Analysis
-
max time kernel
19s -
max time network
159s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
06-02-2024 14:58
Static task
static1
Behavioral task
behavioral1
Sample
afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe
Resource
win10v2004-20231215-en
General
-
Target
afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe
-
Size
896KB
-
MD5
5bb2d0c9ee6a86afb4169f89f6b9216a
-
SHA1
f2a455a5f76807faf077b61a3ed61ea6a5d11a59
-
SHA256
afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c
-
SHA512
59b693615980a38acc5726a03a7bf5688b0f3440eb714c87e97e86bfba18d8f3362d36bcbd9eac3158e15d1f9f67ff745f3d00343c39dde7f3e0143376bed7ed
-
SSDEEP
12288:pqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDga7Tx:pqDEvCTbMWu7rQYlBQcBiT6rprG8a/x
Malware Config
Signatures
-
Checks computer location settings 2 TTPs 1 IoCs
Looks up country code configured in the registry, likely geofence.
Processes:
afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exedescription ioc process Key value queried \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000\Control Panel\International\Geo\Nation afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
msedge.exepid process 1976 msedge.exe 1976 msedge.exe -
Suspicious use of FindShellTrayWindow 15 IoCs
Processes:
afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exepid process 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe -
Suspicious use of SendNotifyMessage 15 IoCs
Processes:
afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exepid process 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe -
Suspicious use of WriteProcessMemory 64 IoCs
Processes:
afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exemsedge.exemsedge.exemsedge.exemsedge.exemsedge.exemsedge.exechrome.exechrome.exedescription pid process target process PID 4080 wrote to memory of 4040 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe msedge.exe PID 4080 wrote to memory of 4040 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe msedge.exe PID 4040 wrote to memory of 4872 4040 msedge.exe msedge.exe PID 4040 wrote to memory of 4872 4040 msedge.exe msedge.exe PID 4080 wrote to memory of 4148 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe msedge.exe PID 4080 wrote to memory of 4148 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe msedge.exe PID 4148 wrote to memory of 512 4148 msedge.exe msedge.exe PID 4148 wrote to memory of 512 4148 msedge.exe msedge.exe PID 4080 wrote to memory of 3068 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe msedge.exe PID 4080 wrote to memory of 3068 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe msedge.exe PID 3068 wrote to memory of 208 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 208 3068 msedge.exe msedge.exe PID 4080 wrote to memory of 2420 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe msedge.exe PID 4080 wrote to memory of 2420 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe msedge.exe PID 2420 wrote to memory of 4712 2420 msedge.exe msedge.exe PID 2420 wrote to memory of 4712 2420 msedge.exe msedge.exe PID 4080 wrote to memory of 1968 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe msedge.exe PID 4080 wrote to memory of 1968 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe msedge.exe PID 1968 wrote to memory of 4196 1968 msedge.exe msedge.exe PID 1968 wrote to memory of 4196 1968 msedge.exe msedge.exe PID 4080 wrote to memory of 3956 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe msedge.exe PID 4080 wrote to memory of 3956 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe msedge.exe PID 3956 wrote to memory of 1816 3956 msedge.exe msedge.exe PID 3956 wrote to memory of 1816 3956 msedge.exe msedge.exe PID 4080 wrote to memory of 4792 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe chrome.exe PID 4080 wrote to memory of 4792 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe chrome.exe PID 4080 wrote to memory of 1592 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe chrome.exe PID 4080 wrote to memory of 1592 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe chrome.exe PID 4792 wrote to memory of 3380 4792 chrome.exe chrome.exe PID 4792 wrote to memory of 3380 4792 chrome.exe chrome.exe PID 1592 wrote to memory of 1860 1592 chrome.exe chrome.exe PID 1592 wrote to memory of 1860 1592 chrome.exe chrome.exe PID 4080 wrote to memory of 872 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe chrome.exe PID 4080 wrote to memory of 872 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe chrome.exe PID 4080 wrote to memory of 4212 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe firefox.exe PID 4080 wrote to memory of 4212 4080 afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe firefox.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe PID 3068 wrote to memory of 916 3068 msedge.exe msedge.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe"C:\Users\Admin\AppData\Local\Temp\afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe"1⤵
- Checks computer location settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4080 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/2⤵
- Suspicious use of WriteProcessMemory
PID:4040 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9a75c46f8,0x7ff9a75c4708,0x7ff9a75c47183⤵PID:4872
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2256,10955279448191143421,9314510969501174619,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:33⤵PID:5512
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login2⤵
- Suspicious use of WriteProcessMemory
PID:4148 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff9a75c46f8,0x7ff9a75c4708,0x7ff9a75c47183⤵PID:512
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,2436463008587790356,13439423435326725191,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:33⤵PID:2476
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,2436463008587790356,13439423435326725191,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:23⤵PID:3696
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/2⤵
- Suspicious use of WriteProcessMemory
PID:3068 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9a75c46f8,0x7ff9a75c4708,0x7ff9a75c47183⤵PID:208
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:33⤵
- Suspicious behavior: EnumeratesProcesses
PID:1976
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2156 /prefetch:23⤵PID:916
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2868 /prefetch:83⤵PID:3716
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:13⤵PID:2036
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:13⤵PID:228
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4132 /prefetch:13⤵PID:6040
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3988 /prefetch:13⤵PID:5788
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4356 /prefetch:13⤵PID:5872
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4532 /prefetch:13⤵PID:6212
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4732 /prefetch:13⤵PID:6300
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:13⤵PID:6480
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:13⤵PID:6496
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6312 /prefetch:13⤵PID:7240
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6264 /prefetch:13⤵PID:5368
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4008 /prefetch:13⤵PID:2672
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6076 /prefetch:13⤵PID:1612
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7104 /prefetch:83⤵PID:5848
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7476 /prefetch:83⤵PID:4312
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5288 /prefetch:83⤵PID:3544
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5288 /prefetch:83⤵PID:7224
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,17132047379651975704,12236258360159708046,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5944 /prefetch:23⤵PID:4252
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com2⤵
- Suspicious use of WriteProcessMemory
PID:2420 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9a75c46f8,0x7ff9a75c4708,0x7ff9a75c47183⤵PID:4712
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,4979463977477782421,16750175067482570718,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 /prefetch:33⤵PID:5836
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/login2⤵
- Suspicious use of WriteProcessMemory
PID:1968 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff9a75c46f8,0x7ff9a75c4708,0x7ff9a75c47183⤵PID:4196
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,14143256269344200472,13120577941437117128,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 /prefetch:33⤵PID:5580
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com2⤵
- Suspicious use of WriteProcessMemory
PID:3956 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff9a75c46f8,0x7ff9a75c4708,0x7ff9a75c47183⤵PID:1816
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,11490084373704009750,17151436194870376980,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 /prefetch:33⤵PID:6164
-
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com2⤵
- Suspicious use of WriteProcessMemory
PID:4792 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9a71b9758,0x7ff9a71b9768,0x7ff9a71b97783⤵PID:3380
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2264 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:83⤵PID:4568
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3156 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:13⤵PID:7596
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4872 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:13⤵PID:4388
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3988 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:13⤵PID:8180
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3840 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:13⤵PID:8164
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3124 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:13⤵PID:7576
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5284 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:83⤵PID:8140
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5296 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:83⤵PID:8160
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:83⤵PID:5516
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1728 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:23⤵PID:5904
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6016 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:83⤵PID:2440
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3788 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:83⤵PID:3628
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5520 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:83⤵PID:3828
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5752 --field-trial-handle=1896,i,12790669916472886373,9157426110313572685,131072 /prefetch:23⤵PID:7752
-
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/login2⤵
- Suspicious use of WriteProcessMemory
PID:1592 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff9a71b9758,0x7ff9a71b9768,0x7ff9a71b97783⤵PID:1860
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1940 --field-trial-handle=1860,i,654115429641251039,11968038513871290164,131072 /prefetch:83⤵PID:3504
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1668 --field-trial-handle=1860,i,654115429641251039,11968038513871290164,131072 /prefetch:23⤵PID:7112
-
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com2⤵PID:872
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9a71b9758,0x7ff9a71b9768,0x7ff9a71b97783⤵PID:1732
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1928 --field-trial-handle=2000,i,2378003689172351826,13642443351284793026,131072 /prefetch:83⤵PID:8024
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1820 --field-trial-handle=2000,i,2378003689172351826,13642443351284793026,131072 /prefetch:23⤵PID:8016
-
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com2⤵PID:4212
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com3⤵PID:3340
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3340.0.593704617\65470616" -parentBuildID 20221007134813 -prefsHandle 1712 -prefMapHandle 1704 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {84878546-6715-4e04-8434-619e7869497c} 3340 "\\.\pipe\gecko-crash-server-pipe.3340" 1804 1ead42d8c58 gpu4⤵PID:5916
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3340.1.1469971027\1330999687" -parentBuildID 20221007134813 -prefsHandle 2284 -prefMapHandle 2280 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5c6e37c6-a36e-40e6-bb62-ddc54abc7231} 3340 "\\.\pipe\gecko-crash-server-pipe.3340" 2320 1ead3de6558 socket4⤵PID:6444
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3340.2.1919038876\781525886" -childID 1 -isForBrowser -prefsHandle 3056 -prefMapHandle 3052 -prefsLen 21668 -prefMapSize 233444 -jsInitHandle 888 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6988ae5e-9b8e-423a-989c-79ff63508ad6} 3340 "\\.\pipe\gecko-crash-server-pipe.3340" 2960 1ead8e4e258 tab4⤵PID:6268
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3340.3.601113508\2007394026" -childID 2 -isForBrowser -prefsHandle 2964 -prefMapHandle 3224 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 888 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {51a7ec33-856a-4720-9aa3-2b3af9c1cf61} 3340 "\\.\pipe\gecko-crash-server-pipe.3340" 3364 1ead9190358 tab4⤵PID:6844
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3340.4.1517700557\207250587" -childID 3 -isForBrowser -prefsHandle 2984 -prefMapHandle 3364 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 888 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {04704ecf-e071-41f5-92dc-a4f5c8e57986} 3340 "\\.\pipe\gecko-crash-server-pipe.3340" 3372 1ead9461558 tab4⤵PID:7008
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3340.5.287771171\1401798519" -childID 4 -isForBrowser -prefsHandle 4284 -prefMapHandle 4276 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 888 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ad9b73d1-84b4-46fd-821c-554771668782} 3340 "\\.\pipe\gecko-crash-server-pipe.3340" 4296 1ead6186558 tab4⤵PID:6236
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3340.7.1046650635\706142378" -childID 6 -isForBrowser -prefsHandle 6060 -prefMapHandle 6064 -prefsLen 29440 -prefMapSize 233444 -jsInitHandle 888 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d9b25250-01ac-4265-bcfd-ac8456aef9d2} 3340 "\\.\pipe\gecko-crash-server-pipe.3340" 5920 1eae2a10558 tab4⤵PID:5596
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3340.6.975366728\1164877497" -childID 5 -isForBrowser -prefsHandle 6008 -prefMapHandle 5812 -prefsLen 29440 -prefMapSize 233444 -jsInitHandle 888 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1e98c094-8846-4076-8d6a-e8a944a2fb56} 3340 "\\.\pipe\gecko-crash-server-pipe.3340" 6016 1eae2a0ea58 tab4⤵PID:5564
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3340.8.1036338012\1147439604" -childID 7 -isForBrowser -prefsHandle 5808 -prefMapHandle 5260 -prefsLen 29440 -prefMapSize 233444 -jsInitHandle 888 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {aa24b959-1d20-4354-82df-8c6b926fa925} 3340 "\\.\pipe\gecko-crash-server-pipe.3340" 5780 1eae2b68258 tab4⤵PID:8172
-
-
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login2⤵PID:2912
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com2⤵PID:4312
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com3⤵PID:2900
-
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:4492
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:5828
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"1⤵PID:5980
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x40c 0x5141⤵PID:4912
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:5872
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
40B
MD58ae25b226e0662d256cdb32f2777f840
SHA139594f82a6dd98b6e4a341648cd56e9efc6aa16e
SHA256935b4cba7114f9adb0c7ae6acbc8903ec672ae318ac63c5d5e5edf857b4db207
SHA512e529649b71c7a7fccaabc2833af3cbfc9bb15b66cc5735fc95a2bd741c502bd11af05853946d045a49d823e3f6899523d050fe7d33c485af5abccc8e2ca02e8f
-
Filesize
16KB
MD5d8e56edd91e6a8e254c9df3c3619f493
SHA1e5bb299b458c95e5575da0a42ff7b49969b880b4
SHA2568b598d7196aef8cb9eacf393e5b2520f5387f125552e1fefb6f373be30f64e97
SHA51246d3bb6eeba235ed9e2621cf6bf89c10c78fbbee1bec31d59347532d9d242de4bb533911d0981d3c1af85a1d51226ca694ccbcef178adda1fb71e9634820027b
-
Filesize
576B
MD5e840c8408774ddc5a09bec063d60662f
SHA1cdc896b5be008cacd4d585f54ebcbb2abfa1de89
SHA2569213c79c33a663dd94cbabaa7e5a05b59c724a037584380fa20103ff64a26844
SHA5128326eb1a6f7abf44f228caded0be53c67a06dee0f3ebd6262bceef873e51b3ed9c5cf0c374050b7f07d4d1c073fc7df2030eb718d30fdf28a220cac1da1f9152
-
Filesize
720B
MD50500520df399d05919e74e0e69ae78f7
SHA1683d7a977818e2fc5e5cdf8678fe04989d9bf359
SHA256593b151e37002e5d8620e5fee2692b5589b63019a0c21c608fb8b3b8cc50a74e
SHA5127bcb576a19e938e6c6c4c5d4276072f70d72c8cec55c18b827a715a907b8a0801fb65b22b58fdad2039b28057c26952ccbc936acb26ce47a33f7fc8c1b677995
-
Filesize
3KB
MD560e0abd7ec41f17b97746d1c331d5f47
SHA17a0ba67cee15e1189409449ba0e4d8d6f01f72b9
SHA2564961eea3b81d4a47095b2a1ae17d5974f945528f85ee316f7208748c65f66f3f
SHA51265acd09643c8fb39395915b1e1e0dcd11690ae3c20161d7c603281fc6c147a51525d27862cbb36fc95560b907b7b9c70cf640d96a5843bc712b1647a619c9de2
-
Filesize
870B
MD5a69c705db7fc42416ddd6e3172e8c9c8
SHA1234ee38b3fdbb5ecc5a2be3b09d123435754fb19
SHA25631299288ba861707cc958eb8049244fdd033711f94cf5133bf086d1c775215f4
SHA512c4fe5155ce526983fc2ed0e16b843f7d316ad308e4f33cf9d030c5e4e5a94deb10d9f45639dcd50b9ccf158b7ad6fe8e8852c19046dcdaa222e6f8e33f5cc77d
-
Filesize
872B
MD5edda92db0656fb5aeeb53cfd56a148d5
SHA1436e2c03c8eafe0ad638b657fb8352bed07ff6ed
SHA256f2a45c4600b6eb63fd00aa33d0a0a7c219d62d94bd18d133caf7da34cd8c4443
SHA512ddc5d6e6f77bd5485646b3a0b3f04e83261cf6a2763fcd0ab3a6af32825ba14be674787b9afb809d1aaf68668ea4256fb06e47df732f89ac47192b569b1e96d6
-
Filesize
707B
MD5c3bfb6db7f7adff58aae9dff789d8bda
SHA1e847986f28adbfa3a3fae998178da6bb845bbca4
SHA256f0ed4c95923bc5208b825edc6543c8f1c36714edacfc3acfa5e326823aa50fb7
SHA512e62291e4643c333dc992dff10fd229b36fa14cc0d94b1735406c174c5f3ab61b25910844004151faf171ffe39810873bcc43d89792b6bf41007192747eaee044
-
Filesize
535B
MD540f6989ea15d4b043e938f7bb4298434
SHA16985475af44513fd53464cb05255e318dd95b125
SHA256adaa02c6ca20149bada4d372702df05fe1a7a63124c5dd6b34b6a40e67dc3a6e
SHA512ec5f2abe0afece378c0ec5a5c8125531b511dbadbc60df7e5e1645ebf0593228ea1ec026fe41fad50e5acb703c70d2e497e048ca499fb79d0b1671e15e091c81
-
Filesize
367B
MD5c9a22108982b743aa785dd679639e50f
SHA175a252f98a41fb3ab42c0633c4e7e53ea8cda8d7
SHA256b122eb1ab44ab668f6f05dbae026a18ab273aba377d9ad49cc4a2dced88555e6
SHA512bb865a0e420e62c949c768d142828940d58c0b43638b5161597186aecc3a135a1d3e1fd0a6f1b99affa6c31cee9361755c9bd6d61c83628d7298af9cc0d37d63
-
Filesize
41B
MD55af87dfd673ba2115e2fcf5cfdb727ab
SHA1d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b
-
Filesize
6KB
MD5a53a89fac61e03da589b8a2024fb3df6
SHA15ba522c9f887c7543626018dc212655067383426
SHA2563a69842085c621ba202ba25ac67a41e7cbaa24c87183cc0810d96191bfb1f900
SHA512a1b1d16cc02368c602f7d25c5ddcedd04133b58dcd4cf6c906900e8105590839f8724006e0f6d799a60c7d96f5eb8f71caf47701252950957559061bcbaaf32e
-
Filesize
6KB
MD5cefbab74e3874a9e471453e50a498507
SHA1044e16d6a0d4e773905e2c8541ba662b9cb93962
SHA2567c6bc7dfb06e49683e0120dfbca6d151502037268727ef3da83fcbc0f669575d
SHA5121dfd42355975108b1936822eb1d584af0759c3903fc76b59bf5da1eac95630b021545a163f51dfad1f08c345bcf6d4d59c6f594f462b2f61670e5e86cbef886f
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\aefdd126-3338-4a21-a7f5-17b861586299\index
Filesize24B
MD554cb446f628b2ea4a5bce5769910512e
SHA1c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA5128f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize176B
MD5045b2a25b02207f32dbb78bbc45101a8
SHA193ead13bc2d40ca187b83d73649d837da21b02bd
SHA2566a4e64d1bbf6a8fe4544ede22f6f1cfe00c213b7c9d66baba45ab008d4ae47bc
SHA512118fb143d2ff1ac1b77c868849dababaeb84a81e691577f892dcd524c6cb951c9a58948e64cb165366dfc1ff6627b337b06f57fb33c3a7565ec2d709b38ffd57
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize112B
MD573fe582298740e5e4aad7aebeb6bcd5d
SHA17fe4221f472538205b8fc12d4b10a03431305b96
SHA256bf5e27ac7ea70e57688771bd8099f4399aa229c7d0d4e4176611351ffcb10430
SHA5128d61170caab1bb51e5369349158ae475e3609142ac03c4466238195a5ca0c32b73e03dd9b484d0c7934e8a5ad0ad36213c9f5d83ae65ec4c1f31c2cd7f3115fb
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe58d992.TMP
Filesize119B
MD5be59e84c6b25733d8dde99ee5099833e
SHA1a711a4bd93579c8226bce2128271c23a57667c61
SHA2562919213c2436c8f182dfc881b7c5c9addc6c1a90f9685774ff5523982b8b97d5
SHA51224784ce78d521c1d0f99012336807379ab3bc0de8b290c53ead7f17ecc67f371105b944e4dd84d6aa4be786e428d38914e003ceab678f66ad6798b572137a8df
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
Filesize72B
MD59b4a1429280ea3c350136c9129332ade
SHA1fbafc97a6ea37261e2b6aebd47ad42048254bca0
SHA256f4a01496414317f13720d772ccfcd8e064fd34caf4e31ff7c454f55992a49e50
SHA5125dca7a376ed743f2b66822bb8830089f9b81650515201aadcfdf4d8229058daacf3f221cf4ff71504cc035464e8af9a342205cc21a8f0d393a70778a15315b28
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe59358d.TMP
Filesize48B
MD5ef6e83126aa744efef9d68791caf64f7
SHA171ed3da0ae2122d8726a83a32e74d0b3f9074880
SHA2567086a1738ea2f3ee0420cf94af2b08c25228dd8f8fee29012ce96fd4710005c1
SHA51246b632719aaf81becd0be8522a0bbdec1a227fd5bcc5d4138d123bd172d794d0395115934c9fd95899fd51dc7d032df40f147f1c27b22eddeae13103a4baf4a8
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4792_1675551543\Shortcuts Menu Icons\Monochrome\0\512.png
Filesize2KB
MD512a429f9782bcff446dc1089b68d44ee
SHA1e41e5a1a4f2950a7f2da8be77ca26a66da7093b9
SHA256e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37
SHA5121da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4792_1675551543\Shortcuts Menu Icons\Monochrome\1\512.png
Filesize10KB
MD57f57c509f12aaae2c269646db7fde6e8
SHA1969d8c0e3d9140f843f36ccf2974b112ad7afc07
SHA2561d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f
SHA5123503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4792_917120016\Icons Monochrome\16.png
Filesize216B
MD5a4fd4f5953721f7f3a5b4bfd58922efe
SHA1f3abed41d764efbd26bacf84c42bd8098a14c5cb
SHA256c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3
SHA5127fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691
-
Filesize
233KB
MD580cef8bb646a8fc622d0452051292417
SHA188c75c12b0be9b479b5b3de1af4a7b53e794a048
SHA2562aaf9f1edecfb31d912e4a1c7c43f29f34e7cca8827a4f0b4db9dabe66bff028
SHA5128f2c36bf12c6a072e9f348f18626c04331635dfc7d52ac3531f75d2881480e65675fb927cd44b5119fbbb40e7272d7fd403149c3e0b611ba707c25c20efc23a2
-
Filesize
114KB
MD51bef7d8a73139f14cd05608f18fc0bb1
SHA1ad4ab6abd1167ea9bc6b8fa4ea0e83eb162b50c8
SHA256a3cab4792fc31740b8f701a7b2a8d944095a5796618a7335eb1860c7f75fd2bb
SHA512ae2dd12d382455315bd8fb7e4c8c10075e9cc5f21c56e3c7b521a038258c6164f003819e24f64c24092c1ac1a83255097c0cd61351a3fb897b2ecd1c37a46888
-
Filesize
114KB
MD5b043f7490a1340e2087e1565c7f6b753
SHA116955b428b9d262e9a24ba66d7359b14bce70b5b
SHA2563139ca798186ca4c382ef32bccdb6e5e9105798d6c81b151a013e6354f3176c0
SHA5128ea772845ab1e8b1190432a42dfeec743f42e7bc5e2cd8db20e6a45245bdebef45b47327f9bae907fc96869f7b4ee258ea435e54497c40681aeb7247ca387e4b
-
Filesize
114KB
MD54b29b78c34d9b430c6f221f7da68d99c
SHA1f45c56245fcb4e39385fb7e8a9029aad8ec1fc35
SHA256db0f759471a5a11f6ebe7eff8e4084db4865a6ae73f6f097d1dd488841652f87
SHA5125c5f9d0e4ff90ce022c12d25ace0c6459db747da8d701efdac1d5d390e855490ef6df1ff819ceb591c1f6d4a7e344549ee9ddf32899c091b02c44732d0bb51c1
-
Filesize
85B
MD58549c255650427d618ef18b14dfd2b56
SHA18272585186777b344db3960df62b00f570d247f6
SHA25640395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c
-
Filesize
86B
MD5f732dbed9289177d15e236d0f8f2ddd3
SHA153f822af51b014bc3d4b575865d9c3ef0e4debde
SHA2562741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4
-
Filesize
86B
MD516b7586b9eba5296ea04b791fc3d675e
SHA18890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA51258668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
-
Filesize
2KB
MD57640a6d9adabc29df94ba6636b590c3e
SHA1ac335e108fd19b499e6411dd47ef2fa67bf802a3
SHA256dddfa780752455c9d05da07b3d4325b1eb0c08f1988deaa0cc53a76f6f4c7b55
SHA51256de9fbabbf8791e3e83b948821f1aae33d86ab0214a00f37d760f844165224cfab653876ac12417dcb7b8492cea5575ee655c5f3bec9b506c16e8d742777281
-
Filesize
152B
MD5b810b01c5f47e2b44bbdd46d6b9571de
SHA18e3d866cf56193ca92a9b74d1c0e4520b5a74fdc
SHA256d1100cf9e4db12cc60cce6e0e2e3d9697e762c219f6068eb55a1390777bf4b45
SHA5126bbf900b2f7614dd17aa6d5febe3ad1100851e2309ba2cd5219c5aa5af7bf830eec2cc88071d37987aa7e3f527b8df5b2d85e8b21b18fcb071baaab1a2eadae2
-
Filesize
152B
MD5efc9c7501d0a6db520763baad1e05ce8
SHA160b5e190124b54ff7234bb2e36071d9c8db8545f
SHA2567af7b56e2f0a84ae008785726f3404eb9001baa4b5531d0d618c6bdcb05a3a7a
SHA512bda611ddba56513a30295ea5ca8bc59e552154f860d13fed97201cdb81814dd6d1bca7deca6f8f58c9ae585d91e450f4383a365f80560f4b8e59a4c8b53c327d
-
Filesize
22KB
MD57a204d478c8dfe822bf86f9103bbd9b3
SHA17114b36ea1588d9372d730b2ee5dec7a3aee36d1
SHA256d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb
SHA512f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e
-
Filesize
202KB
MD513b557fac5b38edafe500b6f38d8d381
SHA124e2fa42c9d2727a15667bd87b2121ea1a7e14d5
SHA25608ac1a7327a1db87776aace18bef3ff1c3053fec213e0142b8bbf5fe7e8b1634
SHA512e8c998e68030d70f3a54ebc24072cf9a14db9a8357f61820164be6c65a4d4aacadf81424dad586082844e5b29ecda792f4c51a552ebf7741c6f62f8ad615b87d
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize1KB
MD5da9decec7e11629177f5f6f94654963c
SHA1f1ddfa57638a4f3c39c6442b3e572298f425d58e
SHA256dfd099100804458a9727efedc1f6c90a43b9d2624fb05379ea81f7067ea09e5e
SHA512dce3bd6218bcf06b4507ee0e3821f17793529dfcf7f4843183b18532b29bfa25ed57b8a3dfd3979e242916d17836954cdeea4392fd483869e7afdfbb8fd658ad
-
Filesize
111B
MD5285252a2f6327d41eab203dc2f402c67
SHA1acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA2565dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA51211ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d
-
Filesize
2KB
MD5309a7cf2e0f8141fc306c7c143e42dd0
SHA14bb296f69f9afbe30435fb6efbc0334ef04273aa
SHA25631c16bc1a09ccc4617e15cfdfe716f4caca24189300e982100fe70f9ec59bfc3
SHA512259d88662124a71290747cfc3618a942305fe731126a15c267c6072cd51398e1a5792c3f0452eb364c32c2350aa202fa5b3eced874f262dddff8287ce4aa85c2
-
Filesize
2KB
MD5bdbe92b3688df01a0060304fabab0323
SHA1c5bd1d17682db5d6cd0b385219ae9e943e0c96c6
SHA2569e11afefe062d1acd4de2b70db85b7a730fa81d83a45aa64250d6022124371db
SHA5127093924a75d6f11258c3b80973fc8c4f3246bb99cc3b298921c4825d922ec18c02f8dec23060c3fb24655d90032ef4262aa614ff38919adff520c59005e58639
-
Filesize
5KB
MD5d530b7632416f6321de7d0aedda7a308
SHA156aab9ff9eedbf0e1cb92ad78dcaf37265301791
SHA256f89942e35f27967b17c86f3dad2c8de8f13645a5ee76d391fdfd1a17b310bcfa
SHA5127c3470544c38734b343182c6edddd0203108fb6c50f8d613ebc5a6304a0b4ac450b18c7bb2bc798c89046292abd9a7f5a9b1d54880ad2a05f73e831f6695b494
-
Filesize
7KB
MD59f6d0fb66a0d9f8465f781c7fcf2f6f9
SHA1edf9cce3b515d438aebee25017eee5f135b2ec15
SHA256681cb055cffec36292e5a78f68726baf43046a41c74b9d0452718b2be5b573b9
SHA512893867226d38a8106d25c049e9b1d4107ceae1a825b27f9dd2d711c7e2cb79b75cf923e632fe9ea623ee66e2bf08df708e5f31378881dee144aaf37a48c7fcdb
-
Filesize
7KB
MD50525e580026ae983bdb591b81b1991c0
SHA115a0ec117fbbf8a16d77025bdeb2de7619bfbd71
SHA256af8b029a224c930a8d1aee02eaec635cd574d30e909c83ddff93d11b6ebf0444
SHA5129c006d782c0a58c641dd12bc2c6232db3cd50ec1472879f20009a112221f41dfb03fa02c91713656d5b094982487e94c5a4e0f816be810e916c78d04b74cc16f
-
Filesize
7KB
MD5c381ca11deb65c6f7870fa801fc78528
SHA1050b9d5643cfc6a0b7f04f5c51705c65e7485467
SHA2566322dae5d2b8be7e544802b685bfcaa979b2c1f77a9623f6967afa71c7455f26
SHA512fc4b3b4e354e181de829d7f71b62faf82e8c3309c2b62eaed656e73c795964f55d1c6b297d4cf1a38efd0ad4adfd07596b4b7b36b7be34964f649b1a205615fe
-
Filesize
24KB
MD5121510c1483c9de9fdb590c20526ec0a
SHA196443a812fe4d3c522cfdbc9c95155e11939f4e2
SHA256cf5d26bc399d0200a32080741e12f77d784a3117e6d58e07106e913f257aa46c
SHA512b367741da9ab4e9a621ad663762bd9c459676e0fb1412e60f7068834cbd5c83b050608e33d5320e1b191be1d809fef48831e0f42b3ecabd38b24ec222576fa81
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\914e5c55-9347-4f61-b107-a95405d74707\index-dir\the-real-index
Filesize2KB
MD507c360d1d9505ef338ce0aa7f127b541
SHA16812191558151fec8d4e09e72200a2f0f73e84a8
SHA256eba487cac357725fd51575f7cf394d5c6a7d4dfa3b6326db9c7fde9bd585844d
SHA512f56f88009f11fbf7f8185e8abbb96f4e8340458795c6eb7d33cbae957a7b4111f5159a8ab8413e1fd952177de67eed8aa8e5e98622a767aba189b4bdfda50a56
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\914e5c55-9347-4f61-b107-a95405d74707\index-dir\the-real-index~RFe595e33.TMP
Filesize48B
MD5288aa182d2723599b2b58a561a6014b4
SHA1cab49e17693f74bdd5c01976f2207021d5fa7c92
SHA2560f9a3d0f8de12c330b5bc3792df223a1d0fb3487966238fb012ab71dc103099b
SHA512e06c6216cef880817adda700f65af27a18c32ae20eb3165c194aff9cff2002dd8b4b69b6fdade1e0a195ecdcca3f7624f93e10a277c487116e3fc96bbe58af24
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize82B
MD56d6d166aca959c03deda28497c22c4ac
SHA1b265ca47a607ba0ae3b8b9a615818ec79060f716
SHA2568e5c987206695bb5540e1a95fc348dc4174f56d1411e57e709edfc6e728355ac
SHA512d63c94b14c2cdb6ad380385febc41b551267ee9b97341f1d71777a154f9aa3cb8980d6d916edbb8af232a450492ead86223bceea0de053c676b037db046ac328
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize84B
MD546b641f88899bd765c41f864adb97614
SHA1b36a4f460d0ad86ce532429af39cf138b2bcc511
SHA25675a51a86699c7cc0c6781a3aa02211b15d5175376a0f4e2b4f4d27703face084
SHA51253fda65f3de8e2da640e55ff93d9586a4de84db847ddc72ef78b44c584358d6a58be8f6bca4e1af4ce06e1e17ee979b3dc28930f655a26bfa44ea3fe90ab6e29
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize89B
MD5d98c7a9bc7af2d779154da8a3594cb2c
SHA1ecf5012cbfce8fdaea329d4a720110f1a2c215a0
SHA2568869c1abec15b23ecaae74b5cf5ae049fdef901fde9fabc4d3a15e8f973903b5
SHA512949304a62b2069460793744e736a2c20d3720b50cecd943a1c65f35a106a40fd83628ba361f4dfdd46857df704dd72ed89961f35cb7d8c81a38d933e5863d1de
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt.tmp
Filesize146B
MD51b35994c50cf2ffa121bff110a6e2d09
SHA1ef032bdb7cc59334ea757a0e502ce0c22b51cf4a
SHA2561d7c1c24bfb5178f1dded13dc5eceaa5acad452bc1cd8520a5ebb963d543adef
SHA5124312b34d79a6fa27f94f15d2b615db007fad6357acd856a1ec20fcc7627ed3985b5129698449200ba2e001855f7fe0ef38efba64fda14f1d28a0ae9a44f00b65
-
Filesize
16B
MD546295cac801e5d4857d09837238a6394
SHA144e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA2560f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA5128969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
Filesize72B
MD5f5c8d76a0f75a902dcae90db26790189
SHA15f869eafeeecb6e535d5016c27ad6e37b488a2e0
SHA25652758f408f24a0c33f3696a5ad7ead8729a6643fc51e62facc0248981871ca2a
SHA5129539a11b078d3f828acbb0981bec68288d9723ee3661967325ef92877e1edffb592362eee2aca8d10fd2e7a28752ea6e436e2d89321bad383415c8dcf32e6f13
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe590d73.TMP
Filesize48B
MD570be082cd30591dc6ae1ed6fb7f60ec4
SHA1b4b0415ba30ed9fc83657c9287465f9acfa26ae9
SHA25665c978771a3d86f296e409a9eecfca52c6f6cf60223839ee31e78dc32cf90ca7
SHA512db50d8da20a416b6bac066813ecb554a21241d8c3261b7dfe9b3cad3d28d9fe7bfe0df24c2dc0c691268e2cdfdc4eaabb20ac55b8a8e3e9dc1098dd4947aa23e
-
Filesize
1KB
MD587535e7b944e048adc1c959de1cbbfa3
SHA107f4d25855d05c9fe5a7f2401ff64d639333a538
SHA256f218a9a8266f3a6eff793025b1b6eb5cbb4bdcf3e9dfd7f42643c58f46c0c3cd
SHA512c51b2df1d1e84e2b9bf1ea2ed3495981e04419d0cf4020b43155cdefdce92ad102e50c8322ec8137a155dfa315a683603335a244a7f2322a15b17c10017b84d5
-
Filesize
1KB
MD5b09f69aca3aa7f99c9615b1e5690085e
SHA1daee0e13b4ad25ecd4cd85a3048fd18dd01ea67a
SHA256cd9c45aef98145d2bca58795e2d7ab38b7ecdf7c284f9efa586989f9e2b9eec7
SHA512ad1cf48ff01f1d493419359dc7a88e42ab7c27525d83922e626cebb23ff743c83de796af25c2381b500483aaa5ed9e90a3d935326bbe436fc8bf98a2ec647758
-
Filesize
1KB
MD556fcbc7db08b420e078c076f469d5db9
SHA13803620ef124042f40ad4ce567e3b6d44a5a497c
SHA25663e76c66d239f35372867f2201def5fd1f12604e63b1037a49bf83983a72f51c
SHA512f4e62f4447c697aaf6dc403ffa7ffc55d362d2d1bb0494f34dc0b96f4cf208f5b1f4a61cfa967e1b5223d4e7bc62eb5f8da3200b307bc7884935be869475a3db
-
Filesize
1KB
MD58761eea8df8b4d9094f048a76434be4d
SHA132a8fec7db84e5945c80f10fffd3e0017581034d
SHA2562e19b3b360eb6d307406e5d990baf5cb807fecdc12c329b30694758a8eb99d00
SHA512cf0c564cd32d72368fd4f7019d82d73be08f22f2b6043715b7663f6faedb78622e1c20e7f63bb1bad8515ec34571efb69d5ea2666a3f97e79053118bc14ce2ba
-
Filesize
1KB
MD51f459768db8cd917ef207704a5cf1a86
SHA17cd2697f843984142ba4a02714a97b22b2a1727e
SHA25637ad20a549f7b41ccfddf2d522cb760e80a3acb42efa8d848ca0d7fb4620474c
SHA512fc3e507371f4e73f289c3697df73900f32a9d994ee4866b4d382b478dae64278f54cb8d0e3d45abd9a13a7edfc8940bcf564fc06571cd297831599134a0da8ea
-
Filesize
1KB
MD57abba34e0290739a09ab5e5d90db6e64
SHA1a2985055d13d1c35da283000c63383c673cda50c
SHA25614d584cc48852ebeaf46c0990da46713ea3f3e8da3c102933ac1bf42566368f1
SHA512c9523ae5f2ad248abcc79aa0cae171e016b5b93799ab733f44fd48cae8a7a984dfe432a723246491012ed3836f743d52c3f9825593cc538b8777d07d05d95910
-
Filesize
1KB
MD50e7a95dd6274cf5c3b65f275973bb304
SHA1132d68a63931dc815a10a47190803769a08913f4
SHA256437c848cc67746ef4bec28291feaf7ac7d4f69dbea1c64bc90d355d19a5a29a3
SHA51293830d7813595e94d1193606213fb1be0e089aa98a733ac2a9ef94cd6d7f9f9cacd22f7410ea5715ae6ff8adcc01c1afa90776e202685247ef403d63c4382f8a
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
2KB
MD5a36b715a082ab7a2afd7b33b38e8c449
SHA180cf8dcc232bc2c12bad38691e83a7a4f890cd57
SHA2568cad9d0f584972c011caafa0fbc4d138f228c3e9cb56b9b7d7a9797f5e13361b
SHA5121c14aaca8765818515ab2952439551ca8deef3af8a62841797b31aeea172e29a12063ee2202a1f8ab278d3e2946dea2d7f304e53565c5d2d08791006edba8fa9
-
Filesize
2KB
MD5a8cd1a01de108be227d727396d57f18e
SHA128a303a25654da9e24845d1398007c780cbeef33
SHA256da7ca51e4b8bb21b3d6d05f08d022a7c61707eca7789dc26851af690aec4b25a
SHA5125977622d706797d51c3dc8b184493c71eb435fd1fab169f8d434d504ac5d18f4ae27469486cdf8df147d0ff4852d1502897fad35131d915a505be627662e8ae4
-
Filesize
2KB
MD55f9a6fc5623571f46d14600870c1d2ea
SHA11714671ac789ad455854870e33260aad6aa1fcb3
SHA256b2c54cc7f9bcd36921eee65e8035da678aa8b7b73033044f036d320bc47a910f
SHA512ed06391bd66b6c022bbefdf1e4c35a958945627f01ff6aa0b8344a160d4bc6a6f1b5c0bd469000f7b3a9ad8ab394baf0928e2554b12e29c6cf154b052a1b1a58
-
Filesize
2KB
MD5760e4de54b9898f6f66b3ac2e55b654c
SHA19b43d51d03a1b7d060426056abc5d393a830f479
SHA256269f4f33d68435df4a2eb2c922b1f896c84042342a20174911ee6c657f4c17cc
SHA512ae22f2309772e043f0fc351934fa198acfb3800c892bddb170f3f234bc2657c8f09206cf3a1174d2d95d904de6e8c0b22d3e73de714edef5130cdaa70552698e
-
Filesize
10KB
MD51e5bceceaedb6cef4adde49f8df92517
SHA114886d5ad74a7219da5de7bc6f3e9f064a251e2c
SHA25675e3e610912c3db9df27c7cb9d3cb6745ef917e9585dc864dabe9d8e08a38f79
SHA512ecb2e8aacb6a27305558e5c10d60e85261d9dadd5923adf960659d4cd799a36e8748e9bcf9d91c7774c61c37ddaf786035848682456bc452c80fa67cde15e4f4
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x3x6afp6.default-release\cache2\entries\27130428AA9673FE224F99BCAF97A6009AE4D837
Filesize29KB
MD5e0c35b7b3655e9bec5793e2b049051b1
SHA1ccd9d0f1ecca28c27580c352b13bf260882c549d
SHA2563a76c3a2c6f244f4e3d07e602a42e7d24556ede080010d8ffb9a18ab3a374d61
SHA512b5e38af1e69b7f751a47bf98390ba6d5491d8ca2fac51bca53a55d3ff3e44bb07d2d6cb45cc72f5e984f4fb89cf4808a545f7ff56a4df205f8cac9cefbacc4da
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x3x6afp6.default-release\cache2\entries\2BB62A5F508187291BB477E79601AC81B652604E
Filesize30KB
MD5961b01ccebf0134161cb70c9b4f7ca1e
SHA105e2d1122679b433d136fd3bdf9b3613e6643ee1
SHA256886b464ae8d56af49367e1f5f52b2f4bdc8c5cefb13ae32dc7a40ab0867d8d8e
SHA512f0ba931908146794ea008770879b6e11d070af901eeb08dc1e72a5ffdda052e4ff906302d971960a118e36550d5b899bf25d9e124a1471c604cc0208eba17f6a
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x3x6afp6.default-release\cache2\entries\70F9110B15BE4CA3789C4E686EFE371A84369C0A
Filesize32KB
MD5c8ec360657cd94d3668c0c508b5a41e9
SHA117c124cd24fe778475eed9141c5ef5fe085d500e
SHA25660e84be4bfc5d55f0b161c15dd03b46b9a841fc07ff921710593c48e655057e3
SHA512e702cf1f1ebb7bfb601c1085ca035eac04705186e186f75ee0d9a0445e9332e2d72c59675187746b80169d258c68ce04f40978fd4da1bba2bc417f8aeef6dd14
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x3x6afp6.default-release\cache2\entries\A90A033F6471B356E702B2D074EAEEFD67E36DE6
Filesize1.5MB
MD57883c0f91a264a3fe6f0b92ba8c45ac4
SHA179cb7b524d3ab9db7b647634f419641b860a7f1a
SHA256fb8c75ae1cee6cf1d46d34f1062187c42d8cbd6f2f25a8fc34b9da3fdb7e15eb
SHA512d91f52b83bf33ee593c4d1c6a7128ff6e95747ac41ead8f104ecb840888053b1a8bcdb0e20f5ef9d5a6a592d741d3766d71e88a76c293249da7a1017c937aed7
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x3x6afp6.default-release\cache2\entries\DFF427F3036CB4FD84301A0F4A7459DEC961B2C3
Filesize33KB
MD513f55354f5ff832b4cf1bc6abbadab44
SHA1febf16dd998e6413914d50b7e58c75d337b9a35a
SHA256a0c979a938702f0e2ae953e4bc2d0131412c27b82ad95000373edefe38e0359d
SHA51278f8a7553e2d7b1bdf7464bb62aa58402594258cd82a661cc418349e9e9022fc317918d7ae0c1f851f6d64168629a48d3fd2f3cc4638ab701aeba48b9df63181
-
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x3x6afp6.default-release\cache2\entries\F96A1A8368D3C3DD1FA81D170326E6C1C65D342F
Filesize30KB
MD5c4adc7efd946cbd57d0c6e396de4d4d2
SHA1ed7d6d583a90a3c5b2226065aed2698e67b593dc
SHA2564485d31613c9c588a755796b1d62c7e5b0c9455c860645eae5f9cf54ebd0d030
SHA5122dc922ca378cd8cdfb273042d8d4e9579184e93ea204418e4c996106a0ae463b160dc578d6729d2144ad52735eeb47e60d0936084cd0fa8ef4837b59d67f2eb5
-
Filesize
256KB
MD5855190914faf7505eb300d469e52c2d0
SHA1c76d8c7d5dca5783802e92bbf567dba0f32a5069
SHA2562af7e7b4c58799ca6f474b6a95314cca6d8891b8bb9781cba2503f4483bd047b
SHA512f681d3c3fdee94ee01de5a407ad746728a0dec81e18adbdaf852857d0103edf81039670a982d6443e4f7a8399da69a3d220ec2b9029094611401e9c288a2407f
-
Filesize
1.2MB
MD57090fbc97c84852ce2e657c7506255d8
SHA1b072ead613d4160a8d386e73c65a20e031751488
SHA25651cece87b98538a151fa09f23571f9040e2debb1c6e8a2181d2c2d51f4309fd3
SHA512cecf6495668068187ff1571d2aea9fef72654a0cdf24cf7ee490f95b78810b00cbe5f41e3d35b0db49cb813b82df2d83f207549c7174e94e1119f1debec59608
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\datareporting\glean\db\data.safe.bin
Filesize2KB
MD5a77b2b26f5b27ea332f2a79420e6a4cd
SHA13d6ad31fe22325307765c5fa1e9ce07df0ba0d25
SHA25671e9e4df95a977a1d4020543154e090112befc6dbf67ffd6df0a8009a6853a4d
SHA5120ab0b2b94dcbb30b8bb2243a258972db038123425ef1959761050038aa74d515c966383b5e01de70c9d930ab7077269d1ebadc9551ec66f10746c561844c323a
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\datareporting\glean\pending_pings\de93c17f-1750-4eb8-b668-a91e141b7bcc
Filesize11KB
MD5b757058b1b2bc1aaf006f5c86234afba
SHA1f5346bf3980e0f130b1affd5c978941c2769e63b
SHA256f8649dc299052589f031d06cdf7a1ca6513ee56eac73169f1341fe9264617c40
SHA512bb48b2fa0c935dfa63cf8e2030836b284b2830754c16136f295a039c1aa87b2b9d6a065ede21760c0b3171812975413ab85d47f9e8adc8bbf52c6ca357e807d4
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\datareporting\glean\pending_pings\f3a5a50c-a8af-4cf4-82ed-13562508ac70
Filesize746B
MD59f650b5e6f94ae47bb78dc94516e451c
SHA102d6001b3ad761e79e0e4ae75d36d383305c4fbd
SHA256c46ea22798c47ce4861fd2f7cb075ab5a6bf674fde2203b0a27e6717e40518a7
SHA512088bba6f11803c9efd3cf8f5a9549f12b869e24ea033c60ef1172a5d340474265a05226505a2ef715de20ab3ca92f81298f6ae10cdbeca961b11f1a37b988860
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
Filesize768KB
MD57df21c681befaebd0e51d6f297ec5c10
SHA1eb2b022bd60272f1f60983ce7a2c14ab42a54387
SHA25692e74b7d942b97752b12be423a49b328c213ea3c41e7e494b79d7e9d7c78191e
SHA5120ff2f4c61302293ca0926c78fdae6784d6fa407c1a99160a232e899c11ea2ac9f1a1bcfde8c3bd7ea9b9a56e4b5c4cfb7b4b63756cfad428d97fa137213b3edb
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
Filesize479B
MD549ddb419d96dceb9069018535fb2e2fc
SHA162aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA2562af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA51248386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
Filesize372B
MD58be33af717bb1b67fbd61c3f4b807e9e
SHA17cf17656d174d951957ff36810e874a134dd49e0
SHA256e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA5126125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
Filesize209KB
MD5c018fc0dd6491fdbe9e5f6748c9d9864
SHA1f3adeb4d44509a9d3f68dfe6bd7f378d0bbef27b
SHA2568ab8f47941197e757d4ca9c560f1244087b44f703e37626f29cc2dfc63204907
SHA512a17f74ae63107b84bb56ac9551db294ef7a975d97d8c6b9b0ceeddde85e090ff7d13652535efed06ae81fa87d75991d951a67615ddb1830faa19aaa9f5673433
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
Filesize1KB
MD5688bed3676d2104e7f17ae1cd2c59404
SHA1952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA25633899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA5127a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
Filesize1KB
MD5937326fead5fd401f6cca9118bd9ade9
SHA14526a57d4ae14ed29b37632c72aef3c408189d91
SHA25668a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2
-
Filesize
6KB
MD5234c495677d3a3959811adb2ff490f2a
SHA13cd49cdfc462848694d06e1e849fdb06d922a687
SHA25647036e69bfd265c1d99e02d0933d825939d84c31b42bf93a0b42eb684725c4ab
SHA512388cb6fd7b827bfcf15bc1eb0a7a3def0b7ebc07634e04255c32e87bee71f42e0f10fc20e135e2931aa4a99684254b89a0c37cb0ae733f2566c8d98d79c6dffb
-
Filesize
6KB
MD57dddd0c059b6e679a35ea3087d2490d2
SHA175c761c687a27b3ebaeecce19ff5ed6af72cbb9f
SHA25635f968f5a8b07258a48e2e3dc6e15d10b76f93f5307de18f57dcc495e51ce1b0
SHA5125e86f9b3cb325bfbdf9b808440441ca1b87b57a79fcceef721957dd12e99629a170d1f7fbf680478f547b94df501111cba689670d9055b8af64a8670ea28668e
-
Filesize
6KB
MD580073b94e4e51381daef6eb418a0482a
SHA1983821f658c3acbeee2d1314bd32b1907576412d
SHA2569daff17a8e066b2bd0cdd1af539850397823642e3b85a6cabcedfd09de230997
SHA512a948ad5d29fa6c73e431ef97e6a61d672057ed84bb8cfaf83702bcd8660ba7c340eb58fb9a14edf36c3ece364574a92e94b0bf460596db854635ff7caa30959c
-
Filesize
6KB
MD5deb57451fe3eaf66a12773cefda46693
SHA1d46cde99beda96a3e1cb50ba2bbecf4f4951fb00
SHA256a79a2f1cadd6f8f613ff01c72c7bbb1a193a8092ed6dbfe15fbdd78c3d9b0e37
SHA512ec2b7d0a5c54fbfb6563cd1bbeeeb4cb557406381be12fe86fcddc59a96b01d3233778583a831f08e537389a7131da484dd3d3272d88ada53a9cd75a38299e88
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4
Filesize1KB
MD5221e459bb42060cd6ca9b9e3d6ae4d5f
SHA16866465b76645603f0310110c38af57f7c7ed0eb
SHA256456b4034565eb261e56c75bd1de5eb085d1cc8585e501923f21dc3c6cf8abe5e
SHA512553a448dd749e130e960fca2c4607f47e9668da11f75fb73069c4429fc9e8efea083014b7358f6330fe65c11e8ec1541a12c48ca7335e1229e9d1170d02f1b1f
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4
Filesize1KB
MD58b361bfc405cd370b5c42f6a5035e689
SHA1380f9f9d80b6b98c38d5f7aa04ce2eb2b865e1de
SHA25613630845c096b5502acf8e32b801b308d4a2954f8ad89866ab132b080450b2fe
SHA51237c05d5f2c6faaa311beeda122932d8222bdc52214ded9370d32c302ab4363f4da51b73eefeb06c4f4dbae6e7e967cc85ab68d1f02e1f0979226fcff3994ad16
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4
Filesize1KB
MD5cd5774b49d11f51c0fa5018d6280b283
SHA133231a72cc9f67a6610123e535ff7b1b0a0917e1
SHA256338ef603675f27e57f61b96c81c3eb9dfd980a38e2189c0a33d24ad0a165af4a
SHA512be5d22cba74904191371e546231d3aff4a3e095fc73ea6c9b17c7c17b605561f2b3ee57dc788963a1661526f855ddc112965c7dda473e5572bc43ea0fc8aca14
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4
Filesize1KB
MD5049e910ffd66afbfa3b2142025ca6207
SHA11aa85b1d9c2736e8176d619bb7071b830002f5a2
SHA256aff7ace117db10c6fafcbad162e6815a02621479ec16fcf9c0c39e0ff74c81c9
SHA512acf819ca00606608373922787811d97339affb087a087c69f46e0f223a81432eee62e34099e8faf9026e9c85aa4f244efee8ee8e74e5eda3504623464d706f74
-
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
Filesize184KB
MD532285f43af25cf830ab6440997697e09
SHA17efbb132a52d29f46877487f4dd576ace33711b4
SHA256540030c006ecd189f2853246fb959691cc6d3df5c4634689d07e5df6a6c97f56
SHA5127bee6e1d00e16821e52f3d85af8bd3f6fc39a92563329ee56e64953fd94696d5931f26948dbea99161a0a3a2f0c080750eed86e7a6f7b84fac06c0494cac675f
-
MD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e