      54cb446f628b2ea4a5bce5769910512e

                                                                                                                                                      SHA1

                                                                                                                                                      c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

                                                                                                                                                      SHA256

                                                                                                                                                      fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

                                                                                                                                                      SHA512

                                                                                                                                                      8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                                                      Filesize

                                                                                                                                                      176B

                                                                                                                                                      MD5

                                                                                                                                                      045b2a25b02207f32dbb78bbc45101a8

                                                                                                                                                      SHA1

                                                                                                                                                      93ead13bc2d40ca187b83d73649d837da21b02bd

                                                                                                                                                      SHA256

                                                                                                                                                      6a4e64d1bbf6a8fe4544ede22f6f1cfe00c213b7c9d66baba45ab008d4ae47bc

                                                                                                                                                      SHA512

                                                                                                                                                      118fb143d2ff1ac1b77c868849dababaeb84a81e691577f892dcd524c6cb951c9a58948e64cb165366dfc1ff6627b337b06f57fb33c3a7565ec2d709b38ffd57

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                                                      Filesize

                                                                                                                                                      112B

                                                                                                                                                      MD5

                                                                                                                                                      73fe582298740e5e4aad7aebeb6bcd5d

                                                                                                                                                      SHA1

                                                                                                                                                      7fe4221f472538205b8fc12d4b10a03431305b96

                                                                                                                                                      SHA256

                                                                                                                                                      bf5e27ac7ea70e57688771bd8099f4399aa229c7d0d4e4176611351ffcb10430

                                                                                                                                                      SHA512

                                                                                                                                                      8d61170caab1bb51e5369349158ae475e3609142ac03c4466238195a5ca0c32b73e03dd9b484d0c7934e8a5ad0ad36213c9f5d83ae65ec4c1f31c2cd7f3115fb

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe58d992.TMP

                                                                                                                                                      Filesize

                                                                                                                                                      119B

                                                                                                                                                      MD5

                                                                                                                                                      be59e84c6b25733d8dde99ee5099833e

                                                                                                                                                      SHA1

                                                                                                                                                      a711a4bd93579c8226bce2128271c23a57667c61

                                                                                                                                                      SHA256

                                                                                                                                                      2919213c2436c8f182dfc881b7c5c9addc6c1a90f9685774ff5523982b8b97d5

                                                                                                                                                      SHA512

                                                                                                                                                      24784ce78d521c1d0f99012336807379ab3bc0de8b290c53ead7f17ecc67f371105b944e4dd84d6aa4be786e428d38914e003ceab678f66ad6798b572137a8df

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                                                                                                                                      Filesize

                                                                                                                                                      72B

                                                                                                                                                      MD5

                                                                                                                                                      9b4a1429280ea3c350136c9129332ade

                                                                                                                                                      SHA1

                                                                                                                                                      fbafc97a6ea37261e2b6aebd47ad42048254bca0

                                                                                                                                                      SHA256

                                                                                                                                                      f4a01496414317f13720d772ccfcd8e064fd34caf4e31ff7c454f55992a49e50

                                                                                                                                                      SHA512

                                                                                                                                                      5dca7a376ed743f2b66822bb8830089f9b81650515201aadcfdf4d8229058daacf3f221cf4ff71504cc035464e8af9a342205cc21a8f0d393a70778a15315b28

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe59358d.TMP

                                                                                                                                                      Filesize

                                                                                                                                                      48B

                                                                                                                                                      MD5

                                                                                                                                                      ef6e83126aa744efef9d68791caf64f7

                                                                                                                                                      SHA1

                                                                                                                                                      71ed3da0ae2122d8726a83a32e74d0b3f9074880

                                                                                                                                                      SHA256

                                                                                                                                                      7086a1738ea2f3ee0420cf94af2b08c25228dd8f8fee29012ce96fd4710005c1

                                                                                                                                                      SHA512

                                                                                                                                                      46b632719aaf81becd0be8522a0bbdec1a227fd5bcc5d4138d123bd172d794d0395115934c9fd95899fd51dc7d032df40f147f1c27b22eddeae13103a4baf4a8

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4792_1675551543\Shortcuts Menu Icons\Monochrome\0\512.png

                                                                                                                                                      Filesize

                                                                                                                                                      2KB

                                                                                                                                                      MD5

                                                                                                                                                      12a429f9782bcff446dc1089b68d44ee

                                                                                                                                                      SHA1

                                                                                                                                                      e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

                                                                                                                                                      SHA256

                                                                                                                                                      e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

                                                                                                                                                      SHA512

                                                                                                                                                      1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4792_1675551543\Shortcuts Menu Icons\Monochrome\1\512.png

                                                                                                                                                      Filesize

                                                                                                                                                      10KB

                                                                                                                                                      MD5

                                                                                                                                                      7f57c509f12aaae2c269646db7fde6e8

                                                                                                                                                      SHA1

                                                                                                                                                      969d8c0e3d9140f843f36ccf2974b112ad7afc07

                                                                                                                                                      SHA256

                                                                                                                                                      1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

                                                                                                                                                      SHA512

                                                                                                                                                      3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4792_917120016\Icons Monochrome\16.png

                                                                                                                                                      Filesize

                                                                                                                                                      216B

                                                                                                                                                      MD5

                                                                                                                                                      a4fd4f5953721f7f3a5b4bfd58922efe

                                                                                                                                                      SHA1

                                                                                                                                                      f3abed41d764efbd26bacf84c42bd8098a14c5cb

                                                                                                                                                      SHA256

                                                                                                                                                      c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3

                                                                                                                                                      SHA512

                                                                                                                                                      7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                                                      Filesize

                                                                                                                                                      233KB

                                                                                                                                                      MD5

                                                                                                                                                      80cef8bb646a8fc622d0452051292417

                                                                                                                                                      SHA1

                                                                                                                                                      88c75c12b0be9b479b5b3de1af4a7b53e794a048

                                                                                                                                                      SHA256

                                                                                                                                                      2aaf9f1edecfb31d912e4a1c7c43f29f34e7cca8827a4f0b4db9dabe66bff028

                                                                                                                                                      SHA512

                                                                                                                                                      8f2c36bf12c6a072e9f348f18626c04331635dfc7d52ac3531f75d2881480e65675fb927cd44b5119fbbb40e7272d7fd403149c3e0b611ba707c25c20efc23a2

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                                                      Filesize

                                                                                                                                                      114KB

                                                                                                                                                      MD5

                                                                                                                                                      1bef7d8a73139f14cd05608f18fc0bb1

                                                                                                                                                      SHA1

                                                                                                                                                      ad4ab6abd1167ea9bc6b8fa4ea0e83eb162b50c8

                                                                                                                                                      SHA256

                                                                                                                                                      a3cab4792fc31740b8f701a7b2a8d944095a5796618a7335eb1860c7f75fd2bb

                                                                                                                                                      SHA512

                                                                                                                                                      ae2dd12d382455315bd8fb7e4c8c10075e9cc5f21c56e3c7b521a038258c6164f003819e24f64c24092c1ac1a83255097c0cd61351a3fb897b2ecd1c37a46888

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                                                      Filesize

                                                                                                                                                      114KB

                                                                                                                                                      MD5

                                                                                                                                                      b043f7490a1340e2087e1565c7f6b753

                                                                                                                                                      SHA1

                                                                                                                                                      16955b428b9d262e9a24ba66d7359b14bce70b5b

                                                                                                                                                      SHA256

                                                                                                                                                      3139ca798186ca4c382ef32bccdb6e5e9105798d6c81b151a013e6354f3176c0

                                                                                                                                                      SHA512

                                                                                                                                                      8ea772845ab1e8b1190432a42dfeec743f42e7bc5e2cd8db20e6a45245bdebef45b47327f9bae907fc96869f7b4ee258ea435e54497c40681aeb7247ca387e4b

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                                                      Filesize

                                                                                                                                                      114KB

                                                                                                                                                      MD5

                                                                                                                                                      4b29b78c34d9b430c6f221f7da68d99c

                                                                                                                                                      SHA1

                                                                                                                                                      f45c56245fcb4e39385fb7e8a9029aad8ec1fc35

                                                                                                                                                      SHA256

                                                                                                                                                      db0f759471a5a11f6ebe7eff8e4084db4865a6ae73f6f097d1dd488841652f87

                                                                                                                                                      SHA512

                                                                                                                                                      5c5f9d0e4ff90ce022c12d25ace0c6459db747da8d701efdac1d5d390e855490ef6df1ff819ceb591c1f6d4a7e344549ee9ddf32899c091b02c44732d0bb51c1

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                                                                                      Filesize

                                                                                                                                                      85B

                                                                                                                                                      MD5

                                                                                                                                                      8549c255650427d618ef18b14dfd2b56

                                                                                                                                                      SHA1

                                                                                                                                                      8272585186777b344db3960df62b00f570d247f6

                                                                                                                                                      SHA256

                                                                                                                                                      40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13

                                                                                                                                                      SHA512

                                                                                                                                                      e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                                                                                      Filesize

                                                                                                                                                      86B

                                                                                                                                                      MD5

                                                                                                                                                      f732dbed9289177d15e236d0f8f2ddd3

                                                                                                                                                      SHA1

                                                                                                                                                      53f822af51b014bc3d4b575865d9c3ef0e4debde

                                                                                                                                                      SHA256

                                                                                                                                                      2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93

                                                                                                                                                      SHA512

                                                                                                                                                      b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                                                                                      Filesize

                                                                                                                                                      86B

                                                                                                                                                      MD5

                                                                                                                                                      16b7586b9eba5296ea04b791fc3d675e

                                                                                                                                                      SHA1

                                                                                                                                                      8890767dd7eb4d1beab829324ba8b9599051f0b0

                                                                                                                                                      SHA256

                                                                                                                                                      474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680

                                                                                                                                                      SHA512

                                                                                                                                                      58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

                                                                                                                                                      Filesize

                                                                                                                                                      2B

                                                                                                                                                      MD5

                                                                                                                                                      99914b932bd37a50b983c5e7c90ae93b

                                                                                                                                                      SHA1

                                                                                                                                                      bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                                                                                                                      SHA256

                                                                                                                                                      44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                                                                                                                      SHA512

                                                                                                                                                      27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\6c43aa3d-f0cb-4b28-844a-46bc17f68281.tmp

                                                                                                                                                      Filesize

                                                                                                                                                      2KB

                                                                                                                                                      MD5

                                                                                                                                                      7640a6d9adabc29df94ba6636b590c3e

                                                                                                                                                      SHA1

                                                                                                                                                      ac335e108fd19b499e6411dd47ef2fa67bf802a3

                                                                                                                                                      SHA256

                                                                                                                                                      dddfa780752455c9d05da07b3d4325b1eb0c08f1988deaa0cc53a76f6f4c7b55

                                                                                                                                                      SHA512

                                                                                                                                                      56de9fbabbf8791e3e83b948821f1aae33d86ab0214a00f37d760f844165224cfab653876ac12417dcb7b8492cea5575ee655c5f3bec9b506c16e8d742777281

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                      Filesize

                                                                                                                                                      152B

                                                                                                                                                      MD5

                                                                                                                                                      b810b01c5f47e2b44bbdd46d6b9571de

                                                                                                                                                      SHA1

                                                                                                                                                      8e3d866cf56193ca92a9b74d1c0e4520b5a74fdc

                                                                                                                                                      SHA256

                                                                                                                                                      d1100cf9e4db12cc60cce6e0e2e3d9697e762c219f6068eb55a1390777bf4b45

                                                                                                                                                      SHA512

                                                                                                                                                      6bbf900b2f7614dd17aa6d5febe3ad1100851e2309ba2cd5219c5aa5af7bf830eec2cc88071d37987aa7e3f527b8df5b2d85e8b21b18fcb071baaab1a2eadae2

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                      Filesize

                                                                                                                                                      152B

                                                                                                                                                      MD5

                                                                                                                                                      efc9c7501d0a6db520763baad1e05ce8

                                                                                                                                                      SHA1

                                                                                                                                                      60b5e190124b54ff7234bb2e36071d9c8db8545f

                                                                                                                                                      SHA256

                                                                                                                                                      7af7b56e2f0a84ae008785726f3404eb9001baa4b5531d0d618c6bdcb05a3a7a

                                                                                                                                                      SHA512

                                                                                                                                                      bda611ddba56513a30295ea5ca8bc59e552154f860d13fed97201cdb81814dd6d1bca7deca6f8f58c9ae585d91e450f4383a365f80560f4b8e59a4c8b53c327d

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

                                                                                                                                                      Filesize

                                                                                                                                                      22KB

                                                                                                                                                      MD5

                                                                                                                                                      7a204d478c8dfe822bf86f9103bbd9b3

                                                                                                                                                      SHA1

                                                                                                                                                      7114b36ea1588d9372d730b2ee5dec7a3aee36d1

                                                                                                                                                      SHA256

                                                                                                                                                      d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb

                                                                                                                                                      SHA512

                                                                                                                                                      f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

                                                                                                                                                      Filesize

                                                                                                                                                      202KB

                                                                                                                                                      MD5

                                                                                                                                                      13b557fac5b38edafe500b6f38d8d381

                                                                                                                                                      SHA1

                                                                                                                                                      24e2fa42c9d2727a15667bd87b2121ea1a7e14d5

                                                                                                                                                      SHA256

                                                                                                                                                      08ac1a7327a1db87776aace18bef3ff1c3053fec213e0142b8bbf5fe7e8b1634

                                                                                                                                                      SHA512

                                                                                                                                                      e8c998e68030d70f3a54ebc24072cf9a14db9a8357f61820164be6c65a4d4aacadf81424dad586082844e5b29ecda792f4c51a552ebf7741c6f62f8ad615b87d

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                                                      Filesize

                                                                                                                                                      1KB

                                                                                                                                                      MD5

                                                                                                                                                      da9decec7e11629177f5f6f94654963c

                                                                                                                                                      SHA1

                                                                                                                                                      f1ddfa57638a4f3c39c6442b3e572298f425d58e

                                                                                                                                                      SHA256

                                                                                                                                                      dfd099100804458a9727efedc1f6c90a43b9d2624fb05379ea81f7067ea09e5e

                                                                                                                                                      SHA512

                                                                                                                                                      dce3bd6218bcf06b4507ee0e3821f17793529dfcf7f4843183b18532b29bfa25ed57b8a3dfd3979e242916d17836954cdeea4392fd483869e7afdfbb8fd658ad

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                                                                      Filesize

                                                                                                                                                      111B

                                                                                                                                                      MD5

                                                                                                                                                      285252a2f6327d41eab203dc2f402c67

                                                                                                                                                      SHA1

                                                                                                                                                      acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                                                                                                                                      SHA256

                                                                                                                                                      5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                                                                                                                                      SHA512

                                                                                                                                                      11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                                                                      Filesize

                                                                                                                                                      2KB

                                                                                                                                                      MD5

                                                                                                                                                      309a7cf2e0f8141fc306c7c143e42dd0

                                                                                                                                                      SHA1

                                                                                                                                                      4bb296f69f9afbe30435fb6efbc0334ef04273aa

                                                                                                                                                      SHA256

                                                                                                                                                      31c16bc1a09ccc4617e15cfdfe716f4caca24189300e982100fe70f9ec59bfc3

                                                                                                                                                      SHA512

                                                                                                                                                      259d88662124a71290747cfc3618a942305fe731126a15c267c6072cd51398e1a5792c3f0452eb364c32c2350aa202fa5b3eced874f262dddff8287ce4aa85c2

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                                                                      Filesize

                                                                                                                                                      2KB

                                                                                                                                                      MD5

                                                                                                                                                      bdbe92b3688df01a0060304fabab0323

                                                                                                                                                      SHA1

                                                                                                                                                      c5bd1d17682db5d6cd0b385219ae9e943e0c96c6

                                                                                                                                                      SHA256

                                                                                                                                                      9e11afefe062d1acd4de2b70db85b7a730fa81d83a45aa64250d6022124371db

                                                                                                                                                      SHA512

                                                                                                                                                      7093924a75d6f11258c3b80973fc8c4f3246bb99cc3b298921c4825d922ec18c02f8dec23060c3fb24655d90032ef4262aa614ff38919adff520c59005e58639

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                      Filesize

                                                                                                                                                      5KB

                                                                                                                                                      MD5

                                                                                                                                                      d530b7632416f6321de7d0aedda7a308

                                                                                                                                                      SHA1

                                                                                                                                                      56aab9ff9eedbf0e1cb92ad78dcaf37265301791

                                                                                                                                                      SHA256

                                                                                                                                                      f89942e35f27967b17c86f3dad2c8de8f13645a5ee76d391fdfd1a17b310bcfa

                                                                                                                                                      SHA512

                                                                                                                                                      7c3470544c38734b343182c6edddd0203108fb6c50f8d613ebc5a6304a0b4ac450b18c7bb2bc798c89046292abd9a7f5a9b1d54880ad2a05f73e831f6695b494

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                      Filesize

                                                                                                                                                      7KB

                                                                                                                                                      MD5

                                                                                                                                                      9f6d0fb66a0d9f8465f781c7fcf2f6f9

                                                                                                                                                      SHA1

                                                                                                                                                      edf9cce3b515d438aebee25017eee5f135b2ec15

                                                                                                                                                      SHA256

                                                                                                                                                      681cb055cffec36292e5a78f68726baf43046a41c74b9d0452718b2be5b573b9

                                                                                                                                                      SHA512

                                                                                                                                                      893867226d38a8106d25c049e9b1d4107ceae1a825b27f9dd2d711c7e2cb79b75cf923e632fe9ea623ee66e2bf08df708e5f31378881dee144aaf37a48c7fcdb

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                      Filesize

                                                                                                                                                      7KB

                                                                                                                                                      MD5

                                                                                                                                                      0525e580026ae983bdb591b81b1991c0

                                                                                                                                                      SHA1

                                                                                                                                                      15a0ec117fbbf8a16d77025bdeb2de7619bfbd71

                                                                                                                                                      SHA256

                                                                                                                                                      af8b029a224c930a8d1aee02eaec635cd574d30e909c83ddff93d11b6ebf0444

                                                                                                                                                      SHA512

                                                                                                                                                      9c006d782c0a58c641dd12bc2c6232db3cd50ec1472879f20009a112221f41dfb03fa02c91713656d5b094982487e94c5a4e0f816be810e916c78d04b74cc16f

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                      Filesize

                                                                                                                                                      7KB

                                                                                                                                                      MD5

                                                                                                                                                      c381ca11deb65c6f7870fa801fc78528

                                                                                                                                                      SHA1

                                                                                                                                                      050b9d5643cfc6a0b7f04f5c51705c65e7485467

                                                                                                                                                      SHA256

                                                                                                                                                      6322dae5d2b8be7e544802b685bfcaa979b2c1f77a9623f6967afa71c7455f26

                                                                                                                                                      SHA512

                                                                                                                                                      fc4b3b4e354e181de829d7f71b62faf82e8c3309c2b62eaed656e73c795964f55d1c6b297d4cf1a38efd0ad4adfd07596b4b7b36b7be34964f649b1a205615fe

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

                                                                                                                                                      Filesize

                                                                                                                                                      24KB

                                                                                                                                                      MD5

                                                                                                                                                      121510c1483c9de9fdb590c20526ec0a

                                                                                                                                                      SHA1

                                                                                                                                                      96443a812fe4d3c522cfdbc9c95155e11939f4e2

                                                                                                                                                      SHA256

                                                                                                                                                      cf5d26bc399d0200a32080741e12f77d784a3117e6d58e07106e913f257aa46c

                                                                                                                                                      SHA512

                                                                                                                                                      b367741da9ab4e9a621ad663762bd9c459676e0fb1412e60f7068834cbd5c83b050608e33d5320e1b191be1d809fef48831e0f42b3ecabd38b24ec222576fa81

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\914e5c55-9347-4f61-b107-a95405d74707\index-dir\the-real-index

                                                                                                                                                      Filesize

                                                                                                                                                      2KB

                                                                                                                                                      MD5

                                                                                                                                                      07c360d1d9505ef338ce0aa7f127b541

                                                                                                                                                      SHA1

                                                                                                                                                      6812191558151fec8d4e09e72200a2f0f73e84a8

                                                                                                                                                      SHA256

                                                                                                                                                      eba487cac357725fd51575f7cf394d5c6a7d4dfa3b6326db9c7fde9bd585844d

                                                                                                                                                      SHA512

                                                                                                                                                      f56f88009f11fbf7f8185e8abbb96f4e8340458795c6eb7d33cbae957a7b4111f5159a8ab8413e1fd952177de67eed8aa8e5e98622a767aba189b4bdfda50a56

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\914e5c55-9347-4f61-b107-a95405d74707\index-dir\the-real-index~RFe595e33.TMP

                                                                                                                                                      Filesize

                                                                                                                                                      48B

                                                                                                                                                      MD5

                                                                                                                                                      288aa182d2723599b2b58a561a6014b4

                                                                                                                                                      SHA1

                                                                                                                                                      cab49e17693f74bdd5c01976f2207021d5fa7c92

                                                                                                                                                      SHA256

                                                                                                                                                      0f9a3d0f8de12c330b5bc3792df223a1d0fb3487966238fb012ab71dc103099b

                                                                                                                                                      SHA512

                                                                                                                                                      e06c6216cef880817adda700f65af27a18c32ae20eb3165c194aff9cff2002dd8b4b69b6fdade1e0a195ecdcca3f7624f93e10a277c487116e3fc96bbe58af24

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                                                      Filesize

                                                                                                                                                      82B

                                                                                                                                                      MD5

                                                                                                                                                      6d6d166aca959c03deda28497c22c4ac

                                                                                                                                                      SHA1

                                                                                                                                                      b265ca47a607ba0ae3b8b9a615818ec79060f716

                                                                                                                                                      SHA256

                                                                                                                                                      8e5c987206695bb5540e1a95fc348dc4174f56d1411e57e709edfc6e728355ac

                                                                                                                                                      SHA512

                                                                                                                                                      d63c94b14c2cdb6ad380385febc41b551267ee9b97341f1d71777a154f9aa3cb8980d6d916edbb8af232a450492ead86223bceea0de053c676b037db046ac328

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                                                      Filesize

                                                                                                                                                      84B

                                                                                                                                                      MD5

                                                                                                                                                      46b641f88899bd765c41f864adb97614

                                                                                                                                                      SHA1

                                                                                                                                                      b36a4f460d0ad86ce532429af39cf138b2bcc511

                                                                                                                                                      SHA256

                                                                                                                                                      75a51a86699c7cc0c6781a3aa02211b15d5175376a0f4e2b4f4d27703face084

                                                                                                                                                      SHA512

                                                                                                                                                      53fda65f3de8e2da640e55ff93d9586a4de84db847ddc72ef78b44c584358d6a58be8f6bca4e1af4ce06e1e17ee979b3dc28930f655a26bfa44ea3fe90ab6e29

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                                                      Filesize

                                                                                                                                                      89B

                                                                                                                                                      MD5

                                                                                                                                                      d98c7a9bc7af2d779154da8a3594cb2c

                                                                                                                                                      SHA1

                                                                                                                                                      ecf5012cbfce8fdaea329d4a720110f1a2c215a0

                                                                                                                                                      SHA256

                                                                                                                                                      8869c1abec15b23ecaae74b5cf5ae049fdef901fde9fabc4d3a15e8f973903b5

                                                                                                                                                      SHA512

                                                                                                                                                      949304a62b2069460793744e736a2c20d3720b50cecd943a1c65f35a106a40fd83628ba361f4dfdd46857df704dd72ed89961f35cb7d8c81a38d933e5863d1de

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt.tmp

                                                                                                                                                      Filesize

                                                                                                                                                      146B

                                                                                                                                                      MD5

                                                                                                                                                      1b35994c50cf2ffa121bff110a6e2d09

                                                                                                                                                      SHA1

                                                                                                                                                      ef032bdb7cc59334ea757a0e502ce0c22b51cf4a

                                                                                                                                                      SHA256

                                                                                                                                                      1d7c1c24bfb5178f1dded13dc5eceaa5acad452bc1cd8520a5ebb963d543adef

                                                                                                                                                      SHA512

                                                                                                                                                      4312b34d79a6fa27f94f15d2b615db007fad6357acd856a1ec20fcc7627ed3985b5129698449200ba2e001855f7fe0ef38efba64fda14f1d28a0ae9a44f00b65

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

                                                                                                                                                      Filesize

                                                                                                                                                      16B

                                                                                                                                                      MD5

                                                                                                                                                      46295cac801e5d4857d09837238a6394

                                                                                                                                                      SHA1

                                                                                                                                                      44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                                                                                      SHA256

                                                                                                                                                      0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                                                                                      SHA512

                                                                                                                                                      8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                                                                                                                                      Filesize

                                                                                                                                                      72B

                                                                                                                                                      MD5

                                                                                                                                                      f5c8d76a0f75a902dcae90db26790189

                                                                                                                                                      SHA1

                                                                                                                                                      5f869eafeeecb6e535d5016c27ad6e37b488a2e0

                                                                                                                                                      SHA256

                                                                                                                                                      52758f408f24a0c33f3696a5ad7ead8729a6643fc51e62facc0248981871ca2a

                                                                                                                                                      SHA512

                                                                                                                                                      9539a11b078d3f828acbb0981bec68288d9723ee3661967325ef92877e1edffb592362eee2aca8d10fd2e7a28752ea6e436e2d89321bad383415c8dcf32e6f13

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe590d73.TMP

                                                                                                                                                      Filesize

                                                                                                                                                      48B

                                                                                                                                                      MD5

                                                                                                                                                      70be082cd30591dc6ae1ed6fb7f60ec4

                                                                                                                                                      SHA1

                                                                                                                                                      b4b0415ba30ed9fc83657c9287465f9acfa26ae9

                                                                                                                                                      SHA256

                                                                                                                                                      65c978771a3d86f296e409a9eecfca52c6f6cf60223839ee31e78dc32cf90ca7

                                                                                                                                                      SHA512

                                                                                                                                                      db50d8da20a416b6bac066813ecb554a21241d8c3261b7dfe9b3cad3d28d9fe7bfe0df24c2dc0c691268e2cdfdc4eaabb20ac55b8a8e3e9dc1098dd4947aa23e

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                                                      Filesize

                                                                                                                                                      1KB

                                                                                                                                                      MD5

                                                                                                                                                      87535e7b944e048adc1c959de1cbbfa3

                                                                                                                                                      SHA1

                                                                                                                                                      07f4d25855d05c9fe5a7f2401ff64d639333a538

                                                                                                                                                      SHA256

                                                                                                                                                      f218a9a8266f3a6eff793025b1b6eb5cbb4bdcf3e9dfd7f42643c58f46c0c3cd

                                                                                                                                                      SHA512

                                                                                                                                                      c51b2df1d1e84e2b9bf1ea2ed3495981e04419d0cf4020b43155cdefdce92ad102e50c8322ec8137a155dfa315a683603335a244a7f2322a15b17c10017b84d5

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                                                      Filesize

                                                                                                                                                      1KB

                                                                                                                                                      MD5

                                                                                                                                                      b09f69aca3aa7f99c9615b1e5690085e

                                                                                                                                                      SHA1

                                                                                                                                                      daee0e13b4ad25ecd4cd85a3048fd18dd01ea67a

                                                                                                                                                      SHA256

                                                                                                                                                      cd9c45aef98145d2bca58795e2d7ab38b7ecdf7c284f9efa586989f9e2b9eec7

                                                                                                                                                      SHA512

                                                                                                                                                      ad1cf48ff01f1d493419359dc7a88e42ab7c27525d83922e626cebb23ff743c83de796af25c2381b500483aaa5ed9e90a3d935326bbe436fc8bf98a2ec647758

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                                                      Filesize

                                                                                                                                                      1KB

                                                                                                                                                      MD5

                                                                                                                                                      56fcbc7db08b420e078c076f469d5db9

                                                                                                                                                      SHA1

                                                                                                                                                      3803620ef124042f40ad4ce567e3b6d44a5a497c

                                                                                                                                                      SHA256

                                                                                                                                                      63e76c66d239f35372867f2201def5fd1f12604e63b1037a49bf83983a72f51c

                                                                                                                                                      SHA512

                                                                                                                                                      f4e62f4447c697aaf6dc403ffa7ffc55d362d2d1bb0494f34dc0b96f4cf208f5b1f4a61cfa967e1b5223d4e7bc62eb5f8da3200b307bc7884935be869475a3db

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                                                      Filesize

                                                                                                                                                      1KB

                                                                                                                                                      MD5

                                                                                                                                                      8761eea8df8b4d9094f048a76434be4d

                                                                                                                                                      SHA1

                                                                                                                                                      32a8fec7db84e5945c80f10fffd3e0017581034d

                                                                                                                                                      SHA256

                                                                                                                                                      2e19b3b360eb6d307406e5d990baf5cb807fecdc12c329b30694758a8eb99d00

                                                                                                                                                      SHA512

                                                                                                                                                      cf0c564cd32d72368fd4f7019d82d73be08f22f2b6043715b7663f6faedb78622e1c20e7f63bb1bad8515ec34571efb69d5ea2666a3f97e79053118bc14ce2ba

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                                                      Filesize

                                                                                                                                                      1KB

                                                                                                                                                      MD5

                                                                                                                                                      1f459768db8cd917ef207704a5cf1a86

                                                                                                                                                      SHA1

                                                                                                                                                      7cd2697f843984142ba4a02714a97b22b2a1727e

                                                                                                                                                      SHA256

                                                                                                                                                      37ad20a549f7b41ccfddf2d522cb760e80a3acb42efa8d848ca0d7fb4620474c

                                                                                                                                                      SHA512

                                                                                                                                                      fc3e507371f4e73f289c3697df73900f32a9d994ee4866b4d382b478dae64278f54cb8d0e3d45abd9a13a7edfc8940bcf564fc06571cd297831599134a0da8ea

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                                                      Filesize

                                                                                                                                                      1KB

                                                                                                                                                      MD5

                                                                                                                                                      7abba34e0290739a09ab5e5d90db6e64

                                                                                                                                                      SHA1

                                                                                                                                                      a2985055d13d1c35da283000c63383c673cda50c

                                                                                                                                                      SHA256

                                                                                                                                                      14d584cc48852ebeaf46c0990da46713ea3f3e8da3c102933ac1bf42566368f1

                                                                                                                                                      SHA512

                                                                                                                                                      c9523ae5f2ad248abcc79aa0cae171e016b5b93799ab733f44fd48cae8a7a984dfe432a723246491012ed3836f743d52c3f9825593cc538b8777d07d05d95910

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58ad52.TMP

                                                                                                                                                      Filesize

                                                                                                                                                      1KB

                                                                                                                                                      MD5

                                                                                                                                                      0e7a95dd6274cf5c3b65f275973bb304

                                                                                                                                                      SHA1

                                                                                                                                                      132d68a63931dc815a10a47190803769a08913f4

                                                                                                                                                      SHA256

                                                                                                                                                      437c848cc67746ef4bec28291feaf7ac7d4f69dbea1c64bc90d355d19a5a29a3

                                                                                                                                                      SHA512

                                                                                                                                                      93830d7813595e94d1193606213fb1be0e089aa98a733ac2a9ef94cd6d7f9f9cacd22f7410ea5715ae6ff8adcc01c1afa90776e202685247ef403d63c4382f8a

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                                                                                                                      Filesize

                                                                                                                                                      16B

                                                                                                                                                      MD5

                                                                                                                                                      6752a1d65b201c13b62ea44016eb221f

                                                                                                                                                      SHA1

                                                                                                                                                      58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                                                                                      SHA256

                                                                                                                                                      0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                                                                                      SHA512

                                                                                                                                                      9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                                                      Filesize

                                                                                                                                                      2KB

                                                                                                                                                      MD5

                                                                                                                                                      a36b715a082ab7a2afd7b33b38e8c449

                                                                                                                                                      SHA1

                                                                                                                                                      80cf8dcc232bc2c12bad38691e83a7a4f890cd57

                                                                                                                                                      SHA256

                                                                                                                                                      8cad9d0f584972c011caafa0fbc4d138f228c3e9cb56b9b7d7a9797f5e13361b

                                                                                                                                                      SHA512

                                                                                                                                                      1c14aaca8765818515ab2952439551ca8deef3af8a62841797b31aeea172e29a12063ee2202a1f8ab278d3e2946dea2d7f304e53565c5d2d08791006edba8fa9

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                                                      Filesize

                                                                                                                                                      2KB

                                                                                                                                                      MD5

                                                                                                                                                      a8cd1a01de108be227d727396d57f18e

                                                                                                                                                      SHA1

                                                                                                                                                      28a303a25654da9e24845d1398007c780cbeef33

                                                                                                                                                      SHA256

                                                                                                                                                      da7ca51e4b8bb21b3d6d05f08d022a7c61707eca7789dc26851af690aec4b25a

                                                                                                                                                      SHA512

                                                                                                                                                      5977622d706797d51c3dc8b184493c71eb435fd1fab169f8d434d504ac5d18f4ae27469486cdf8df147d0ff4852d1502897fad35131d915a505be627662e8ae4

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                                                      Filesize

                                                                                                                                                      2KB

                                                                                                                                                      MD5

                                                                                                                                                      5f9a6fc5623571f46d14600870c1d2ea

                                                                                                                                                      SHA1

                                                                                                                                                      1714671ac789ad455854870e33260aad6aa1fcb3

                                                                                                                                                      SHA256

                                                                                                                                                      b2c54cc7f9bcd36921eee65e8035da678aa8b7b73033044f036d320bc47a910f

                                                                                                                                                      SHA512

                                                                                                                                                      ed06391bd66b6c022bbefdf1e4c35a958945627f01ff6aa0b8344a160d4bc6a6f1b5c0bd469000f7b3a9ad8ab394baf0928e2554b12e29c6cf154b052a1b1a58

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                                                      Filesize

                                                                                                                                                      2KB

                                                                                                                                                      MD5

                                                                                                                                                      760e4de54b9898f6f66b3ac2e55b654c

                                                                                                                                                      SHA1

                                                                                                                                                      9b43d51d03a1b7d060426056abc5d393a830f479

                                                                                                                                                      SHA256

                                                                                                                                                      269f4f33d68435df4a2eb2c922b1f896c84042342a20174911ee6c657f4c17cc

                                                                                                                                                      SHA512

                                                                                                                                                      ae22f2309772e043f0fc351934fa198acfb3800c892bddb170f3f234bc2657c8f09206cf3a1174d2d95d904de6e8c0b22d3e73de714edef5130cdaa70552698e

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                                                      Filesize

                                                                                                                                                      10KB

                                                                                                                                                      MD5

                                                                                                                                                      1e5bceceaedb6cef4adde49f8df92517

                                                                                                                                                      SHA1

                                                                                                                                                      14886d5ad74a7219da5de7bc6f3e9f064a251e2c

                                                                                                                                                      SHA256

                                                                                                                                                      75e3e610912c3db9df27c7cb9d3cb6745ef917e9585dc864dabe9d8e08a38f79

                                                                                                                                                      SHA512

                                                                                                                                                      ecb2e8aacb6a27305558e5c10d60e85261d9dadd5923adf960659d4cd799a36e8748e9bcf9d91c7774c61c37ddaf786035848682456bc452c80fa67cde15e4f4

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x3x6afp6.default-release\cache2\entries\27130428AA9673FE224F99BCAF97A6009AE4D837

                                                                                                                                                      Filesize

                                                                                                                                                      29KB

                                                                                                                                                      MD5

                                                                                                                                                      e0c35b7b3655e9bec5793e2b049051b1

                                                                                                                                                      SHA1

                                                                                                                                                      ccd9d0f1ecca28c27580c352b13bf260882c549d

                                                                                                                                                      SHA256

                                                                                                                                                      3a76c3a2c6f244f4e3d07e602a42e7d24556ede080010d8ffb9a18ab3a374d61

                                                                                                                                                      SHA512

                                                                                                                                                      b5e38af1e69b7f751a47bf98390ba6d5491d8ca2fac51bca53a55d3ff3e44bb07d2d6cb45cc72f5e984f4fb89cf4808a545f7ff56a4df205f8cac9cefbacc4da

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x3x6afp6.default-release\cache2\entries\2BB62A5F508187291BB477E79601AC81B652604E

                                                                                                                                                      Filesize

                                                                                                                                                      30KB

                                                                                                                                                      MD5

                                                                                                                                                      961b01ccebf0134161cb70c9b4f7ca1e

                                                                                                                                                      SHA1

                                                                                                                                                      05e2d1122679b433d136fd3bdf9b3613e6643ee1

                                                                                                                                                      SHA256

                                                                                                                                                      886b464ae8d56af49367e1f5f52b2f4bdc8c5cefb13ae32dc7a40ab0867d8d8e

                                                                                                                                                      SHA512

                                                                                                                                                      f0ba931908146794ea008770879b6e11d070af901eeb08dc1e72a5ffdda052e4ff906302d971960a118e36550d5b899bf25d9e124a1471c604cc0208eba17f6a

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x3x6afp6.default-release\cache2\entries\70F9110B15BE4CA3789C4E686EFE371A84369C0A

                                                                                                                                                      Filesize

                                                                                                                                                      32KB

                                                                                                                                                      MD5

                                                                                                                                                      c8ec360657cd94d3668c0c508b5a41e9

                                                                                                                                                      SHA1

                                                                                                                                                      17c124cd24fe778475eed9141c5ef5fe085d500e

                                                                                                                                                      SHA256

                                                                                                                                                      60e84be4bfc5d55f0b161c15dd03b46b9a841fc07ff921710593c48e655057e3

                                                                                                                                                      SHA512

                                                                                                                                                      e702cf1f1ebb7bfb601c1085ca035eac04705186e186f75ee0d9a0445e9332e2d72c59675187746b80169d258c68ce04f40978fd4da1bba2bc417f8aeef6dd14

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x3x6afp6.default-release\cache2\entries\A90A033F6471B356E702B2D074EAEEFD67E36DE6

                                                                                                                                                      Filesize

                                                                                                                                                      1.5MB

                                                                                                                                                      MD5

                                                                                                                                                      7883c0f91a264a3fe6f0b92ba8c45ac4

                                                                                                                                                      SHA1

                                                                                                                                                      79cb7b524d3ab9db7b647634f419641b860a7f1a

                                                                                                                                                      SHA256

                                                                                                                                                      fb8c75ae1cee6cf1d46d34f1062187c42d8cbd6f2f25a8fc34b9da3fdb7e15eb

                                                                                                                                                      SHA512

                                                                                                                                                      d91f52b83bf33ee593c4d1c6a7128ff6e95747ac41ead8f104ecb840888053b1a8bcdb0e20f5ef9d5a6a592d741d3766d71e88a76c293249da7a1017c937aed7

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x3x6afp6.default-release\cache2\entries\DFF427F3036CB4FD84301A0F4A7459DEC961B2C3

                                                                                                                                                      Filesize

                                                                                                                                                      33KB

                                                                                                                                                      MD5

                                                                                                                                                      13f55354f5ff832b4cf1bc6abbadab44

                                                                                                                                                      SHA1

                                                                                                                                                      febf16dd998e6413914d50b7e58c75d337b9a35a

                                                                                                                                                      SHA256

                                                                                                                                                      a0c979a938702f0e2ae953e4bc2d0131412c27b82ad95000373edefe38e0359d

                                                                                                                                                      SHA512

                                                                                                                                                      78f8a7553e2d7b1bdf7464bb62aa58402594258cd82a661cc418349e9e9022fc317918d7ae0c1f851f6d64168629a48d3fd2f3cc4638ab701aeba48b9df63181

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x3x6afp6.default-release\cache2\entries\F96A1A8368D3C3DD1FA81D170326E6C1C65D342F

                                                                                                                                                      Filesize

                                                                                                                                                      30KB

                                                                                                                                                      MD5

                                                                                                                                                      c4adc7efd946cbd57d0c6e396de4d4d2

                                                                                                                                                      SHA1

                                                                                                                                                      ed7d6d583a90a3c5b2226065aed2698e67b593dc

                                                                                                                                                      SHA256

                                                                                                                                                      4485d31613c9c588a755796b1d62c7e5b0c9455c860645eae5f9cf54ebd0d030

                                                                                                                                                      SHA512

                                                                                                                                                      2dc922ca378cd8cdfb273042d8d4e9579184e93ea204418e4c996106a0ae463b160dc578d6729d2144ad52735eeb47e60d0936084cd0fa8ef4837b59d67f2eb5

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\tmpaddon

                                                                                                                                                      Filesize

                                                                                                                                                      256KB

                                                                                                                                                      MD5

                                                                                                                                                      855190914faf7505eb300d469e52c2d0

                                                                                                                                                      SHA1

                                                                                                                                                      c76d8c7d5dca5783802e92bbf567dba0f32a5069

                                                                                                                                                      SHA256

                                                                                                                                                      2af7e7b4c58799ca6f474b6a95314cca6d8891b8bb9781cba2503f4483bd047b

                                                                                                                                                      SHA512

                                                                                                                                                      f681d3c3fdee94ee01de5a407ad746728a0dec81e18adbdaf852857d0103edf81039670a982d6443e4f7a8399da69a3d220ec2b9029094611401e9c288a2407f

                                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

                                                                                                                                                      Filesize

                                                                                                                                                      1.2MB

                                                                                                                                                      MD5

                                                                                                                                                      7090fbc97c84852ce2e657c7506255d8

                                                                                                                                                      SHA1

                                                                                                                                                      b072ead613d4160a8d386e73c65a20e031751488

                                                                                                                                                      SHA256

                                                                                                                                                      51cece87b98538a151fa09f23571f9040e2debb1c6e8a2181d2c2d51f4309fd3

                                                                                                                                                      SHA512

                                                                                                                                                      cecf6495668068187ff1571d2aea9fef72654a0cdf24cf7ee490f95b78810b00cbe5f41e3d35b0db49cb813b82df2d83f207549c7174e94e1119f1debec59608

                                                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\datareporting\glean\db\data.safe.bin

                                                                                                                                                      Filesize

                                                                                                                                                      2KB

                                                                                                                                                      MD5

                                                                                                                                                      a77b2b26f5b27ea332f2a79420e6a4cd

                                                                                                                                                      SHA1

                                                                                                                                                      3d6ad31fe22325307765c5fa1e9ce07df0ba0d25

                                                                                                                                                      SHA256

                                                                                                                                                      71e9e4df95a977a1d4020543154e090112befc6dbf67ffd6df0a8009a6853a4d

                                                                                                                                                      SHA512

                                                                                                                                                      0ab0b2b94dcbb30b8bb2243a258972db038123425ef1959761050038aa74d515c966383b5e01de70c9d930ab7077269d1ebadc9551ec66f10746c561844c323a

                                                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\datareporting\glean\pending_pings\de93c17f-1750-4eb8-b668-a91e141b7bcc

                                                                                                                                                      Filesize

                                                                                                                                                      11KB

                                                                                                                                                      MD5

                                                                                                                                                      b757058b1b2bc1aaf006f5c86234afba

                                                                                                                                                      SHA1

                                                                                                                                                      f5346bf3980e0f130b1affd5c978941c2769e63b

                                                                                                                                                      SHA256

                                                                                                                                                      f8649dc299052589f031d06cdf7a1ca6513ee56eac73169f1341fe9264617c40

                                                                                                                                                      SHA512

                                                                                                                                                      bb48b2fa0c935dfa63cf8e2030836b284b2830754c16136f295a039c1aa87b2b9d6a065ede21760c0b3171812975413ab85d47f9e8adc8bbf52c6ca357e807d4

                                                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\datareporting\glean\pending_pings\f3a5a50c-a8af-4cf4-82ed-13562508ac70

                                                                                                                                                      Filesize

                                                                                                                                                      746B

                                                                                                                                                      MD5

                                                                                                                                                      9f650b5e6f94ae47bb78dc94516e451c

                                                                                                                                                      SHA1

                                                                                                                                                      02d6001b3ad761e79e0e4ae75d36d383305c4fbd

                                                                                                                                                      SHA256

                                                                                                                                                      c46ea22798c47ce4861fd2f7cb075ab5a6bf674fde2203b0a27e6717e40518a7

                                                                                                                                                      SHA512

                                                                                                                                                      088bba6f11803c9efd3cf8f5a9549f12b869e24ea033c60ef1172a5d340474265a05226505a2ef715de20ab3ca92f81298f6ae10cdbeca961b11f1a37b988860

                                                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

                                                                                                                                                      Filesize

                                                                                                                                                      768KB

                                                                                                                                                      MD5

                                                                                                                                                      7df21c681befaebd0e51d6f297ec5c10

                                                                                                                                                      SHA1

                                                                                                                                                      eb2b022bd60272f1f60983ce7a2c14ab42a54387

                                                                                                                                                      SHA256

                                                                                                                                                      92e74b7d942b97752b12be423a49b328c213ea3c41e7e494b79d7e9d7c78191e

                                                                                                                                                      SHA512

                                                                                                                                                      0ff2f4c61302293ca0926c78fdae6784d6fa407c1a99160a232e899c11ea2ac9f1a1bcfde8c3bd7ea9b9a56e4b5c4cfb7b4b63756cfad428d97fa137213b3edb

                                                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

                                                                                                                                                      Filesize

                                                                                                                                                      479B

                                                                                                                                                      MD5

                                                                                                                                                      49ddb419d96dceb9069018535fb2e2fc

                                                                                                                                                      SHA1

                                                                                                                                                      62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

                                                                                                                                                      SHA256

                                                                                                                                                      2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

                                                                                                                                                      SHA512

                                                                                                                                                      48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

                                                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

                                                                                                                                                      Filesize

                                                                                                                                                      372B

                                                                                                                                                      MD5

                                                                                                                                                      8be33af717bb1b67fbd61c3f4b807e9e

                                                                                                                                                      SHA1

                                                                                                                                                      7cf17656d174d951957ff36810e874a134dd49e0

                                                                                                                                                      SHA256

                                                                                                                                                      e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

                                                                                                                                                      SHA512

                                                                                                                                                      6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

                                                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

                                                                                                                                                      Filesize

                                                                                                                                                      209KB

                                                                                                                                                      MD5

                                                                                                                                                      c018fc0dd6491fdbe9e5f6748c9d9864

                                                                                                                                                      SHA1

                                                                                                                                                      f3adeb4d44509a9d3f68dfe6bd7f378d0bbef27b

                                                                                                                                                      SHA256

                                                                                                                                                      8ab8f47941197e757d4ca9c560f1244087b44f703e37626f29cc2dfc63204907

                                                                                                                                                      SHA512

                                                                                                                                                      a17f74ae63107b84bb56ac9551db294ef7a975d97d8c6b9b0ceeddde85e090ff7d13652535efed06ae81fa87d75991d951a67615ddb1830faa19aaa9f5673433

                                                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

                                                                                                                                                      Filesize

                                                                                                                                                      1KB

                                                                                                                                                      MD5

                                                                                                                                                      688bed3676d2104e7f17ae1cd2c59404

                                                                                                                                                      SHA1

                                                                                                                                                      952b2cdf783ac72fcb98338723e9afd38d47ad8e

                                                                                                                                                      SHA256

                                                                                                                                                      33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

                                                                                                                                                      SHA512

                                                                                                                                                      7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

                                                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

                                                                                                                                                      Filesize

                                                                                                                                                      1KB

                                                                                                                                                      MD5

                                                                                                                                                      937326fead5fd401f6cca9118bd9ade9

                                                                                                                                                      SHA1

                                                                                                                                                      4526a57d4ae14ed29b37632c72aef3c408189d91

                                                                                                                                                      SHA256

                                                                                                                                                      68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

                                                                                                                                                      SHA512

                                                                                                                                                      b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

                                                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\prefs-1.js

                                                                                                                                                      Filesize

                                                                                                                                                      6KB

                                                                                                                                                      MD5

                                                                                                                                                      234c495677d3a3959811adb2ff490f2a

                                                                                                                                                      SHA1

                                                                                                                                                      3cd49cdfc462848694d06e1e849fdb06d922a687

                                                                                                                                                      SHA256

                                                                                                                                                      47036e69bfd265c1d99e02d0933d825939d84c31b42bf93a0b42eb684725c4ab

                                                                                                                                                      SHA512

                                                                                                                                                      388cb6fd7b827bfcf15bc1eb0a7a3def0b7ebc07634e04255c32e87bee71f42e0f10fc20e135e2931aa4a99684254b89a0c37cb0ae733f2566c8d98d79c6dffb

                                                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\prefs-1.js

                                                                                                                                                      Filesize

                                                                                                                                                      6KB

                                                                                                                                                      MD5

                                                                                                                                                      7dddd0c059b6e679a35ea3087d2490d2

                                                                                                                                                      SHA1

                                                                                                                                                      75c761c687a27b3ebaeecce19ff5ed6af72cbb9f

                                                                                                                                                      SHA256

                                                                                                                                                      35f968f5a8b07258a48e2e3dc6e15d10b76f93f5307de18f57dcc495e51ce1b0

                                                                                                                                                      SHA512

                                                                                                                                                      5e86f9b3cb325bfbdf9b808440441ca1b87b57a79fcceef721957dd12e99629a170d1f7fbf680478f547b94df501111cba689670d9055b8af64a8670ea28668e

                                                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\prefs-1.js

                                                                                                                                                      Filesize

                                                                                                                                                      6KB

                                                                                                                                                      MD5

                                                                                                                                                      80073b94e4e51381daef6eb418a0482a

                                                                                                                                                      SHA1

                                                                                                                                                      983821f658c3acbeee2d1314bd32b1907576412d

                                                                                                                                                      SHA256

                                                                                                                                                      9daff17a8e066b2bd0cdd1af539850397823642e3b85a6cabcedfd09de230997

                                                                                                                                                      SHA512

                                                                                                                                                      a948ad5d29fa6c73e431ef97e6a61d672057ed84bb8cfaf83702bcd8660ba7c340eb58fb9a14edf36c3ece364574a92e94b0bf460596db854635ff7caa30959c

                                                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\prefs.js

                                                                                                                                                      Filesize

                                                                                                                                                      6KB

                                                                                                                                                      MD5

                                                                                                                                                      deb57451fe3eaf66a12773cefda46693

                                                                                                                                                      SHA1

                                                                                                                                                      d46cde99beda96a3e1cb50ba2bbecf4f4951fb00

                                                                                                                                                      SHA256

                                                                                                                                                      a79a2f1cadd6f8f613ff01c72c7bbb1a193a8092ed6dbfe15fbdd78c3d9b0e37

                                                                                                                                                      SHA512

                                                                                                                                                      ec2b7d0a5c54fbfb6563cd1bbeeeb4cb557406381be12fe86fcddc59a96b01d3233778583a831f08e537389a7131da484dd3d3272d88ada53a9cd75a38299e88

                                                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4

                                                                                                                                                      Filesize

                                                                                                                                                      1KB

                                                                                                                                                      MD5

                                                                                                                                                      221e459bb42060cd6ca9b9e3d6ae4d5f

                                                                                                                                                      SHA1

                                                                                                                                                      6866465b76645603f0310110c38af57f7c7ed0eb

                                                                                                                                                      SHA256

                                                                                                                                                      456b4034565eb261e56c75bd1de5eb085d1cc8585e501923f21dc3c6cf8abe5e

                                                                                                                                                      SHA512

                                                                                                                                                      553a448dd749e130e960fca2c4607f47e9668da11f75fb73069c4429fc9e8efea083014b7358f6330fe65c11e8ec1541a12c48ca7335e1229e9d1170d02f1b1f

                                                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4

                                                                                                                                                      Filesize

                                                                                                                                                      1KB

                                                                                                                                                      MD5

                                                                                                                                                      8b361bfc405cd370b5c42f6a5035e689

                                                                                                                                                      SHA1

                                                                                                                                                      380f9f9d80b6b98c38d5f7aa04ce2eb2b865e1de

                                                                                                                                                      SHA256

                                                                                                                                                      13630845c096b5502acf8e32b801b308d4a2954f8ad89866ab132b080450b2fe

                                                                                                                                                      SHA512

                                                                                                                                                      37c05d5f2c6faaa311beeda122932d8222bdc52214ded9370d32c302ab4363f4da51b73eefeb06c4f4dbae6e7e967cc85ab68d1f02e1f0979226fcff3994ad16

                                                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4

                                                                                                                                                      Filesize

                                                                                                                                                      1KB

                                                                                                                                                      MD5

                                                                                                                                                      cd5774b49d11f51c0fa5018d6280b283

                                                                                                                                                      SHA1

                                                                                                                                                      33231a72cc9f67a6610123e535ff7b1b0a0917e1

                                                                                                                                                      SHA256

                                                                                                                                                      338ef603675f27e57f61b96c81c3eb9dfd980a38e2189c0a33d24ad0a165af4a

                                                                                                                                                      SHA512

                                                                                                                                                      be5d22cba74904191371e546231d3aff4a3e095fc73ea6c9b17c7c17b605561f2b3ee57dc788963a1661526f855ddc112965c7dda473e5572bc43ea0fc8aca14

                                                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4

                                                                                                                                                      Filesize

                                                                                                                                                      1KB

                                                                                                                                                      MD5

                                                                                                                                                      049e910ffd66afbfa3b2142025ca6207

                                                                                                                                                      SHA1

                                                                                                                                                      1aa85b1d9c2736e8176d619bb7071b830002f5a2

                                                                                                                                                      SHA256

                                                                                                                                                      aff7ace117db10c6fafcbad162e6815a02621479ec16fcf9c0c39e0ff74c81c9

                                                                                                                                                      SHA512

                                                                                                                                                      acf819ca00606608373922787811d97339affb087a087c69f46e0f223a81432eee62e34099e8faf9026e9c85aa4f244efee8ee8e74e5eda3504623464d706f74

                                                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

                                                                                                                                                      Filesize

                                                                                                                                                      184KB

                                                                                                                                                      MD5

                                                                                                                                                      32285f43af25cf830ab6440997697e09

                                                                                                                                                      SHA1

                                                                                                                                                      7efbb132a52d29f46877487f4dd576ace33711b4

                                                                                                                                                      SHA256

                                                                                                                                                      540030c006ecd189f2853246fb959691cc6d3df5c4634689d07e5df6a6c97f56

                                                                                                                                                      SHA512

                                                                                                                                                      7bee6e1d00e16821e52f3d85af8bd3f6fc39a92563329ee56e64953fd94696d5931f26948dbea99161a0a3a2f0c080750eed86e7a6f7b84fac06c0494cac675f

                                                                                                                                                    • \??\pipe\LOCAL\crashpad_3068_CFVKDRORPERVOTXF

                                                                                                                                                      MD5

                                                                                                                                                      d41d8cd98f00b204e9800998ecf8427e

                                                                                                                                                      SHA1

                                                                                                                                                      da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                                                                                                      SHA256

                                                                                                                                                      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                                                                                                      SHA512

                                                                                                                                                      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e