Analysis

  • max time kernel
    152s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-02-2024 14:56

General

  • Target

    afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe

  • Size

    896KB

  • MD5

    5bb2d0c9ee6a86afb4169f89f6b9216a

  • SHA1

    f2a455a5f76807faf077b61a3ed61ea6a5d11a59

  • SHA256

    afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c

  • SHA512

    59b693615980a38acc5726a03a7bf5688b0f3440eb714c87e97e86bfba18d8f3362d36bcbd9eac3158e15d1f9f67ff745f3d00343c39dde7f3e0143376bed7ed

  • SSDEEP

    12288:pqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDga7Tx:pqDEvCTbMWu7rQYlBQcBiT6rprG8a/x

Score
7/10

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Checks processor information in registry 2 TTPs 15 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 10 IoCs
  • Modifies registry class 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 22 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 61 IoCs
  • Suspicious use of SendNotifyMessage 57 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

Processes

  • C:\Users\Admin\AppData\Local\Temp\afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe
    "C:\Users\Admin\AppData\Local\Temp\afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe"
    1⤵
    • Checks computer location settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4740
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:2024
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff970cf46f8,0x7ff970cf4708,0x7ff970cf4718
        3⤵
          PID:2252
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,9868030128619911911,12821072691756692875,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3
          3⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:1280
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,9868030128619911911,12821072691756692875,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
          3⤵
            PID:3944
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login
          2⤵
          • Enumerates system info in registry
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
          • Suspicious use of FindShellTrayWindow
          • Suspicious use of SendNotifyMessage
          • Suspicious use of WriteProcessMemory
          PID:880
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff970cf46f8,0x7ff970cf4708,0x7ff970cf4718
            3⤵
              PID:3232
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,5468673611851342507,8362439077325034921,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2536 /prefetch:8
              3⤵
                PID:1960
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,5468673611851342507,8362439077325034921,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3
                3⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:384
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,5468673611851342507,8362439077325034921,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
                3⤵
                  PID:4136
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,5468673611851342507,8362439077325034921,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3464 /prefetch:1
                  3⤵
                    PID:5508
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,5468673611851342507,8362439077325034921,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
                    3⤵
                      PID:5476
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,5468673611851342507,8362439077325034921,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3932 /prefetch:1
                      3⤵
                        PID:5864
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,5468673611851342507,8362439077325034921,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4060 /prefetch:1
                        3⤵
                          PID:6324
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,5468673611851342507,8362439077325034921,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4212 /prefetch:1
                          3⤵
                            PID:6476
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,5468673611851342507,8362439077325034921,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4396 /prefetch:1
                            3⤵
                              PID:6640
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,5468673611851342507,8362439077325034921,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4452 /prefetch:1
                              3⤵
                                PID:6856
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,5468673611851342507,8362439077325034921,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5256 /prefetch:1
                                3⤵
                                  PID:7044
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,5468673611851342507,8362439077325034921,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5284 /prefetch:1
                                  3⤵
                                    PID:6004
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2136,5468673611851342507,8362439077325034921,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2272 /prefetch:8
                                    3⤵
                                      PID:3084
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,5468673611851342507,8362439077325034921,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4120 /prefetch:2
                                      3⤵
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:3452
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
                                    2⤵
                                    • Suspicious use of WriteProcessMemory
                                    PID:2468
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff970cf46f8,0x7ff970cf4708,0x7ff970cf4718
                                      3⤵
                                        PID:3264
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,11065795828625804174,9627734038812784653,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 /prefetch:3
                                        3⤵
                                        • Suspicious behavior: EnumeratesProcesses
                                        PID:5284
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,11065795828625804174,9627734038812784653,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
                                        3⤵
                                          PID:5276
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com
                                        2⤵
                                        • Suspicious use of WriteProcessMemory
                                        PID:4952
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff970cf46f8,0x7ff970cf4708,0x7ff970cf4718
                                          3⤵
                                            PID:1924
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1452,2797741906628901418,4880600258179268526,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
                                            3⤵
                                            • Suspicious behavior: EnumeratesProcesses
                                            PID:1136
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/login
                                          2⤵
                                          • Suspicious use of WriteProcessMemory
                                          PID:4428
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff970cf46f8,0x7ff970cf4708,0x7ff970cf4718
                                            3⤵
                                              PID:3044
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2032,10291139627786077389,534877380351866381,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2044 /prefetch:2
                                              3⤵
                                                PID:4816
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2032,10291139627786077389,534877380351866381,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3
                                                3⤵
                                                • Suspicious behavior: EnumeratesProcesses
                                                PID:6012
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com
                                              2⤵
                                              • Suspicious use of WriteProcessMemory
                                              PID:2076
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff970cf46f8,0x7ff970cf4708,0x7ff970cf4718
                                                3⤵
                                                  PID:1464
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1532,7071822791140755934,9741657670116428243,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1984 /prefetch:3
                                                  3⤵
                                                  • Suspicious behavior: EnumeratesProcesses
                                                  PID:3804
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com
                                                2⤵
                                                • Enumerates system info in registry
                                                • Suspicious use of WriteProcessMemory
                                                PID:1120
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff961e49758,0x7ff961e49768,0x7ff961e49778
                                                  3⤵
                                                    PID:2220
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1944 --field-trial-handle=1996,i,15899218743798162372,11807753264775813544,131072 /prefetch:8
                                                    3⤵
                                                      PID:7652
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1816 --field-trial-handle=1996,i,15899218743798162372,11807753264775813544,131072 /prefetch:2
                                                      3⤵
                                                        PID:7644
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/login
                                                      2⤵
                                                      • Enumerates system info in registry
                                                      • Suspicious use of WriteProcessMemory
                                                      PID:1556
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff961e49758,0x7ff961e49768,0x7ff961e49778
                                                        3⤵
                                                          PID:3244
                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1916 --field-trial-handle=1992,i,8133819178931651775,6232278710661183348,131072 /prefetch:8
                                                          3⤵
                                                            PID:7308
                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1788 --field-trial-handle=1992,i,8133819178931651775,6232278710661183348,131072 /prefetch:2
                                                            3⤵
                                                              PID:7300
                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com
                                                            2⤵
                                                            • Enumerates system info in registry
                                                            • Suspicious behavior: EnumeratesProcesses
                                                            • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                            • Suspicious use of AdjustPrivilegeToken
                                                            • Suspicious use of FindShellTrayWindow
                                                            • Suspicious use of SendNotifyMessage
                                                            • Suspicious use of WriteProcessMemory
                                                            PID:2248
                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff961e49758,0x7ff961e49768,0x7ff961e49778
                                                              3⤵
                                                                PID:4656
                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1676 --field-trial-handle=1888,i,18236801369099785453,3875149243650812686,131072 /prefetch:2
                                                                3⤵
                                                                  PID:5144
                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 --field-trial-handle=1888,i,18236801369099785453,3875149243650812686,131072 /prefetch:8
                                                                  3⤵
                                                                    PID:7188
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2228 --field-trial-handle=1888,i,18236801369099785453,3875149243650812686,131072 /prefetch:8
                                                                    3⤵
                                                                      PID:7316
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4004 --field-trial-handle=1888,i,18236801369099785453,3875149243650812686,131072 /prefetch:1
                                                                      3⤵
                                                                        PID:7560
                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3764 --field-trial-handle=1888,i,18236801369099785453,3875149243650812686,131072 /prefetch:1
                                                                        3⤵
                                                                          PID:7500
                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3104 --field-trial-handle=1888,i,18236801369099785453,3875149243650812686,131072 /prefetch:1
                                                                          3⤵
                                                                            PID:7348
                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3096 --field-trial-handle=1888,i,18236801369099785453,3875149243650812686,131072 /prefetch:1
                                                                            3⤵
                                                                              PID:7340
                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4500 --field-trial-handle=1888,i,18236801369099785453,3875149243650812686,131072 /prefetch:1
                                                                              3⤵
                                                                                PID:7292
                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5464 --field-trial-handle=1888,i,18236801369099785453,3875149243650812686,131072 /prefetch:8
                                                                                3⤵
                                                                                  PID:9672
                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5648 --field-trial-handle=1888,i,18236801369099785453,3875149243650812686,131072 /prefetch:8
                                                                                  3⤵
                                                                                    PID:6124
                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5660 --field-trial-handle=1888,i,18236801369099785453,3875149243650812686,131072 /prefetch:8
                                                                                    3⤵
                                                                                    • Checks processor information in registry
                                                                                    • Modifies registry class
                                                                                    PID:1844
                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4868 --field-trial-handle=1888,i,18236801369099785453,3875149243650812686,131072 /prefetch:2
                                                                                    3⤵
                                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                                    PID:7516
                                                                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                  "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
                                                                                  2⤵
                                                                                  • Suspicious use of WriteProcessMemory
                                                                                  PID:1512
                                                                                  • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                    "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
                                                                                    3⤵
                                                                                    • Checks processor information in registry
                                                                                    • Modifies registry class
                                                                                    • Suspicious use of AdjustPrivilegeToken
                                                                                    • Suspicious use of FindShellTrayWindow
                                                                                    • Suspicious use of SendNotifyMessage
                                                                                    • Suspicious use of SetWindowsHookEx
                                                                                    PID:688
                                                                                    • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="688.0.1887855703\386133774" -parentBuildID 20221007134813 -prefsHandle 1856 -prefMapHandle 1848 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c9704e6b-5cab-4a2b-8de8-9699d8a62a75} 688 "\\.\pipe\gecko-crash-server-pipe.688" 1948 10e144edb58 gpu
                                                                                      4⤵
                                                                                        PID:6052
                                                                                      • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="688.1.616054136\1855620004" -parentBuildID 20221007134813 -prefsHandle 2392 -prefMapHandle 2384 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a6f7c6c9-44d2-486d-b034-c424745d507c} 688 "\\.\pipe\gecko-crash-server-pipe.688" 2420 10e13fe4d58 socket
                                                                                        4⤵
                                                                                          PID:6664
                                                                                        • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="688.2.825748501\174411381" -childID 1 -isForBrowser -prefsHandle 3044 -prefMapHandle 3060 -prefsLen 21603 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e267e9fb-50e1-4df1-8107-6f9c47d32cf2} 688 "\\.\pipe\gecko-crash-server-pipe.688" 3036 10e17d4be58 tab
                                                                                          4⤵
                                                                                            PID:6840
                                                                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="688.3.1111232282\500102158" -childID 2 -isForBrowser -prefsHandle 2880 -prefMapHandle 3480 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d2b8f953-52dc-42a9-b51b-99d561d95320} 688 "\\.\pipe\gecko-crash-server-pipe.688" 3028 10e14468558 tab
                                                                                            4⤵
                                                                                              PID:7664
                                                                                            • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="688.4.1257177830\2033061291" -childID 3 -isForBrowser -prefsHandle 3908 -prefMapHandle 3904 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fbc7f851-d095-46ff-8e7a-29a091f23cd0} 688 "\\.\pipe\gecko-crash-server-pipe.688" 3920 10e07868458 tab
                                                                                              4⤵
                                                                                                PID:7288
                                                                                              • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="688.5.1894396533\10477666" -childID 4 -isForBrowser -prefsHandle 4608 -prefMapHandle 4104 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b394cd37-fd74-4f0e-9e4b-494e86f7a060} 688 "\\.\pipe\gecko-crash-server-pipe.688" 4620 10e197a2258 tab
                                                                                                4⤵
                                                                                                  PID:1364
                                                                                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="688.6.2061953645\50850599" -childID 5 -isForBrowser -prefsHandle 4784 -prefMapHandle 4788 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ee4bd92f-4c52-471d-aa18-5a8c8058e434} 688 "\\.\pipe\gecko-crash-server-pipe.688" 5216 10e191f8958 tab
                                                                                                  4⤵
                                                                                                    PID:8444
                                                                                                  • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="688.7.1160429243\349499882" -parentBuildID 20221007134813 -prefsHandle 5828 -prefMapHandle 3212 -prefsLen 26381 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1fa117df-2f9c-42c7-8b57-60f42a063a24} 688 "\\.\pipe\gecko-crash-server-pipe.688" 5836 10e197a4358 rdd
                                                                                                    4⤵
                                                                                                      PID:8752
                                                                                                    • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="688.8.1208287124\1319941840" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 5836 -prefMapHandle 5848 -prefsLen 26381 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2b42f4d6-348c-40a3-8a78-8204996232c7} 688 "\\.\pipe\gecko-crash-server-pipe.688" 5952 10e07867e58 utility
                                                                                                      4⤵
                                                                                                        PID:8804
                                                                                                      • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="688.9.1485758604\1159287357" -childID 6 -isForBrowser -prefsHandle 6112 -prefMapHandle 3492 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5a6154ff-8585-43c4-9155-bef06053cdd1} 688 "\\.\pipe\gecko-crash-server-pipe.688" 6152 10e1a478e58 tab
                                                                                                        4⤵
                                                                                                          PID:9028
                                                                                                        • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="688.12.1305446732\2100413856" -childID 9 -isForBrowser -prefsHandle 6496 -prefMapHandle 4804 -prefsLen 27337 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9a171821-983c-49ff-81fb-57ef92a634fb} 688 "\\.\pipe\gecko-crash-server-pipe.688" 4604 10e16603b58 tab
                                                                                                          4⤵
                                                                                                            PID:1228
                                                                                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="688.11.1054855657\771440366" -childID 8 -isForBrowser -prefsHandle 1712 -prefMapHandle 1844 -prefsLen 27337 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3a05039a-2573-4ebb-a0eb-690044cc859f} 688 "\\.\pipe\gecko-crash-server-pipe.688" 4804 10e1538d158 tab
                                                                                                            4⤵
                                                                                                              PID:9608
                                                                                                            • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="688.10.1698309611\77635861" -childID 7 -isForBrowser -prefsHandle 5684 -prefMapHandle 5680 -prefsLen 27337 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {85579163-8b0b-4f01-bf9a-526e7f33cfae} 688 "\\.\pipe\gecko-crash-server-pipe.688" 2576 10e07865658 tab
                                                                                                              4⤵
                                                                                                                PID:9600
                                                                                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                            "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login
                                                                                                            2⤵
                                                                                                            • Suspicious use of WriteProcessMemory
                                                                                                            PID:4172
                                                                                                            • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                              "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login
                                                                                                              3⤵
                                                                                                                PID:1844
                                                                                                            • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                              "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
                                                                                                              2⤵
                                                                                                                PID:3124
                                                                                                            • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                              "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
                                                                                                              1⤵
                                                                                                              • Checks processor information in registry
                                                                                                              PID:5004
                                                                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                              1⤵
                                                                                                                PID:5696
                                                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                1⤵
                                                                                                                  PID:6096
                                                                                                                • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                                                                                                  "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                                                                                                  1⤵
                                                                                                                    PID:7692
                                                                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                    1⤵
                                                                                                                      PID:6424

                                                                                                                    Network

                                                                                                                    MITRE ATT&CK Enterprise v15

                                                                                                                    Replay Monitor

                                                                                                                    Loading Replay Monitor...

                                                                                                                    Downloads

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

                                                                                                                      Filesize

                                                                                                                      40B

                                                                                                                      MD5

                                                                                                                      11e5b848083ca1c7c3b0b6e38065d219

                                                                                                                      SHA1

                                                                                                                      8c080b8fccac5b53c800ca9f28557998832ef7d9

                                                                                                                      SHA256

                                                                                                                      2602060f155395b394b10929bef56a70f94a85c94cfcb0a219fd4a5471a08b4f

                                                                                                                      SHA512

                                                                                                                      b76a646a090a90bf0146620b8fe90e0c77c567c2e2c6e35ad2bc146acbae9324e82afabe6cd2e42cfe267ce49d7bf92fd5022244b220083bd6a5b8c9e37c47d7

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

                                                                                                                      Filesize

                                                                                                                      18KB

                                                                                                                      MD5

                                                                                                                      85b2f70f7cca6ac183b1c48cb0198d98

                                                                                                                      SHA1

                                                                                                                      b9c226a60c83280f96ac76c3fcbfcb7547fbacf8

                                                                                                                      SHA256

                                                                                                                      c8cdeeebc42c8dd3140e12b64b94f1606d9960af22b6feaf834f4eadf8e1ea33

                                                                                                                      SHA512

                                                                                                                      79cb317cad7739b3f23988e3f430f8f9ebb4fb42a1fbb3c8672a835fd343c5588e6f912c2831909a1bf0729ddb2c820deed51d7dca050c303975230664570b48

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

                                                                                                                      Filesize

                                                                                                                      20KB

                                                                                                                      MD5

                                                                                                                      923a543cc619ea568f91b723d9fb1ef0

                                                                                                                      SHA1

                                                                                                                      6f4ade25559645c741d7327c6e16521e43d7e1f9

                                                                                                                      SHA256

                                                                                                                      bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

                                                                                                                      SHA512

                                                                                                                      a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

                                                                                                                      Filesize

                                                                                                                      21KB

                                                                                                                      MD5

                                                                                                                      7d75a9eb3b38b5dd04b8a7ce4f1b87cc

                                                                                                                      SHA1

                                                                                                                      68f598c84936c9720c5ffd6685294f5c94000dff

                                                                                                                      SHA256

                                                                                                                      6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7

                                                                                                                      SHA512

                                                                                                                      cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

                                                                                                                      Filesize

                                                                                                                      21KB

                                                                                                                      MD5

                                                                                                                      3669e98b2ae9734d101d572190d0c90d

                                                                                                                      SHA1

                                                                                                                      5e36898bebc6b11d8e985173fd8b401dc1820852

                                                                                                                      SHA256

                                                                                                                      7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a

                                                                                                                      SHA512

                                                                                                                      0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

                                                                                                                      Filesize

                                                                                                                      20KB

                                                                                                                      MD5

                                                                                                                      c1164ab65ff7e42adb16975e59216b06

                                                                                                                      SHA1

                                                                                                                      ac7204effb50d0b350b1e362778460515f113ecc

                                                                                                                      SHA256

                                                                                                                      d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb

                                                                                                                      SHA512

                                                                                                                      1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

                                                                                                                      Filesize

                                                                                                                      34KB

                                                                                                                      MD5

                                                                                                                      b63bcace3731e74f6c45002db72b2683

                                                                                                                      SHA1

                                                                                                                      99898168473775a18170adad4d313082da090976

                                                                                                                      SHA256

                                                                                                                      ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085

                                                                                                                      SHA512

                                                                                                                      d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

                                                                                                                      Filesize

                                                                                                                      17KB

                                                                                                                      MD5

                                                                                                                      2ba277bbbcc8715291613160a997cebd

                                                                                                                      SHA1

                                                                                                                      e64ee67165bbadd3b8bde989c3e5b1d2540cf09b

                                                                                                                      SHA256

                                                                                                                      00ffe000f78ae3c8c8d5557e3ab0089e29730ed10b2a190bd2b7a569812afd96

                                                                                                                      SHA512

                                                                                                                      c0f7840f181ad991c45ed1be0fcc0d90be100f8bbf36c54418ebe66f46d776652447eb5b7eaffbd2eb07c04455841d8e5d74f404eddf3c22daa34269d842435e

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

                                                                                                                      Filesize

                                                                                                                      16KB

                                                                                                                      MD5

                                                                                                                      d8e56edd91e6a8e254c9df3c3619f493

                                                                                                                      SHA1

                                                                                                                      e5bb299b458c95e5575da0a42ff7b49969b880b4

                                                                                                                      SHA256

                                                                                                                      8b598d7196aef8cb9eacf393e5b2520f5387f125552e1fefb6f373be30f64e97

                                                                                                                      SHA512

                                                                                                                      46d3bb6eeba235ed9e2621cf6bf89c10c78fbbee1bec31d59347532d9d242de4bb533911d0981d3c1af85a1d51226ca694ccbcef178adda1fb71e9634820027b

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

                                                                                                                      Filesize

                                                                                                                      56KB

                                                                                                                      MD5

                                                                                                                      57ae6558fd495a4c05692113c7315b1e

                                                                                                                      SHA1

                                                                                                                      edcf35929545ae68664779e0254b67e720e1a0b3

                                                                                                                      SHA256

                                                                                                                      fc01d1f63650df9b53e5ed7f8ad20f8ca46a194533f72ab431ce862d1f310b63

                                                                                                                      SHA512

                                                                                                                      51fe9f8eee096ecaec21a1b1ccc72ddefa178627cf8809daf12713c70edc075bd1b03f277a505b2357076a278afd11a4f853132d8fbae53361a36438fd8951f4

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

                                                                                                                      Filesize

                                                                                                                      46KB

                                                                                                                      MD5

                                                                                                                      beafc7738da2d4d503d2b7bdb5b5ee9b

                                                                                                                      SHA1

                                                                                                                      a4fd5eb4624236bc1a482d1b2e25b0f65e1cc0e0

                                                                                                                      SHA256

                                                                                                                      bb77e10b27807cbec9a9f7a4aeefaa41d66a4360ed33e55450aaf7a47f0da4b4

                                                                                                                      SHA512

                                                                                                                      a0b7cf6df6e8cc2b11e05099253c07042ac474638cc9e7fb0a6816e70f43e400e356d41bde995dce7ff11da65f75e7dc7a7f8593c6b031a0aa17b7181f51312f

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

                                                                                                                      Filesize

                                                                                                                      46KB

                                                                                                                      MD5

                                                                                                                      621714e5257f6d356c5926b13b8c2018

                                                                                                                      SHA1

                                                                                                                      95fbe9dcf1ae01e969d3178e2efd6df377f5f455

                                                                                                                      SHA256

                                                                                                                      b6c5da3bf2ae9801a3c1c61328d54f9d3889dcea4049851b4ed4a2ff9ba16800

                                                                                                                      SHA512

                                                                                                                      b39ea7c8b6bb14a5a86d121c9afc4e2fc1b46a8f8c8a8ddacfa53996c0c94f39d436479d923bf3da45f04431d93d8b0908c50d586181326f68e7675c530218ed

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

                                                                                                                      Filesize

                                                                                                                      31KB

                                                                                                                      MD5

                                                                                                                      81ac05c6d01d84d913a56c11909cdc7d

                                                                                                                      SHA1

                                                                                                                      55f6bd5429c5a35ed53caae2cd50d856edcb7883

                                                                                                                      SHA256

                                                                                                                      b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5

                                                                                                                      SHA512

                                                                                                                      0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

                                                                                                                      Filesize

                                                                                                                      30KB

                                                                                                                      MD5

                                                                                                                      aaba5e872ba07d60f556b78df854279e

                                                                                                                      SHA1

                                                                                                                      93d1494959f4027195f527db143e5aa89d60925b

                                                                                                                      SHA256

                                                                                                                      0d950d310c06f5df42df4c095f087e9e04f1df621baed053ad73b6c526cdb75c

                                                                                                                      SHA512

                                                                                                                      fb9f3fe53d97caf3624a5cfc952daa6fc486e153f9fb33a3456c7f86c655214b520432d150286dbe383bb30fee251f1f63e89e6bb5b45618a541ec03f8a94346

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

                                                                                                                      Filesize

                                                                                                                      32KB

                                                                                                                      MD5

                                                                                                                      bbac7bb99faedea9a0cb17dfcad195af

                                                                                                                      SHA1

                                                                                                                      409312e9c3a5eaa03f2c8227a3693e8a6dc850ff

                                                                                                                      SHA256

                                                                                                                      b286f84ee8d1ad423d6c6d681d44ec338a542abff016773fd133db9eecbcb3a3

                                                                                                                      SHA512

                                                                                                                      727cc47adb0225730fa4dc9b2a791fc9b88660082bc9ab4e2bb65633a666772a75bac12cede3feab5609fcbb3c4807fad4a3b499d5633ab273e625b3650e2e5e

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      d94b57bb61e6f3d91185fedd3b0068bf

                                                                                                                      SHA1

                                                                                                                      940693a701e30922dc3eed564a5950c149f14776

                                                                                                                      SHA256

                                                                                                                      25171bcf82448e8aea88c6518680f1368439cc110e3bede5072023885f0a23d5

                                                                                                                      SHA512

                                                                                                                      df6e16aac283c21b310b3777e81bd7724bce5cc2d1b736e13309d959ccf36c951ac404f3db9a84ee67d7019fe9001b2487962c174503d71982c0d9059be11c93

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      d0ca0dbd3ada64a7ac8d74257d42675d

                                                                                                                      SHA1

                                                                                                                      d6191f34a82141ed7a5761a09fdbdce6820d3c40

                                                                                                                      SHA256

                                                                                                                      209e6dcfc80a961fdca9096723aaa1bf5ab332f4c5755506af2b9aab069d4476

                                                                                                                      SHA512

                                                                                                                      08e6613c56deb169f7ea1c6308b086d0f16cb683edec491179f38aff2c9fe84f3dbee0a643882001623ef2c3b5b1f5a988d994c24da1fb3b8025e48cbd0de032

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                                                      Filesize

                                                                                                                      3KB

                                                                                                                      MD5

                                                                                                                      5c0ad5938519dcb94473922aa2a503b5

                                                                                                                      SHA1

                                                                                                                      ededce6c09bca8b82d663d40247ba91fcf68c164

                                                                                                                      SHA256

                                                                                                                      83dd2d8d5621ac870a4cd1477e2d7d5871a5c7157ce3e5c309d8e21dcc077fea

                                                                                                                      SHA512

                                                                                                                      d90993041235f59f3f5fcec3a50166e5a40b28d4475eba4f18968004c468d4992c2fa9513eacd287a62269fdee1455491249f292c202fcb49cdada01287f9fc0

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      874B

                                                                                                                      MD5

                                                                                                                      de583aefd4417025f6a703b385b04bf3

                                                                                                                      SHA1

                                                                                                                      baf1ba22aed9bcdfdebcf785eadafb26e2b5ae5f

                                                                                                                      SHA256

                                                                                                                      09e0c4d0a2002779e430c74533c0c8b83785c2fa1109030072d843f4dd203966

                                                                                                                      SHA512

                                                                                                                      d8b2e3de1e72dca4a6f7e6fcd0b45b1f3f16a9db0204ed9ed5d203d386c1d904549fb05ce4ce19e3389a7e85288e0d6ded8d38f82deae5b42a5de715694d21b4

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      707B

                                                                                                                      MD5

                                                                                                                      ebf38d6daa729d69dbb86988ee247d05

                                                                                                                      SHA1

                                                                                                                      382d7d1ed347061ad0b455225c82f11f57b3d006

                                                                                                                      SHA256

                                                                                                                      1e8f367b47d47ff98e161b8c6ecb70299267e5e679af5b73a248ae5604635956

                                                                                                                      SHA512

                                                                                                                      42c5c16fa93625b6307911d9b31762c785b9b5f5f350302b2058baac21a0844cc23e9b4406334e2499a68e6d2a51e7afcc2a430392700b2b7486c4720cbfbd0e

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      874B

                                                                                                                      MD5

                                                                                                                      c6a72e550a3762f737e6e1d1f7fefc7b

                                                                                                                      SHA1

                                                                                                                      9683c33b83cd74300be04bed3da071905c3b1fea

                                                                                                                      SHA256

                                                                                                                      1ae916f6432986731ac7a7e70950974e2f9ce7255f910d45e0cd554ae7346222

                                                                                                                      SHA512

                                                                                                                      f90a4528d5da51f834778d9365036d62219d7f9cdf368b95e8455535389bd16386036ba04bf3b04455d31587f1ac30ca4b0b811decc09bba84a1b038cfab7337

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      872B

                                                                                                                      MD5

                                                                                                                      a43a7b1531bbf2b16011f5595e75f39d

                                                                                                                      SHA1

                                                                                                                      366330a5b8c73bd2b5591980af951baef37a811f

                                                                                                                      SHA256

                                                                                                                      1845e5630538a73247048caa0374c4c3cfd95a13e615b26a4aba2a6637f260eb

                                                                                                                      SHA512

                                                                                                                      5ae8561a77e6b022a6ae57b1780aacbb5abf07a4093904ed9d1124b387bdca74568fef7957e3da8aa7469cac86c7c875763e930529a1f2118f4f84562013ec3f

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      870B

                                                                                                                      MD5

                                                                                                                      27028f7ce82e375e5c14a8b6851583b9

                                                                                                                      SHA1

                                                                                                                      d4111bb668536a6431a82c83441f092fd05cb631

                                                                                                                      SHA256

                                                                                                                      eebd88b9c676e6ea82c895f91816cab44be85f090190b3109ddf7c569c731008

                                                                                                                      SHA512

                                                                                                                      4b61ea47e8fb727477818bd27c7512340bb247e54e647460538f0a0e0dfa2512604312d382610afd3eeae1c5ba89b94db16e3917736b342678499375331dd97e

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\MANIFEST-000001

                                                                                                                      Filesize

                                                                                                                      41B

                                                                                                                      MD5

                                                                                                                      5af87dfd673ba2115e2fcf5cfdb727ab

                                                                                                                      SHA1

                                                                                                                      d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                                                                      SHA256

                                                                                                                      f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                                                                      SHA512

                                                                                                                      de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      7KB

                                                                                                                      MD5

                                                                                                                      3af0290fe76b90ec45dc7fa6630736f6

                                                                                                                      SHA1

                                                                                                                      1737d45d4accd162e85e44eab2cd986d38fa31a4

                                                                                                                      SHA256

                                                                                                                      28a48568bb1ad1e8fee5db625dece1c06ed064497f37c88b640c41532ac2b678

                                                                                                                      SHA512

                                                                                                                      3dac6cce520e3c3d1e691c95669d2bada616eeb8283383f1b2c1a0296f18367bf3e8e17bf3a4e269f87a05469a09b321efad4e5cbd5fc81b90e52d61b6f457a2

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      7KB

                                                                                                                      MD5

                                                                                                                      846ab642783b32e3a4ccf277b96d1042

                                                                                                                      SHA1

                                                                                                                      39babf0e228ca2adaea8f9546235a511a1540554

                                                                                                                      SHA256

                                                                                                                      b4c42f91853c865bcdfa5e286047b16ac7497af181c8eadbf345eb1a24fcd6aa

                                                                                                                      SHA512

                                                                                                                      5efb0a090face6063101c36ace492b706ab33862de3fd4d0ca02b8d8c1f28f543c33ea1334ca199bd4b7aecb4cd788e70b5c919f40d59641bbc2b426d8a25c47

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                      Filesize

                                                                                                                      176B

                                                                                                                      MD5

                                                                                                                      d7e74c5f4fbc8dd14e5dbd0b2c33ddb8

                                                                                                                      SHA1

                                                                                                                      0504385c971afc6a776e4317db549c73b8953525

                                                                                                                      SHA256

                                                                                                                      458b329f16c9b0cc30f4efa247ff5a8cf6e04339294285ae155c531cc962d279

                                                                                                                      SHA512

                                                                                                                      bbe1097b721ba0c71394ab0784f7d01e7434d01c73ac7d5583d721ad75eb2b6522ba367fee01b91c82d7d45674204f079727eb4366e459068984c11488783eea

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                      Filesize

                                                                                                                      112B

                                                                                                                      MD5

                                                                                                                      44633b1ee3b5e0b791a9ec4caf298857

                                                                                                                      SHA1

                                                                                                                      8e055148c7c281b0d2bc4b45d0f224e92fdcb9cc

                                                                                                                      SHA256

                                                                                                                      cc77751a7c42ecc60591384ee2b2f6c64e627cb46b77ad33311302c383595eee

                                                                                                                      SHA512

                                                                                                                      ffb5a99e63e1e7d6259c5bf7bb90e0d89bf73a09d4084634d548b5d4a09ff087dcb006d6fd0649888a83099cd1b68ebdd2a0bef726ab663b40d6682fd084ce2c

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe587af7.TMP

                                                                                                                      Filesize

                                                                                                                      119B

                                                                                                                      MD5

                                                                                                                      ccc0fdca90a4e2e4d0f7a666ce356c15

                                                                                                                      SHA1

                                                                                                                      38d36c9a800fa50e54bc4db59fdba6bb66ecbf39

                                                                                                                      SHA256

                                                                                                                      c35f42e63f2673a8aabd0ece26bd48d6f282fcfef628e65574b9e9f94391ab49

                                                                                                                      SHA512

                                                                                                                      0c2eac463d372f51252115920d2e4e04872da691a1ac51fa868cd2a86e160e5881592318866a978c1933fb61e91ea664fbe0ea04f59c94c07c542d007f18bc29

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                                                                                                      Filesize

                                                                                                                      72B

                                                                                                                      MD5

                                                                                                                      0202989aa429f6c1c09ae4a343f2e4dc

                                                                                                                      SHA1

                                                                                                                      f9f0693cd5c1082e521f8bce2dd364e91dc821c1

                                                                                                                      SHA256

                                                                                                                      867544b67fee2743690e2e02aad5871ac50a5c80051541ffd53df94473af8c56

                                                                                                                      SHA512

                                                                                                                      44a4932af31b568eb4581a42b8989ad2bbc1a8c63fe0ced57cdeedb856db1e447cc8b098210ca0dc9be58576a9c655734c63466765a90a2fd8606f02f86fa89f

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5943e5.TMP

                                                                                                                      Filesize

                                                                                                                      48B

                                                                                                                      MD5

                                                                                                                      87460e63003843551ef24cf50fdef6b3

                                                                                                                      SHA1

                                                                                                                      7df140dac4b7b5c14db5bca47a738006f3e30128

                                                                                                                      SHA256

                                                                                                                      31c9f0776d7108ec7c521d035508ec9d906fc8ae4b94a07294d39fffa968e00f

                                                                                                                      SHA512

                                                                                                                      f995cab11f3c1f338eda04b18f49447dcdcdc92afc5be0b6d11e582b6574a8fe0c4a5badd5b33b2b7572c4a70b538410ee1aa8a6a3d04f9f4cbd9d4601ca5280

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2248_1137425479\Shortcuts Menu Icons\Monochrome\0\512.png

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      12a429f9782bcff446dc1089b68d44ee

                                                                                                                      SHA1

                                                                                                                      e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

                                                                                                                      SHA256

                                                                                                                      e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

                                                                                                                      SHA512

                                                                                                                      1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2248_1137425479\Shortcuts Menu Icons\Monochrome\1\512.png

                                                                                                                      Filesize

                                                                                                                      10KB

                                                                                                                      MD5

                                                                                                                      7f57c509f12aaae2c269646db7fde6e8

                                                                                                                      SHA1

                                                                                                                      969d8c0e3d9140f843f36ccf2974b112ad7afc07

                                                                                                                      SHA256

                                                                                                                      1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

                                                                                                                      SHA512

                                                                                                                      3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2248_1892693345\Icons Monochrome\16.png

                                                                                                                      Filesize

                                                                                                                      216B

                                                                                                                      MD5

                                                                                                                      a4fd4f5953721f7f3a5b4bfd58922efe

                                                                                                                      SHA1

                                                                                                                      f3abed41d764efbd26bacf84c42bd8098a14c5cb

                                                                                                                      SHA256

                                                                                                                      c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3

                                                                                                                      SHA512

                                                                                                                      7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      114KB

                                                                                                                      MD5

                                                                                                                      fc8d5b7081b978c0e79f0c5feafb23d8

                                                                                                                      SHA1

                                                                                                                      5fce2a6d1ce16ccd0b5d25c51b930bd611c48f8c

                                                                                                                      SHA256

                                                                                                                      0f76bb11913b77998db2e1f44ed75a7a283df201dc732a718605d296c6f4c2de

                                                                                                                      SHA512

                                                                                                                      d5fd838d9239bf2658c870252017302cab99d197eab1589d3c27f11848a89ddfea5ece6a612cbce33d940b84346bc25e0177f4c3f74197f7d92c3ec4d9312bca

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      233KB

                                                                                                                      MD5

                                                                                                                      b8bc66210dd3eed3137442586dc1262c

                                                                                                                      SHA1

                                                                                                                      ad4116fa54810e9d303185d1e2313daa8177cfd4

                                                                                                                      SHA256

                                                                                                                      a091fc519c639b23575301623aefff48b1798ae5221e5e9d6f403e54545a176b

                                                                                                                      SHA512

                                                                                                                      b2c8cc0e80daadb5ddd424493bbb8a639c1eaf2ff2ba6722b8db7dcddd5fbdc1c58dafa9202b3db61b5c8013a3ea30df7c2f9fa6fac9e5499934560ad86c0db4

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      114KB

                                                                                                                      MD5

                                                                                                                      c3fb82681502b542544731f08b62950e

                                                                                                                      SHA1

                                                                                                                      57fb76d445d5a5bcec271b893eace3b96e280e3d

                                                                                                                      SHA256

                                                                                                                      1a230125cac3a7d9fa1667a7d410bd60a0aa42b4352854246426fc6a48ec2f75

                                                                                                                      SHA512

                                                                                                                      d814c5081ecac9369a75d7d473244b69b38c491e2efc83280b1b60e4e0a1b794b8ed3ab09808d1f8c69538d747fa9fba283daf7eb8df47cc446951ac35e7edc3

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                                                      Filesize

                                                                                                                      85B

                                                                                                                      MD5

                                                                                                                      8549c255650427d618ef18b14dfd2b56

                                                                                                                      SHA1

                                                                                                                      8272585186777b344db3960df62b00f570d247f6

                                                                                                                      SHA256

                                                                                                                      40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13

                                                                                                                      SHA512

                                                                                                                      e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                                                      Filesize

                                                                                                                      86B

                                                                                                                      MD5

                                                                                                                      f732dbed9289177d15e236d0f8f2ddd3

                                                                                                                      SHA1

                                                                                                                      53f822af51b014bc3d4b575865d9c3ef0e4debde

                                                                                                                      SHA256

                                                                                                                      2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93

                                                                                                                      SHA512

                                                                                                                      b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                                                      Filesize

                                                                                                                      86B

                                                                                                                      MD5

                                                                                                                      16b7586b9eba5296ea04b791fc3d675e

                                                                                                                      SHA1

                                                                                                                      8890767dd7eb4d1beab829324ba8b9599051f0b0

                                                                                                                      SHA256

                                                                                                                      474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680

                                                                                                                      SHA512

                                                                                                                      58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\77b24798-0bdf-4100-a249-2eba64ef7073.tmp

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      6b3c9715ca183737014793a5b74980f1

                                                                                                                      SHA1

                                                                                                                      40e64bf527c8f467ecd21e8fed8aec21396326f6

                                                                                                                      SHA256

                                                                                                                      6694d0a368981adb95c3f8984a95b2dbf41f9e45e0cdd41efa434fee0b968dc9

                                                                                                                      SHA512

                                                                                                                      593c63b2bf50dfe25d315c8657214e96eb49b30948c2d641efb172c092a7529cea2d4107a874908cfbf723f19d1cc429efb9b16393be80e2ec7de814f64644c6

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                      Filesize

                                                                                                                      152B

                                                                                                                      MD5

                                                                                                                      b120b8eb29ba345cb6b9dc955049a7fc

                                                                                                                      SHA1

                                                                                                                      aa73c79bff8f6826fe88f535b9f572dcfa8d62b1

                                                                                                                      SHA256

                                                                                                                      2eecf596d7c3d76183fc34c506e16da3575edfa398da67fa5d26c2dc4e6bcded

                                                                                                                      SHA512

                                                                                                                      c094f0fae696135d98934144d691cee8a4f76c987da6b5abdb2d6b14e0fc2cfcf9142c67c6a76fb09c889db34e608d58f510c844c0e16d753aea0249cfc14bbe

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                      Filesize

                                                                                                                      152B

                                                                                                                      MD5

                                                                                                                      d5564ccbd62bac229941d2812fc4bfba

                                                                                                                      SHA1

                                                                                                                      0483f8496225a0f2ca0d2151fab40e8f4f61ab6d

                                                                                                                      SHA256

                                                                                                                      d259ff04090cbde3b87a54554d6e2b8a33ba81e9483acbbe3e6bad15cbde4921

                                                                                                                      SHA512

                                                                                                                      300cda7933e8af577bdc1b20e6d4279d1e418cdb0571c928b1568bfea3c231ba632ccb67313ae73ddeae5586d85db95caffaedd23e973d437f8496a8c5a15025

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

                                                                                                                      Filesize

                                                                                                                      202KB

                                                                                                                      MD5

                                                                                                                      13b557fac5b38edafe500b6f38d8d381

                                                                                                                      SHA1

                                                                                                                      24e2fa42c9d2727a15667bd87b2121ea1a7e14d5

                                                                                                                      SHA256

                                                                                                                      08ac1a7327a1db87776aace18bef3ff1c3053fec213e0142b8bbf5fe7e8b1634

                                                                                                                      SHA512

                                                                                                                      e8c998e68030d70f3a54ebc24072cf9a14db9a8357f61820164be6c65a4d4aacadf81424dad586082844e5b29ecda792f4c51a552ebf7741c6f62f8ad615b87d

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

                                                                                                                      Filesize

                                                                                                                      22KB

                                                                                                                      MD5

                                                                                                                      7a204d478c8dfe822bf86f9103bbd9b3

                                                                                                                      SHA1

                                                                                                                      7114b36ea1588d9372d730b2ee5dec7a3aee36d1

                                                                                                                      SHA256

                                                                                                                      d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb

                                                                                                                      SHA512

                                                                                                                      f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

                                                                                                                      Filesize

                                                                                                                      1.5MB

                                                                                                                      MD5

                                                                                                                      b1375326603fe65cd42df7fed7ce5c45

                                                                                                                      SHA1

                                                                                                                      a7fc9a7c979e62a0bed17ae5e8da74738d3e25ba

                                                                                                                      SHA256

                                                                                                                      c9088547ff6883a0646b7ca0c27b0696524be01431ce0059c4ebe765d48dae06

                                                                                                                      SHA512

                                                                                                                      1a381b6193bd8380bdb81934bb0b5f75a514c5fb878ab70dd1f7ff5c5be397298d0ca4cbe1c65ca245074ee2052322f89487807b9f73f780851f3a074f74ced3

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

                                                                                                                      Filesize

                                                                                                                      34KB

                                                                                                                      MD5

                                                                                                                      d1a0d8504b6a46215e2a4cf521ddb7b5

                                                                                                                      SHA1

                                                                                                                      3d6e16808a1e17ccdaca99f37ed30468391c62e0

                                                                                                                      SHA256

                                                                                                                      cb357178d5e09917800b0669d958b5517c4f8b322c01f2adeca3ea7fa4e707c1

                                                                                                                      SHA512

                                                                                                                      2ee68d71b04a78e1bc353f66daaeac1ab9f2e1119d7b6974571f8ef1a7a20fc1ea3903f3d90f3feffe7d820339abed4a26cabb230ddba3baa415309daad2d570

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

                                                                                                                      Filesize

                                                                                                                      16KB

                                                                                                                      MD5

                                                                                                                      9978db669e49523b7adb3af80d561b1b

                                                                                                                      SHA1

                                                                                                                      7eb15d01e2afd057188741fad9ea1719bccc01ea

                                                                                                                      SHA256

                                                                                                                      4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c

                                                                                                                      SHA512

                                                                                                                      04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

                                                                                                                      Filesize

                                                                                                                      49KB

                                                                                                                      MD5

                                                                                                                      55abcc758ea44e30cc6bf29a8e961169

                                                                                                                      SHA1

                                                                                                                      3b3717aeebb58d07f553c1813635eadb11fda264

                                                                                                                      SHA256

                                                                                                                      dada70d2614b10f6666b149d2864fdcf8f944bf748dcf79b2fe6dad73e4ef7b6

                                                                                                                      SHA512

                                                                                                                      12e2405f5412c427bee4edd9543f4ea40502eaace30b24fe1ae629895b787ea5a959903a2e32abe341cd8136033a61b802b57fe862efba5f5a1b167176dd2454

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

                                                                                                                      Filesize

                                                                                                                      37KB

                                                                                                                      MD5

                                                                                                                      01ef159c14690afd71c42942a75d5b2d

                                                                                                                      SHA1

                                                                                                                      a38b58196f3e8c111065deb17420a06b8ff8e70f

                                                                                                                      SHA256

                                                                                                                      118d6f295fd05bc547835ba1c4360250e97677c0419c03928fd611f4f3e3104b

                                                                                                                      SHA512

                                                                                                                      12292194bb089f50bb73507d4324ea691cc853a6e7b8d637c231fadb4f465246b97fd3684162467989b1c3c46eabb3595adb0350c6cf41921213620d0cff455b

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

                                                                                                                      Filesize

                                                                                                                      46KB

                                                                                                                      MD5

                                                                                                                      3ba7e6919bc260bb6ab523197f2be3e1

                                                                                                                      SHA1

                                                                                                                      ce2d7fe3aa42d99d733266d023f6aef3766e7785

                                                                                                                      SHA256

                                                                                                                      1032fd6f298c16aaae3f1ae2059591f2f5d40e839de4f22a5bb6d41c38a39818

                                                                                                                      SHA512

                                                                                                                      2806c96ff57678813e20abc51ffbcb8ebe8986b3775df5d42812be6b50c905840503486d1b963d1fcc6c3de572da4bf9ee175b802032753785d3de69fb0768fc

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

                                                                                                                      Filesize

                                                                                                                      771KB

                                                                                                                      MD5

                                                                                                                      3b2df667a176193cba046f74787e731d

                                                                                                                      SHA1

                                                                                                                      0525109b7a249a66df8c8eb7d24b49852cd076cc

                                                                                                                      SHA256

                                                                                                                      f38e1d77aa0173d1c110ebbc24f55704f74d28b33c70302f1170c1f4213f611e

                                                                                                                      SHA512

                                                                                                                      f6a90da9852126be776f2b7b488e04d8ff3cc6e0f4b222e1d9fb7aa2c938d586d4c88150dae1fecc24606c5a80270eb7c70ca4286a0efd2c2478aa2701056ebf

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      627991b062b3afb5b1705383e5d620a0

                                                                                                                      SHA1

                                                                                                                      20662c2d71a4ccdf4b42021dda497feaadbf6efd

                                                                                                                      SHA256

                                                                                                                      a309eac49aa3aca8e19043ef0c0ae8e33435e99d95f081c3f4ec597222d6b2cc

                                                                                                                      SHA512

                                                                                                                      494915f052e0e4d7fabc52c801df80f27f7d96be6d5a5c07815124789a2bd82fc63b1f4c1c772e47a64d49f6b3cfbcf3e326c5b4e568cab8fb166bc8e69792f0

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      4eaf3d0dc2a91f86abcbb89e4cc68d24

                                                                                                                      SHA1

                                                                                                                      7a4ca32c101d5c5d4d6ec7f9d01c32fd442acc54

                                                                                                                      SHA256

                                                                                                                      203716d77465724e2c618716702bee4d5f6491851649500e645f02a401401ee8

                                                                                                                      SHA512

                                                                                                                      ea4bb5fbf6f2a137dcebdf65f585335f7b7e2266e77716461be6b8326e78ba71e804d32913fb92def89529535b6a9d29aeaa0f9bb17dfb1679f575d2ebbefbe7

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

                                                                                                                      Filesize

                                                                                                                      16B

                                                                                                                      MD5

                                                                                                                      46295cac801e5d4857d09837238a6394

                                                                                                                      SHA1

                                                                                                                      44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                                                      SHA256

                                                                                                                      0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                                                      SHA512

                                                                                                                      8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      5356ae58c5bbfe4d0a755789c32b81e1

                                                                                                                      SHA1

                                                                                                                      f75e7b51d4f9a9db701391d68f113b7e07e1ca47

                                                                                                                      SHA256

                                                                                                                      7d2651d3f5116fbb7d0486768b69bd479718b9c6b7c62970899f648ed6473917

                                                                                                                      SHA512

                                                                                                                      cd14116a3efd35e7dedc33cb2c99be97f6e7f5ff387eeb98a5ea8da923bac4cd82442c1b1636f40414814cb51c8e3a7af6e9ae9eee3bc9952709f1384f4c35b9

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                                      Filesize

                                                                                                                      111B

                                                                                                                      MD5

                                                                                                                      285252a2f6327d41eab203dc2f402c67

                                                                                                                      SHA1

                                                                                                                      acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                                                                                                      SHA256

                                                                                                                      5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                                                                                                      SHA512

                                                                                                                      11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      75a53e4d49710e7cffd90b9b10b78f61

                                                                                                                      SHA1

                                                                                                                      7e4f0f004ae8030b6a836e2dee1b8841833516d0

                                                                                                                      SHA256

                                                                                                                      646f92cef63f1fc4441c1801b691daf3b826eece005fb364cc20dc04e1c31751

                                                                                                                      SHA512

                                                                                                                      b29bb80d9217afd2b32e13c7eeb629021d2acec392870cba7d5588ceb8c906bd983ffe3284cb5a418b76301b8317bfccb4ac879d5b43acfe50b5af9bf3260ab1

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      5KB

                                                                                                                      MD5

                                                                                                                      4144475431473d9b1df255fb2e1fa003

                                                                                                                      SHA1

                                                                                                                      be3d85cfc19016d931556cd68a99269f92396740

                                                                                                                      SHA256

                                                                                                                      149559ac1d4f93f6c3f33aab9001208ff8da7174a54c8f926ecbd0c0ac47eb79

                                                                                                                      SHA512

                                                                                                                      cc2b5d07f8fe0a6d567b9e725e0b26296192957bba5581059acad7867fbdcc02b0ab90b088a59b43a29982e0a135fcf3d635f7aec3029d2f45448e72fd8431d0

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      7KB

                                                                                                                      MD5

                                                                                                                      a8465bdaecd18e6563605e1914aad941

                                                                                                                      SHA1

                                                                                                                      48ba094a03899aac4e9b03a4565444c64156933c

                                                                                                                      SHA256

                                                                                                                      2ec1abd55ba32b2fbdba53c1b75ab963c689f34f54c83b3aa4ac329249a99717

                                                                                                                      SHA512

                                                                                                                      150709faa8478253b0866ea7c351e30424b629a1c381e9916a449acb7d3588906f04f82f644a03b622d4c30fc0b6c662f65354bed107069402bb9d533e8e9eec

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      6KB

                                                                                                                      MD5

                                                                                                                      fccebe4d441014fd8caee12894151699

                                                                                                                      SHA1

                                                                                                                      417983ea71df6efbf23860c7b943bed7a46c60a5

                                                                                                                      SHA256

                                                                                                                      55e93a4467fdad5a3c6df8ed0ebf96032baeb776911e36eeed59f716683871f6

                                                                                                                      SHA512

                                                                                                                      ea0de75ad5fa7c53a33aaea10d12744ef07c1d7c45ea9ce95a6d1108f44830376d62ac30133e1b5bd24bcfd4347060108a75c815a885ec0fce2e89ac5a32ac0d

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      7KB

                                                                                                                      MD5

                                                                                                                      ebd0436f53a15a6f1f25e998254b8476

                                                                                                                      SHA1

                                                                                                                      eda98f36cb6108fee186ebf3f5e190f95b3e927e

                                                                                                                      SHA256

                                                                                                                      6092e011edbf20972a83301e16be15daec24ccd2b7e3978ea37b4b98dc4f9d63

                                                                                                                      SHA512

                                                                                                                      fa643ce7e45a81c7c672a817de11f8824b8d8061fec64e20056085e37f3124eba98e53e2a2e27240bd707a4c15de810259c727901d2fe0233f4fd03a536021d1

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

                                                                                                                      Filesize

                                                                                                                      24KB

                                                                                                                      MD5

                                                                                                                      1d1c7c7f0b54eb8ba4177f9e91af9dce

                                                                                                                      SHA1

                                                                                                                      2b0f0ceb9a374fec8258679c2a039fbce4aff396

                                                                                                                      SHA256

                                                                                                                      555c13933eae4e0b0e992713ed8118e2980442f89fbdfb06d3914b607edbbb18

                                                                                                                      SHA512

                                                                                                                      4c8930fe2c805c54c0076408aba3fbfb08c24566fba9f6a409b5b1308d39c7b26c96717d43223632f1f71d2e9e68a01b43a60031be8f1ca7a541fe0f56f4d9f2

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                      Filesize

                                                                                                                      89B

                                                                                                                      MD5

                                                                                                                      3ef19010d057f0c1eb897d78b6c7182c

                                                                                                                      SHA1

                                                                                                                      44f55ef87f562c4e4d7f4c26a286953f8e48b0e8

                                                                                                                      SHA256

                                                                                                                      66d404484d5fddd5ffbbb67a97587dd67e4c0d78b0693e632f0fb6a6cde8bcae

                                                                                                                      SHA512

                                                                                                                      e6ae8505e3cd8dad5f09563846b9475144b763fafd716b2e53110874536c7f185cefd965d913346cca7b3125f44a2eec685fa7cad7ff7462b51f00432be5fa97

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                      Filesize

                                                                                                                      146B

                                                                                                                      MD5

                                                                                                                      703f483531b8111217337e3f539cc91d

                                                                                                                      SHA1

                                                                                                                      5af2c38cd7da58aad63f1ca2a21c562be3344830

                                                                                                                      SHA256

                                                                                                                      b24ad43b11de69ea49f2f9deda9a878ba84abddf26749f4eb3c966f4280aa6f9

                                                                                                                      SHA512

                                                                                                                      c858ad16b77ae4dfb18cfe1a74317e167b5639d8a4794a65c1d02b3e2ef8d27e3dd33225e5692091442ca9fd9c8705dbb31c4b21b5c0803f6f2f0f13fa7fb340

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                      Filesize

                                                                                                                      146B

                                                                                                                      MD5

                                                                                                                      0dd0c3b5d9bf04b539b96a5ae5047e81

                                                                                                                      SHA1

                                                                                                                      2086eb51edb11bd79b1ae115c87eb518fa41a923

                                                                                                                      SHA256

                                                                                                                      9f53d6b33a19d12e78d886cc5e8d67a6d94285c6935770ac944fb50f936da430

                                                                                                                      SHA512

                                                                                                                      c6098ade3ec5f077f1455223872a5afdc485ce6db42d6539b896d6ce71e740e854a5b8394023168eb657634d022eb037aaaf63d05f8f1e5f95405ab28f8f5427

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                      Filesize

                                                                                                                      82B

                                                                                                                      MD5

                                                                                                                      3b01fe2ff37c1112480c745ca53fd92b

                                                                                                                      SHA1

                                                                                                                      0d45afe225f5f099ea3e82982023103ca56d31a7

                                                                                                                      SHA256

                                                                                                                      b5c97973af9619ac501b6a59e9e04e3ce664b34ddbfc7333caf687009760b6d9

                                                                                                                      SHA512

                                                                                                                      c5894a9b6261f087aef0b985de1f82d1c26590873cc14e43b11a144ef3666c049c744d7e901d3f0506a833d7e27ed031a495a10f561b396d06b96bef9a8df21a

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index

                                                                                                                      Filesize

                                                                                                                      24B

                                                                                                                      MD5

                                                                                                                      54cb446f628b2ea4a5bce5769910512e

                                                                                                                      SHA1

                                                                                                                      c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

                                                                                                                      SHA256

                                                                                                                      fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

                                                                                                                      SHA512

                                                                                                                      8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                                                                                                      Filesize

                                                                                                                      72B

                                                                                                                      MD5

                                                                                                                      d20ec4d856c02814527c007d8e385d14

                                                                                                                      SHA1

                                                                                                                      85db26f03bf518846a7cf58ede386792b9ab8e1e

                                                                                                                      SHA256

                                                                                                                      c12e195f707f41b1ddd2772e43eb2e8e53566881b776118cdf69af3824dd1de9

                                                                                                                      SHA512

                                                                                                                      37ebca694fcadd5fd3623c3f852d78f214134796f4599b32ab6ac7cabf6abe47288341bc7bb7b123109dd2e6c9328b9c7645d4df4c1daadb457c44048cecc051

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58bddc.TMP

                                                                                                                      Filesize

                                                                                                                      48B

                                                                                                                      MD5

                                                                                                                      40c2bf1c706acf4c8e70376efae59890

                                                                                                                      SHA1

                                                                                                                      6f5db8f3cd2f3b5fc7c0a592be1e78d9dcdf6a15

                                                                                                                      SHA256

                                                                                                                      34006d27bb068c9d5d653f8ffd8fdacf034b85c438c3cbfa6f6a4f9e8656342f

                                                                                                                      SHA512

                                                                                                                      eecd53a46cfcd4e2a0ec5499b6c9d0ac932e1444cf0d62f7d4d82d8f30bae15ffa90be2f6bb0c5b32079f618519fd58e8c45bced09c0c6f0a562f97a3e2194b6

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      4949d770f4017d37f583e38d4ef1cb23

                                                                                                                      SHA1

                                                                                                                      81a0bc13052b4d96ebf676c0ec7a9de50f9f6cec

                                                                                                                      SHA256

                                                                                                                      ad91bf16699b2c585c92ffb29829d04318c295393bd76e004d0e0fb293daf9d5

                                                                                                                      SHA512

                                                                                                                      2db8fa43ff1704d3f30c163508e07f4303e799c7812281486b844aec8fb7289d2a6d312937e1d7f0b6d0edc694fc603bc752ff5c53228656e690c27e3cbf9e61

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      01df06b692c0403c60bc416de2c03f9e

                                                                                                                      SHA1

                                                                                                                      7bccdd36cccd51a5328ffde5d9a54c0943d88e43

                                                                                                                      SHA256

                                                                                                                      b9399a0b7eda2e78cd17ab66be2065523b7f021cd3fa18fef99db1ba8409ba25

                                                                                                                      SHA512

                                                                                                                      6ccabd9d542653015fadec092829cadd6f3037c7478d35910fe7f653e3a8eb61131dfb42c209fa92664367d0c884b0597d71dcfeed72ae536f633a357e295350

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      dc1538173f61de29e9b722d970ec4d7d

                                                                                                                      SHA1

                                                                                                                      43f4b275195cb428e3333e24404ba0001b8ac938

                                                                                                                      SHA256

                                                                                                                      e9edd59c0f55ef54ff8dd0e524d64edc9ed882d6eb636028bc52d2b7e1072bba

                                                                                                                      SHA512

                                                                                                                      8c0d19463ae16ecab09d8231057699818baea30d1706e738ae78aef23b6d49f85a5fbc7e3ab8718a80ec350546d974d95c9eec7a955ab123a9c9a95c4b8517fb

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      7a68639639980f7b55925792bb2c6784

                                                                                                                      SHA1

                                                                                                                      9fab2cbb8892acd5debc78cab0f919dc4f6ddfe3

                                                                                                                      SHA256

                                                                                                                      de871c075c413c560dd78622689e2ade4276193d2a5c6c6e69c3dbb67168f324

                                                                                                                      SHA512

                                                                                                                      c29922f0bfa0233da01b26ae5e851732dfcd4d969355745affe41014c66c4cd4ae6157984611469e9bdb53df630acc1373962f4afd1ecb38f446cc450697f92e

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      74314eaa120ef7ab484534cbdf541c26

                                                                                                                      SHA1

                                                                                                                      9aa82f5307c59c5a559fde9e384f4ecb8a341343

                                                                                                                      SHA256

                                                                                                                      618f5a8c09c65bfa45c489330b35f303ce32ee1e2d23730695b04c2d8cbd4c56

                                                                                                                      SHA512

                                                                                                                      671752e16e3d2471542c59acb0064009b5b59890fc71835a1b350a575b852566923378ab0a6cc9d09c33de9aa2f127ea3ff26fcb5de15cf68257dfa2361a9036

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581325.TMP

                                                                                                                      Filesize

                                                                                                                      539B

                                                                                                                      MD5

                                                                                                                      8dfd8534c8fa10ac635c0d4f87401626

                                                                                                                      SHA1

                                                                                                                      678758e33360ad50ffed3537bc9bd6295ca320d6

                                                                                                                      SHA256

                                                                                                                      304599c4853f71b9436a9e19271365299ee03f730c9c4b95b34a3d147772ce79

                                                                                                                      SHA512

                                                                                                                      8bc274d69175f47c63532fcdad975c4797568168736f8abf11e86cb8570c9bffbaa469506caa6dc693ed91f9901b1acf9d9f21e04869340558301269840db585

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      91dfd6f503a030a1bf3afcd9a1026677

                                                                                                                      SHA1

                                                                                                                      46df3ddd096fd98caa3736b6c0421c967db5ed6c

                                                                                                                      SHA256

                                                                                                                      f3029561ac647dc4ee4122d079bb5b966f8bd362992dd82186a15782e0af800e

                                                                                                                      SHA512

                                                                                                                      2e41160f3d0d5ae4879ae18367d8494d9459bcd375dc6df25143e3dd2d9e7e10827a29a32f7bbde0ba699ccfded93916777642f8daac0f85948b4665943a78d3

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      e111b7ad582860cd88eaa6723df5abe1

                                                                                                                      SHA1

                                                                                                                      179decde1959db935e91e2f6c6098161cc7bdf6d

                                                                                                                      SHA256

                                                                                                                      c583860a197aa51c266bfc95da05298eb00a01a5b672785ab5cc98c0ebd032a0

                                                                                                                      SHA512

                                                                                                                      dc2dcc5be3a32332a7a08c9fe5b89611befe092e6e7352ccf35752e4fb7808aa18e75020fc6ae707fe3aef6eabfccb9c2d2360408ba78eea43bd1671180198b6

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      8c71ef36d48a6893507395990ffcd569

                                                                                                                      SHA1

                                                                                                                      528de66eb28b8250fb3945f107738fdeec4c1963

                                                                                                                      SHA256

                                                                                                                      c718f40e61a24f2ebb9e8d8aa98d404f1014b9a6f34465af735553e2145a9c05

                                                                                                                      SHA512

                                                                                                                      63b720bda409face728ee85b1a78db7f2495b007899cc1a3a366f6c4fe6a378800ba517fe6c044e13a78cd410d004bbe18b89ca0f21d84313c7e3686a907a731

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      87d001fe57d64bf975ca0f93c4a8ffad

                                                                                                                      SHA1

                                                                                                                      59d864e3604c8da2deed727424c1ba931f83c34d

                                                                                                                      SHA256

                                                                                                                      141f5a686ae67d9e43c12487efb71bcf31cf507d002d206ffc00752f507cc85a

                                                                                                                      SHA512

                                                                                                                      321c959a174c27be78f1dcf467ba5cb251ca4ed82153e6a55289501350792ceb191daf20f936e4eab9972eec1dd9bfa40b36e2da104206809cf024c107f0fe21

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      10KB

                                                                                                                      MD5

                                                                                                                      31aada78006c1aeba1213f5777a019cb

                                                                                                                      SHA1

                                                                                                                      faf01ea60f39904d4d4fba3271740fbe1be562d2

                                                                                                                      SHA256

                                                                                                                      b676be1d81dc4d5f24ae9a6d7ed7964dc4b2257b063235f9412f34bee35b3d38

                                                                                                                      SHA512

                                                                                                                      ad61e9bbf572c78969676302a3bb1846d758e191f6ab9caea7d64d765c25c366534718b24e51c561caa34e9809f4a4981382d8cbd144925c903327858806a760

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      10KB

                                                                                                                      MD5

                                                                                                                      f1c804d653241837dece396ed6ea8d89

                                                                                                                      SHA1

                                                                                                                      7d44aa588873f4de609766a2847509465269898e

                                                                                                                      SHA256

                                                                                                                      3e68e2c743abbd073a569ab22aa67177ff706ca1dc89edd308fa80526b1ef531

                                                                                                                      SHA512

                                                                                                                      f9b43af7d673588483785a330925d7b6177810a8a80879e5e07f30b0ba35fb43bc0d5c9fa570bf4fbf45ed2c3629e2d5578feaa96364168c559f875385c75f76

                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\tmpaddon

                                                                                                                      Filesize

                                                                                                                      442KB

                                                                                                                      MD5

                                                                                                                      85430baed3398695717b0263807cf97c

                                                                                                                      SHA1

                                                                                                                      fffbee923cea216f50fce5d54219a188a5100f41

                                                                                                                      SHA256

                                                                                                                      a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

                                                                                                                      SHA512

                                                                                                                      06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

                                                                                                                      Filesize

                                                                                                                      8.0MB

                                                                                                                      MD5

                                                                                                                      a01c5ecd6108350ae23d2cddf0e77c17

                                                                                                                      SHA1

                                                                                                                      c6ac28a2cd979f1f9a75d56271821d5ff665e2b6

                                                                                                                      SHA256

                                                                                                                      345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42

                                                                                                                      SHA512

                                                                                                                      b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\datareporting\glean\db\data.safe.bin

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      50cf5ea41f68eed4b1a0c29a65aa4872

                                                                                                                      SHA1

                                                                                                                      6feb830cdcabbd3660b82a8f4e420e6b0e172cae

                                                                                                                      SHA256

                                                                                                                      5338203b5e6f5e3bb7d8e27e487197170f9af86493c9b41929875459c70da0d2

                                                                                                                      SHA512

                                                                                                                      31f1841ead2c90022ea7ba6c25fe324b2253dc930c24b68f5c91970dbacb53d1b97e1df1ba9742b46ed6fd72225259461e74650de0e66b3d94265357986f6876

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\datareporting\glean\pending_pings\8bb9fbe5-5ebe-4836-bfd0-c4db878a0e5b

                                                                                                                      Filesize

                                                                                                                      10KB

                                                                                                                      MD5

                                                                                                                      fbadec652b9c4668439285ed6894f473

                                                                                                                      SHA1

                                                                                                                      989aeadcb29a9f6c4257047a287abd18fc931db1

                                                                                                                      SHA256

                                                                                                                      0ce6db8e44ab8a004fd7c066762580584f6d067c49d42d1ff3bd7ffebcb305a3

                                                                                                                      SHA512

                                                                                                                      3e589cebf058d998c9ed2fed1b14447df6d3379b65bfcae627f4eda947abdd413d57a1aacdeaf8fc475bb819250270d79ed6737eb44698b83e5eaa5ecb15e10e

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\datareporting\glean\pending_pings\95757e00-8295-4767-ab6a-306f863ff118

                                                                                                                      Filesize

                                                                                                                      746B

                                                                                                                      MD5

                                                                                                                      e2f0205ca72c3f5086448124fd8fbc62

                                                                                                                      SHA1

                                                                                                                      1a617b5c63b60eb08d7d440a168336b181efcac9

                                                                                                                      SHA256

                                                                                                                      3206437679a9d59edda2eeca813a2eaa9f8b6b2308d08e2c048646ac3c4eec6d

                                                                                                                      SHA512

                                                                                                                      cb229982a97ccd75474711adc9bf94599cd8f2914a841583408cee9003d8b58a6ecbacafa3e2f9a9285974da9c22a7dde746f606cf65c58f1f320e3cb1c9360b

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

                                                                                                                      Filesize

                                                                                                                      997KB

                                                                                                                      MD5

                                                                                                                      fe3355639648c417e8307c6d051e3e37

                                                                                                                      SHA1

                                                                                                                      f54602d4b4778da21bc97c7238fc66aa68c8ee34

                                                                                                                      SHA256

                                                                                                                      1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

                                                                                                                      SHA512

                                                                                                                      8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

                                                                                                                      Filesize

                                                                                                                      116B

                                                                                                                      MD5

                                                                                                                      3d33cdc0b3d281e67dd52e14435dd04f

                                                                                                                      SHA1

                                                                                                                      4db88689282fd4f9e9e6ab95fcbb23df6e6485db

                                                                                                                      SHA256

                                                                                                                      f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

                                                                                                                      SHA512

                                                                                                                      a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

                                                                                                                      Filesize

                                                                                                                      479B

                                                                                                                      MD5

                                                                                                                      49ddb419d96dceb9069018535fb2e2fc

                                                                                                                      SHA1

                                                                                                                      62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

                                                                                                                      SHA256

                                                                                                                      2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

                                                                                                                      SHA512

                                                                                                                      48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

                                                                                                                      Filesize

                                                                                                                      372B

                                                                                                                      MD5

                                                                                                                      8be33af717bb1b67fbd61c3f4b807e9e

                                                                                                                      SHA1

                                                                                                                      7cf17656d174d951957ff36810e874a134dd49e0

                                                                                                                      SHA256

                                                                                                                      e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

                                                                                                                      SHA512

                                                                                                                      6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

                                                                                                                      Filesize

                                                                                                                      11.8MB

                                                                                                                      MD5

                                                                                                                      33bf7b0439480effb9fb212efce87b13

                                                                                                                      SHA1

                                                                                                                      cee50f2745edc6dc291887b6075ca64d716f495a

                                                                                                                      SHA256

                                                                                                                      8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e

                                                                                                                      SHA512

                                                                                                                      d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      688bed3676d2104e7f17ae1cd2c59404

                                                                                                                      SHA1

                                                                                                                      952b2cdf783ac72fcb98338723e9afd38d47ad8e

                                                                                                                      SHA256

                                                                                                                      33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

                                                                                                                      SHA512

                                                                                                                      7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      937326fead5fd401f6cca9118bd9ade9

                                                                                                                      SHA1

                                                                                                                      4526a57d4ae14ed29b37632c72aef3c408189d91

                                                                                                                      SHA256

                                                                                                                      68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

                                                                                                                      SHA512

                                                                                                                      b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\prefs-1.js

                                                                                                                      Filesize

                                                                                                                      6KB

                                                                                                                      MD5

                                                                                                                      215df42506df3db32d44dc89fdf65836

                                                                                                                      SHA1

                                                                                                                      5ba6f4820ab565c029edc07ed313d71d9ff01f9d

                                                                                                                      SHA256

                                                                                                                      a1675bcddf1fae4b22b26c2edfbd588f07076a1d86130cd233806b7a3a7b9bab

                                                                                                                      SHA512

                                                                                                                      ee450575acf6e9bac5053f8d0caf73f08d1fdc16569b9ff28a78a9b8638f0b29926a92833cf92be3cd319162b27ef46ca41ad11fa129e68ceb21cd8b51bf3628

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\prefs-1.js

                                                                                                                      Filesize

                                                                                                                      6KB

                                                                                                                      MD5

                                                                                                                      270e8fe1edcb99672696ba4a917c4f84

                                                                                                                      SHA1

                                                                                                                      f87bb70c933bb8ebe47866f6957fb04fc78cee7b

                                                                                                                      SHA256

                                                                                                                      b9d79f1c9468bfaa06e6eadb72fc221f53f72156dbadd3d543bb9274ab9b33e4

                                                                                                                      SHA512

                                                                                                                      af23fb2b5a0ce90ea90a4ab9b26ca05a4b97bd27de13c63ccd94dc15d896e7f03845e02ea694dff0295e45b52c524910d5b5a2d8bcc984cb34be682783f2d32b

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\sessionstore-backups\recovery.jsonlz4

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      be1ec6fd06ab36ca43543f94918e12b5

                                                                                                                      SHA1

                                                                                                                      f76cd5a00b52d4bde563978cc652999a9823d5fe

                                                                                                                      SHA256

                                                                                                                      268d58b764cfbb848651b5c22358f05046b517e5212c2830e2e2dc93f4841166

                                                                                                                      SHA512

                                                                                                                      89b6826d3c44ef2866fe0c979c68072b9fd18a71cdda4c2fa6ae8164bde569beb4b94828336f547a5a627f400dc3f3658a5bb18d547fffa1c554796c00c63e72

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\sessionstore-backups\recovery.jsonlz4

                                                                                                                      Filesize

                                                                                                                      6KB

                                                                                                                      MD5

                                                                                                                      8af6c8d5bbbd3b871bceac15dab4b2af

                                                                                                                      SHA1

                                                                                                                      3c93a209970001d888a34d1fde438c55bb9503a2

                                                                                                                      SHA256

                                                                                                                      cfce648dca20fdffb296ce7e7ff96d11c355b347cb04dad0715f5dd2af450778

                                                                                                                      SHA512

                                                                                                                      d45fa12de375a770205bff1655f451aaf44a22a6ee8e6f1c8b45f28401e43e849b91813033826c85b92ac9c1061edf8c368e6b5d4e866596dd17f1d9ee478ce3

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\storage\default\https+++www.youtube.com\cache\morgue\126\{62b3d15c-4f31-41b0-ac07-d0edf0f1237e}.final

                                                                                                                      Filesize

                                                                                                                      192B

                                                                                                                      MD5

                                                                                                                      2a252393b98be6348c4ba18003cc3471

                                                                                                                      SHA1

                                                                                                                      40f75302fcbe4a8ac2e33a8d9daf801abc2a9598

                                                                                                                      SHA256

                                                                                                                      04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee

                                                                                                                      SHA512

                                                                                                                      07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\storage\default\https+++www.youtube.com\idb\2545189889yCt7-%iCt7-%r8e9s1p0o.sqlite

                                                                                                                      Filesize

                                                                                                                      48KB

                                                                                                                      MD5

                                                                                                                      3501f9a513c592172623f1db6c1b09c0

                                                                                                                      SHA1

                                                                                                                      c217657bb5681cef2a942e5010072293c246355f

                                                                                                                      SHA256

                                                                                                                      23a482693475115275915813557d3f239b7984ad62bccf0f2d6a37f2c816a1d2

                                                                                                                      SHA512

                                                                                                                      c61f6bb0ec4d560ae7974b1f42e6ff39449a53c8b4744a4c5c7ee70b17873775ef72631a3b49e857774f17a0b931f4cf5bf7b51a8c93ff6da0728d57c8f8dd96

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

                                                                                                                      Filesize

                                                                                                                      184KB

                                                                                                                      MD5

                                                                                                                      5bb3fdab6d7f2e30870579da570e87f4

                                                                                                                      SHA1

                                                                                                                      9e153b9bcff492ef1285d250397b38534e1f63c7

                                                                                                                      SHA256

                                                                                                                      733500fb77dc2c398e5221ca3e11356c2a78f6946f99bbb0bd18acc34dfbe0f5

                                                                                                                      SHA512

                                                                                                                      c6be0200cccd3c98275e48f49e46544455eb22970e54631dba871f44594b9594e7d973525aeab04ec4458633bcfe1eb5a76da685b1ee175404033ec29bdd2a01

                                                                                                                    • \??\pipe\LOCAL\crashpad_880_AHQVTGWMKYTCTPIO

                                                                                                                      MD5

                                                                                                                      d41d8cd98f00b204e9800998ecf8427e

                                                                                                                      SHA1

                                                                                                                      da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                                                                      SHA256

                                                                                                                      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                                                                      SHA512

                                                                                                                      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e