Malware Analysis Report

2024-11-16 15:51

Sample ID 240206-whfb6acdd8
Target file.exe
SHA256 a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77
Tags
google phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77

Threat Level: Known bad

The file file.exe was found to be: Known bad.

Malicious Activity Summary

google phishing

Detected google phishing page

Checks computer location settings

AutoIT Executable

Unsigned PE

Enumerates physical storage devices

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Uses Task Scheduler COM API

Modifies Internet Explorer settings

Checks processor information in registry

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Modifies registry class

Suspicious behavior: EnumeratesProcesses

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-06 17:55

Signatures

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-06 17:55

Reported

2024-02-06 18:02

Platform

win7-20231215-en

Max time kernel

32s

Max time network

153s

Command Line

"C:\Users\Admin\AppData\Local\Temp\file.exe"

Signatures

Detected google phishing page

phishing google

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff5600000000000000dc04000065020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{7BC9D071-C519-11EE-AB16-D6882E0F4692} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\DOMStorage\facebook.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2092 wrote to memory of 2208 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2092 wrote to memory of 2208 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2092 wrote to memory of 2208 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2092 wrote to memory of 2208 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2092 wrote to memory of 2844 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2092 wrote to memory of 2844 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2092 wrote to memory of 2844 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2092 wrote to memory of 2844 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2092 wrote to memory of 2660 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2092 wrote to memory of 2660 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2092 wrote to memory of 2660 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2092 wrote to memory of 2660 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2092 wrote to memory of 2672 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2092 wrote to memory of 2672 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2092 wrote to memory of 2672 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2092 wrote to memory of 2672 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2208 wrote to memory of 2728 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2208 wrote to memory of 2728 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2208 wrote to memory of 2728 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2208 wrote to memory of 2728 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2660 wrote to memory of 2588 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2660 wrote to memory of 2588 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2660 wrote to memory of 2588 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2660 wrote to memory of 2588 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2844 wrote to memory of 2688 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2844 wrote to memory of 2688 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2844 wrote to memory of 2688 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2844 wrote to memory of 2688 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2672 wrote to memory of 3020 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2672 wrote to memory of 3020 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2672 wrote to memory of 3020 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2672 wrote to memory of 3020 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2092 wrote to memory of 2112 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2092 wrote to memory of 2112 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2092 wrote to memory of 2112 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2092 wrote to memory of 2112 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2092 wrote to memory of 2144 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2092 wrote to memory of 2144 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2092 wrote to memory of 2144 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2092 wrote to memory of 2144 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2112 wrote to memory of 2252 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2112 wrote to memory of 2252 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2112 wrote to memory of 2252 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2144 wrote to memory of 1484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2144 wrote to memory of 1484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2144 wrote to memory of 1484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2092 wrote to memory of 2468 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2092 wrote to memory of 2468 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2092 wrote to memory of 2468 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2092 wrote to memory of 2468 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2092 wrote to memory of 1288 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2092 wrote to memory of 1288 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2092 wrote to memory of 1288 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2092 wrote to memory of 1288 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2468 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2468 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2468 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1288 wrote to memory of 1340 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1288 wrote to memory of 1340 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1288 wrote to memory of 1340 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1288 wrote to memory of 1340 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1288 wrote to memory of 1340 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1288 wrote to memory of 1340 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1288 wrote to memory of 1340 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\file.exe

"C:\Users\Admin\AppData\Local\Temp\file.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.linkedin.com/login

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/video

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2208 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2660 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2844 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2672 CREDAT:275457 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6129758,0x7fef6129768,0x7fef6129778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6129758,0x7fef6129768,0x7fef6129778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6129758,0x7fef6129768,0x7fef6129778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1340.0.425071286\755762969" -parentBuildID 20221007134813 -prefsHandle 1244 -prefMapHandle 1128 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {eeb87a8e-b180-4489-be16-b05da78861d0} 1340 "\\.\pipe\gecko-crash-server-pipe.1340" 1320 118f6f58 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1340.1.21616917\906766368" -parentBuildID 20221007134813 -prefsHandle 1556 -prefMapHandle 1552 -prefsLen 21610 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {281e487c-a08c-4f38-9d77-f066af69afef} 1340 "\\.\pipe\gecko-crash-server-pipe.1340" 1568 e6e858 socket

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1324 --field-trial-handle=1388,i,14152662909058495985,5035716337831245838,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1136 --field-trial-handle=1388,i,14152662909058495985,5035716337831245838,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1412 --field-trial-handle=1656,i,10072456149278628171,4456578828954615777,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1336 --field-trial-handle=1656,i,10072456149278628171,4456578828954615777,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1108 --field-trial-handle=1656,i,10072456149278628171,4456578828954615777,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1288 --field-trial-handle=1444,i,3202076188216974062,18235406645868563141,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2276 --field-trial-handle=1656,i,10072456149278628171,4456578828954615777,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2264 --field-trial-handle=1656,i,10072456149278628171,4456578828954615777,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1092 --field-trial-handle=1444,i,3202076188216974062,18235406645868563141,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2584 --field-trial-handle=1656,i,10072456149278628171,4456578828954615777,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2588 --field-trial-handle=1656,i,10072456149278628171,4456578828954615777,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1340.2.743775594\1552548508" -childID 1 -isForBrowser -prefsHandle 1796 -prefMapHandle 1828 -prefsLen 21648 -prefMapSize 233444 -jsInitHandle 836 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0a078c96-4372-4514-8c88-e6a1900d20d8} 1340 "\\.\pipe\gecko-crash-server-pipe.1340" 1804 192dc858 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=2920 --field-trial-handle=1656,i,10072456149278628171,4456578828954615777,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1340.3.1125338154\1942107283" -childID 2 -isForBrowser -prefsHandle 2920 -prefMapHandle 2916 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 836 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {349ea30d-c50c-4313-ae11-db3c237a1b59} 1340 "\\.\pipe\gecko-crash-server-pipe.1340" 2932 1c915858 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3580 --field-trial-handle=1656,i,10072456149278628171,4456578828954615777,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3104 --field-trial-handle=1656,i,10072456149278628171,4456578828954615777,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1340.6.2142179071\633713411" -childID 5 -isForBrowser -prefsHandle 4008 -prefMapHandle 4012 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 836 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1e4da69d-884b-49fe-8f96-32824faf2c60} 1340 "\\.\pipe\gecko-crash-server-pipe.1340" 3996 1e687c58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1340.5.1972549079\743510340" -childID 4 -isForBrowser -prefsHandle 3844 -prefMapHandle 3848 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 836 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {dbc51cfc-8535-4d51-8825-0a72d3378aa5} 1340 "\\.\pipe\gecko-crash-server-pipe.1340" 3832 1e34ad58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1340.4.1551368437\1583676125" -childID 3 -isForBrowser -prefsHandle 3728 -prefMapHandle 2684 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 836 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {436a6496-3f9c-481d-9917-218c6b7003d1} 1340 "\\.\pipe\gecko-crash-server-pipe.1340" 3736 1929a258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1340.7.1743814917\1181311277" -childID 6 -isForBrowser -prefsHandle 4064 -prefMapHandle 3728 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 836 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2177e4be-bf10-4317-9b19-784eace53056} 1340 "\\.\pipe\gecko-crash-server-pipe.1340" 4052 20ff9058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1340.8.633504998\422722684" -childID 7 -isForBrowser -prefsHandle 4412 -prefMapHandle 4416 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 836 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f82ffade-30b5-457f-a3c5-062d8e40ed09} 1340 "\\.\pipe\gecko-crash-server-pipe.1340" 4400 20cc1658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1340.9.899546817\2057462323" -childID 8 -isForBrowser -prefsHandle 4380 -prefMapHandle 4388 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 836 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {61123e78-c558-444e-ae47-7bbc0ff1ce72} 1340 "\\.\pipe\gecko-crash-server-pipe.1340" 4348 20cc1358 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1340.10.1883342677\1985163720" -parentBuildID 20221007134813 -prefsHandle 4728 -prefMapHandle 4720 -prefsLen 26251 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {53dfb228-2f8a-4cae-a662-531f1f3c73ed} 1340 "\\.\pipe\gecko-crash-server-pipe.1340" 4648 e5ee58 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1340.11.2127792344\1983011844" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 4852 -prefMapHandle 4648 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {54c9f2e5-cdf4-4720-87d5-7db6a4ad3b4a} 1340 "\\.\pipe\gecko-crash-server-pipe.1340" 4868 19910558 utility

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2300 --field-trial-handle=1656,i,10072456149278628171,4456578828954615777,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1340.12.806245624\1580166958" -childID 9 -isForBrowser -prefsHandle 3664 -prefMapHandle 3656 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 836 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {83a526dc-070e-40cf-bed6-2839c7acc1ca} 1340 "\\.\pipe\gecko-crash-server-pipe.1340" 4728 20ff9958 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4416 --field-trial-handle=1656,i,10072456149278628171,4456578828954615777,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 142.250.200.46:443 www.youtube.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
FR 185.60.219.35:443 www.facebook.com tcp
FR 185.60.219.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 static.licdn.com udp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
US 8.8.8.8:53 m.facebook.com udp
GB 163.70.147.35:443 m.facebook.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.35:443 facebook.com tcp
US 8.8.8.8:53 fbcdn.net udp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 fbsbx.com udp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
US 8.8.8.8:53 platform.linkedin.com udp
US 152.199.22.144:443 platform.linkedin.com tcp
US 152.199.22.144:443 platform.linkedin.com tcp
FR 185.60.219.35:443 www.facebook.com tcp
FR 185.60.219.35:443 www.facebook.com tcp
FR 185.60.219.35:443 www.facebook.com tcp
FR 185.60.219.35:443 www.facebook.com tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
GB 142.250.200.46:443 www.youtube.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 www.facebook.com udp
US 34.160.144.191:443 prod.content-signature-chains.prod.webservices.mozgcp.net tcp
US 52.10.159.154:443 shavar.prod.mozaws.net tcp
GB 142.250.200.46:443 youtube-ui.l.google.com udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
GB 142.250.200.46:443 youtube-ui.l.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 142.250.200.46:443 youtube-ui.l.google.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.213.22:443 i.ytimg.com tcp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 www.facebook.com udp
GB 216.58.213.22:443 i.ytimg.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.youtube.com udp
FR 157.240.202.35:443 www.facebook.com udp
GB 216.58.213.22:443 i.ytimg.com tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.200.46:443 www.youtube.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 142.250.200.42:443 content-autofill.googleapis.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 142.250.200.42:443 content-autofill.googleapis.com tcp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.200.42:443 content-autofill.googleapis.com udp
GB 172.217.16.238:443 www.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 142.250.178.4:443 www.google.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 rr5---sn-q4fl6nsd.googlevideo.com udp
US 74.125.3.170:443 rr5---sn-q4fl6nsd.googlevideo.com tcp
US 74.125.3.170:443 rr5---sn-q4fl6nsd.googlevideo.com tcp
US 74.125.3.170:443 rr5---sn-q4fl6nsd.googlevideo.com tcp
US 74.125.3.170:443 rr5---sn-q4fl6nsd.googlevideo.com tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
N/A 127.0.0.1:50169 tcp
US 74.125.3.170:443 rr5---sn-q4fl6nsd.googlevideo.com tcp
US 74.125.3.170:443 rr5---sn-q4fl6nsd.googlevideo.com tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 play.google.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 216.58.201.110:443 play.google.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
N/A 127.0.0.1:50188 tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.212.234:443 jnn-pa.googleapis.com tcp
GB 216.58.212.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.212.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.213.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
GB 216.58.213.10:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 ciscobinary.openh264.org udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.46:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.46:443 redirector.gvt1.com udp
US 8.8.8.8:53 r4---sn-1gi7znek.gvt1.com udp
CH 74.125.108.201:443 r4---sn-1gi7znek.gvt1.com tcp
US 8.8.8.8:53 r4.sn-1gi7znek.gvt1.com udp
CH 74.125.108.201:443 r4---sn-1gi7znek.gvt1.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
FR 157.240.202.35:443 www.facebook.com udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
CH 172.217.168.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.200.46:443 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.200.46:443 www.youtube.com udp
GB 142.250.200.46:443 www.youtube.com tcp
CH 172.217.168.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com tcp

Files

memory/2092-0-0x0000000000710000-0x0000000000711000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7BD355F1-C519-11EE-AB16-D6882E0F4692}.dat

MD5 3aebb2760504fa504207143c15fe907e
SHA1 da6601f3d5cd9164d8c056d90bdce916c6a3ab3d
SHA256 5a109458bb000f3ad67e27cd57c77f617dbf95105e47d7dae8ee899df90e434b
SHA512 a771631ee9e13c6b211d25758ec21df94acf3878369bd62845fcc4c5f04eef47443018443fde58ed24f45b0f5662659b8058ca80c1ba929f21173c500a7e9943

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7BC9F781-C519-11EE-AB16-D6882E0F4692}.dat

MD5 a2c9f866f7bbeea7cdd06dc63eaa8e09
SHA1 28e06d75ade71e135c519646c3d091e44d68f31c
SHA256 84346b3f19cab91fae1535e32c378d7b63661d34033823b6438b74c650370c02
SHA512 2b86a4c73aa9e40d437154ef54a57face017a4c953db76f76fc6f96db20b12be2addc61b17d96c7898b90b164b28d5bc3c49e3485fe89332c3839db2c02d5799

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7BCC31D1-C519-11EE-AB16-D6882E0F4692}.dat

MD5 55b5d4836ce282ff54f148b0ed6ce3e9
SHA1 c4c833576db06f275a3991b3311fe1dcf605b2ac
SHA256 f31792e6c646cf7a621efaa4e7320a971e0b116c4dbb532b43917faf8295b677
SHA512 936c14d264690e5ad5608b8a0bf064955bc8bd22f8085ec31ec035dda8919316aacf8a6aaf8a77ef7992bb6a68bbafbdc8ca3ac538ac0c435cbe8d17cea2bc6e

C:\Users\Admin\AppData\Local\Temp\Cab4C7B.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\Local\Temp\Tar4D56.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ba66b256db5cd8237998477d5d90df25
SHA1 86fc1d4f4e2676aa9ee77777189bcf8ed2b4dba4
SHA256 28ec1ce4ce717a1d9cd8d13b40ded4578df67747822cdeb185db7cfb0ea53c6f
SHA512 489e309defacf94c54657883f26cd5f747a868e66984397e57c78f2bca8b39f1c4b9e576014d5dc6c5c4774055939d95762c94b6feb18df128ce203a15b5037e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 3c2a472d64dde005732bc76c97acf672
SHA1 d21d66482b77d92300981a6bf583103e05cf7ecc
SHA256 e5dc019f2bfac3f995846b0e3cf802ff50e132b0c6bc3bb1c7e9210bd2a6367f
SHA512 072d9304ab83e37f6b7667ce7f3e3974a74fe56f25cb014ee297b3cc120f5a5da5c6646d767556e55d0513e07e03635e8aed1a7e2c67e569978c7743b51a16a8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 27961932a781925729b72ada4e90f498
SHA1 0e4410004975f749ec57cd5e82090678eaf8895a
SHA256 bbd530d7c1074b735f1002c4615af3106cfd75934146b43d1d18b1ece103766e
SHA512 2bc87969a276a4bec89d4ceceda6b1d80d20755eb58908ddaa4cc64b428b985f06b8a5895bbcc8ba2982eddd6e089251e497932da7cb92bc4e4b07be74f1643c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 57b4689f87ffdead21229f06d86af909
SHA1 932aa07da9b948f20c27305b10f126437bac9971
SHA256 553b5b6f2e954bf07a78870b2bc6455d875244ce611cd95bd604c429bce3977d
SHA512 664765546eb1d00db64d41eda14198cab9551dd0046cf0bbbf212877f43d9b85149f0d41b1ebf367557d530d52e9709ae1a15d6a4125b5595c10f4ff9abb8d09

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ae13a6f4c158e93ae83e05ed8fb7208d
SHA1 a4bbe0c5dd0f9dfc24dbce21c2aaa9719c1cdc67
SHA256 4cce31a85b5e9a93577022a50b4fa5acde4ff5b3e79bbdb30f1d2c7a2b27ca5f
SHA512 d6e6783a51d2ab90775b51705ca504fb7e9c52023427bd1a8fb6737c548ca88a99061a32a20487eb09ef22df9455c9af07298063fbee3fe83beb30df4e68c765

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9ab0dcb0b91860179889f30bc98e21ba
SHA1 8cf3c8915b2728498aab691c0fcb881601975826
SHA256 6bd325733db5f24e89b79dc81471e7dcd8a3a990e29b25f780e46d6f35746770
SHA512 be4bf466216400518a55e728ba8578a406730e985a9ba5a3002450bad457cce105d34643b651b32f9d1a3e598c3778c1c64ff94e2dcda1a6f5364228647aa233

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 85aba89c53bb7c2a4f540128473bc3b1
SHA1 493feea8df0a909b5b0e0cdc04c86b193fc76f27
SHA256 98e383259fd9f2d438b50930f12b97f0ecbfc10365e78cc24bb6154e2ca888f1
SHA512 08a64ec7a30d04da12cda38456315e19c1816f9382de4dfbc9646a2a755d7eb8c299334246b3831d63c2d668b369e1c2223ed3a570e0fb10537272b2c7402614

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 fd22953472f8e1d14e96efb45efdc1a9
SHA1 019ba0844622d1f4ab20abf615e796c2787474b0
SHA256 2d0ccfd987c86272c4cd7961f17c3edb6218b2aa38eea6d0f4c182f9b01a8c52
SHA512 cd5c3ac1912e5ea133ec2f0c1e61042ec4ab04842de5f1b36e5d893195ae8d61f80981ae6d568bcdc0eb03b000d3a9ebbee8e127e05700616d97e88e6e766d37

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 317fc04c2ef0bd550a4ed911f07520a4
SHA1 5ac3ae96d59aba669fcfaa6b6b7fec0d1b94a538
SHA256 757a750d35ffc95baabd46a00fed8ce68af149be2a0d95be0df0efe6d30e99b2
SHA512 ab5e10f2b5660ff92c6ef0ac359bac04d0422f54a2788a13f2f1e2fbe17ac0ebd53e5c0482162954b2179faac3410f0cdcbeb8324a1d258f6ee1131b038dd75f

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R1EBDLS6\favicon[2].ico

MD5 f2a495d85735b9a0ac65deb19c129985
SHA1 f2e22853e5da3e1017d5e1e319eeefe4f622e8c8
SHA256 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
SHA512 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2s0hu3f\imagestore.dat

MD5 9237199e3441da0e79ca7953e411c0b8
SHA1 93f49142aa7580ea53537942fd103c7bce570341
SHA256 6c78a46986f3726ca1b109bcf83f4c57535440e8c61c0d3d717c64006410ce5b
SHA512 76c9653748b4b8c66181daf39706375ff9b33013c457eea70f1169043b452e555ad91ed1aefcd25c46131978e5b214ed10902395cf5cfd4ec9f5e2bde45369e8

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M61DDFBK\3m4lyvbs6efg8pyhv7kupo6dh[1].ico

MD5 3d0e5c05903cec0bc8e3fe0cda552745
SHA1 1b513503c65572f0787a14cc71018bd34f11b661
SHA256 42a498dc5f62d81801f8e753fc9a50af5bc1aabda8ab8b2960dce48211d7c023
SHA512 3d95663ac130116961f53cdca380ffc34e4814c52f801df59629ec999db79661b1d1f8b2e35d90f1a5f68ce22cc07e03f8069bd6e593c7614f7a8b0b0c09fa9e

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2s0hu3f\imagestore.dat

MD5 b1bad005587e1ef0c02ae9e0dcd75831
SHA1 201ea5719cc8678b9ccf81c5cffc452a4f43ab11
SHA256 422a24ddb89ae84ee1743b9cd7b34534784de4c588c06955e42cbc9534f41a1f
SHA512 e2e24f1489f60dcba6365b65f264c214e708f7c33d3aa5b651c8574bd7a591f9ad16045f4b851aa96f1bfc666f9fa08a0e7a6780611b2b8830feef51c274d457

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2s0hu3f\imagestore.dat

MD5 65307fd2afdade473b2b3bfdc10cbfc1
SHA1 64ac83ac24e0a50d6288cff3f3f6f90572e26908
SHA256 c550ca9b337d375a7eb7e99ffe6d5625cebd22a0d04ad00d3288cebe9cc19fc3
SHA512 ebbb708c67bd4009a60d4fb9a0d88e11c4f1adfdd5f098454bd7f3f635e2f8e9824d77052a75f0841752d1fe309a6e8b7400170aba7ec1ff3477e66bcc8d0d19

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R1EBDLS6\favicon[3].ico

MD5 f3418a443e7d841097c714d69ec4bcb8
SHA1 49263695f6b0cdd72f45cf1b775e660fdc36c606
SHA256 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
SHA512 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\N2PB412W.txt

MD5 5385e5b183d06537705bb886052cfa13
SHA1 9903dca4d4635d80b8e089a10f91ee70459afec8
SHA256 7c33147a85e2f6ec0bc83a60c13cd9cfe7f4ccf5b33f59dde18a6c9b9c531412
SHA512 1b6a7b23b9ede735ec2a1e5ac651e53b63275cf72269f6d3d1e36efc23ce55cd0c1c49c8ffff3c554e476285af7ab15c0ad7a7490a8f8d76ee33d31dba3a7bff

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 768952f994bc31d9899164e697367223
SHA1 3dcbd6fc9176b337ba33b0a878a407c3cb671bb5
SHA256 d3ed8998140b94880f2148febff0027b9bbd08629f36d101f01e289cd3649d5b
SHA512 a044cb4d8354794f4bdc1dd7a704c54ecd856ca4e98a76ed0d7bcc7a7919c67fb329e53a2a7234e31f610d8f776cd5484427792ce2e5ed29e231ef7cf278128e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 7d10d6a2d05142b2f7de42728ab93a9d
SHA1 dd26f063d2bf4688cd996ea46ec9c79f9702483a
SHA256 a06c2f6ee0ae9af14551ac19e95835bf20b775d835b558529eb5979d474f0919
SHA512 74738a2f5fea62431113b09022d031000ee1ee3fd15d0c02dcce313c1f67d7c9176d13a715653d1fd23ed10c8c8fbdeccfe09bdd17511e3f92e218ba151e9139

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M61DDFBK\gB76kJXPYJV[1].png

MD5 389dfa18be34d8cf767e06fd5cde4ec6
SHA1 47b751cffab47d076816c63ce08d3e84600376ee
SHA256 3c45ce612f41b1e7936e7cf5b235047344fd3146d1630e342f186d1d1e8e00d5
SHA512 c4db18f636ad85e87f93a208fb4b02b528659ba367e51cfa6d7826ac1159f445a85fbca8d12ac67556e8fb5208dae24ae309e783d50feb088ef0e9f47ac19430

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2s0hu3f\imagestore.dat

MD5 238a3f6646ad794f0de921e14c72eba5
SHA1 d81999de68b0e9a02a4cce7f2670740cefc9332b
SHA256 764a99fe3bbf61ff026864878031cd11212f05a074fe0740c526204d0745e2a0
SHA512 c3d76d2a53c408bb3d1bfca6988644970d0eebebba40e5af8fbe8f0dfd7739b99bb4299d30c9b583403383a43a6733f36bd504daeed51d44b1f47abe37f1e1e7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2d9a7214fde66361b2ee26c4c6aaee89
SHA1 45a732ffd0523ec0d799491a1b14d1d651442c3c
SHA256 9db40abd7a0f6dc6651af95368d9b2ebda6cd18d5cb5a8f688c7939db1346ec0
SHA512 93e58e59f3d30ece93bc8467a27981a43d931d8e9c46c3fa157620364af748335dea4c6e5b4b057fe8266ba5a86961f2990e818ee356b8457c8955bfeb4c104c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ec28494850f27128be858288c52d3582
SHA1 e343a30cc435fe77df626b71c6b58cbf7e53e861
SHA256 71719647871ddf17e4276892b0f580513bb27891070a6403e43571342bc0fe8c
SHA512 6c175979ec600256fa269b8721ccfc38f5fed7fd87344b885d8a7ead8db1eb74988f56892951f63996644123deda56706aac0a0153180a85c1c6283164bf19a9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c8baf9f4b033b3620e784dab98dd3fe8
SHA1 ecf2c84f2fdbd60a5573d8dce46ba116d1644131
SHA256 af3387c85f08d359db1a0cb5afd6a55ef6b02e358a305be70808fc0784df5d30
SHA512 ca04d0b2f33c506e137128849b941efcc5ef59c92f801ea96d6587ac4051d0ff52db29d80a6aa984ad04e77f2b5b6f8ba3ea11cce4dbd72d7ee3ee20e8f39ed3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4e14c98ba059c0e1db89d49a28db3814
SHA1 251ae994c06d989fe9117e9e749760fbaab3aee4
SHA256 017665f9f187a91a2f973d89cb829a1b3be62f8c9b8159c412a5191bae75f604
SHA512 eaeb865542feea92f77d14054d4dcb1a9f0619864a141c3c4e531cf7a155d5e1c0b5dd22d01f72048bd1531001278e8e70a1e01191051049682c5af77becc988

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4684fdc5afa7fa38c0efa5a99e43b0df
SHA1 1d8250acd8d6751d730f19649f61a10a8a631010
SHA256 5674ab4fce0ac8ffa14b6e0160b3a9dc7e958498587b37d64ddd2a3a07d29477
SHA512 5abf9c8c81cc04c91a6cbcfeb0030e7a19182b1e90feb21134b43c19c229ccb36024901c3818acfb7a162f0696f1f038a79170c25295737aad368e2717d43d12

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 aa3f792a23f87b5e2716cab71ba4ed1b
SHA1 8df091bff3435c92238e495561d5d4e2eda00938
SHA256 b14ef0be8d6ec3ba61cec6a6e82f675bdd3a8f2d98782a5e21699224c98ccff8
SHA512 10035a11ed59c39a8f24f661d0fe6f7410dd18b6e09d3eff608bd5526339d20be8b75b7bd95f8dfac3164187138e8800d30bd1bf0e2fc9e683df293efc9fa8b8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f1b5de1d7c143e708992f3b0e0aafffa
SHA1 40bf45058c7868957b31fcaab836de67c01577a2
SHA256 c771c147a02fb64b6d3067b6a9062ed6f67ddaf7d57af621ea3f1c1f02343ee3
SHA512 7c74c269e9ef9a0db7109233881d5e03e81528b87ebcda85f215100c0228a275f845601d56a7a884d366a6ec4505eec423c6f157f53841126f30398782cb7eb7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ad3592d3dab3fafe65bcf87123db7045
SHA1 c849d4361f70489fde2d65a0dc222a4d1bd4b721
SHA256 1c62988931f25d5b4761fb9ee4f4b5a29735d4e2114a408fb122ba3c8a135089
SHA512 ec0fbb46bce24047b0cb29d241e2f7a00e66cc7fb88543f8929a0be9434da30c2cbdc1be3203ceb718d55588d1c66a9acec47e140b9439544bfd2c7c84c3ee81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 da34f4b069d4208e643bbe5904660ba7
SHA1 8fef8e21cdbd32ee130cdd5d2369f4eff1f468d0
SHA256 24271c2602a6fd012c611bab3119efc1032a4e94ff2aac598b5ad5c5db7fd38d
SHA512 3273ffd4377adc31ac025981816295253238986f6fb178b5096692bfc5feea3ac2f81bfec3a18610f108cf8bca1c465a9fd685285dfb9d3df08aa07a06446aee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

\??\pipe\crashpad_2112_LUVEJCDJJJBSXDLY

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 265db1c9337422f9af69ef2b4e1c7205
SHA1 3e38976bb5cf035c75c9bc185f72a80e70f41c2e
SHA256 7ca5a3ccc077698ca62ac8157676814b3d8e93586364d0318987e37b4f8590bc
SHA512 3cc9b76d8d4b6edb4c41677be3483ac37785f3bbfea4489f3855433ebf84ea25fc48efee9b74cab268dc9cb7fb4789a81c94e75c7bf723721de28aef53d8b529

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\41180823-edb1-4b5f-9e43-6da2e70dc827.tmp

MD5 3c6610f028b5893c1b593240622616a6
SHA1 f990687e2a85a392f6ee75c51a04c7f24095d2da
SHA256 6d3ef6d2dc519176bc42960e0b3db91b9341a6db107435c6f54c737595713ceb
SHA512 8fdbced98d1e08b670b626d58e243ef6e75f2c532e76c617a7b0846980457892d5edac0ab67fde63ffb80cc54052cb7dc12651d52f1adf02265d6e1c96dc85c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\64f0ab78-8db6-449e-9983-70ba3ac5506a.tmp

MD5 4a7aff0bb78fad8b12763adb08286859
SHA1 75b8f205dae925e11488bcaf34fd5986ced0e373
SHA256 6f49e14eef5a59cf37c074809a4e201a22a9b744cb9f170ba7b29edea0a7a0c0
SHA512 6d7ef79fb7ca7d9ba4fb8944186cfa444f4599b2f4d52768167cd014a8df6fdeb9f65a167778fff7823d34aadc81043bd401f9b9fafba4510db5cce0fd8b7bdd

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\datareporting\glean\db\data.safe.bin

MD5 399c5e83512aaacbf9232e5b009491a1
SHA1 3e3f00e813b9843fc7a3cb64b05a0504a2f8b3d7
SHA256 6b7e6b747ae0999a4cc6255e789031daac734d0dad5ebc4c8ece6f5e833a4ba7
SHA512 19a4506b1637bb526aaa7d64ed89ef9e65a445f6259b9d47986adb6837d61fca321e621aa39d76ec25b9965eb271bbd0bc4a79f040110745b596be53cbc3a205

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\datareporting\glean\pending_pings\584ca5f8-2a32-4572-9de0-31be8b03fa1a

MD5 f808eed780de6bf9cc3c19ddad29bb6a
SHA1 81d86e61fb3308820994035d0b98327a5e487697
SHA256 a3aaa2b15244835c1849a54111858b917b93905bf30e2a4503052eb2d4eeb621
SHA512 a4f1781c9e37820bbcf145de9eaf802f074798ed954cba289fae523bb51af8d0dba34b463cecfdbbd62247935013043625123d1db464cf217f723b8fd4c3eace

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\datareporting\glean\pending_pings\a2beb891-3ecb-44fb-8d9f-1af31d56f62b

MD5 36279cb3f591b280244dc197f257f529
SHA1 48fa9be553d5ac962c8b1392c26cb3378f4b619e
SHA256 c572b99da275a654fc647bfa7cb4a54ffda375b2edefce6e70f984e0c15c53fc
SHA512 6acc16da70a3a22a04cf723f4ebfa6c74be86acef91bb6248bddf15e0d48204f70f91ad039846a13fcc3237e54073ea8a927b9eb9fd99ed8554ecdadf00b0374

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C

MD5 0113178bc5ae00735f18dfa81ec6645f
SHA1 b4935e7ac9c639ac709262d69a15d0a1233f126f
SHA256 faddd603379eecd69ae7fc7acb713447afd75fd4f46bdf1b32c73c43bd3435c7
SHA512 64948388eed7d1631f2b110593c2be7d78eba94bb03972e68bdb1091329cc6334be4baf4dbfb44c4a0c63a3704e7e5fad5008f0693abd2d57e920efc8b609a8b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_DEFE6B99A4F3DB39CF646AFC270A09C7

MD5 61f6ffa083a6c599aef923271546aaad
SHA1 4012ebff936adc6cda4410672f84a6f501fb432f
SHA256 5ac5ba3af42bd29af7fcf3aef59d4fc096850cf822e51e00053c17998500eaff
SHA512 6d1b319ea1ffa601b7beaa720b9077fe60409595236f25f89ae904c9e4c3db60fd856ece10fc2d81572362d1e3eb06089eb016542adac13f2a4b3cfb39c3434f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_DEFE6B99A4F3DB39CF646AFC270A09C7

MD5 cbc9100a46259ee94863573f3a31a180
SHA1 98e4e0fc6e52c87f4f9c75d0a47c5c718f385566
SHA256 a0b5a2502a8c4c00e40fcf19d422ed468a890eb10e5dff100eed05f8375d453a
SHA512 6dd7f9ec565989b7da73cece5f452d8a6be480b60269fbb3bd79e9b57e04f762ee80125b1841c617c087efcb3d062534e32660cb0a8ca5638f07b0948894afba

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 68c32488b10585c2ef9918134baa3be9
SHA1 792ecb49abecfc24b3678de59cfd524a988dc81d
SHA256 d4df00e6cb7341f5ee40aa8a1f62e540c985bf741ca26ae02b5bc3c78bfab4ac
SHA512 76b0076f2264b8993a55db6ff34d78ca80ed046994adc4be256fcd24b7077960da7c08d4a7a5972bde5f2894b8731cde50b7758b2944ee87bf9373f4745e9629

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C

MD5 9594eed998dbee805d1ff9e407928e8b
SHA1 2636641be95c8fde443791d75a5818e69b70b767
SHA256 c665a57a2820423638b56a9de7feeaf6548c562636ad4757b7f4ebf97d591116
SHA512 13eeceaaeedce6943ebf526a03a3c47f375488e7caaa2bfbf664272ee1d0b210f1e1d9dc87b49c6d2f36f0c8588fe09e2249b3af18d4960871ea60be13e2003d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 5252066f674ab70eaa9fd575b45d69bd
SHA1 942d0137d5882feced7f8059fbba819a2defc9fd
SHA256 38d0f640decb673e79f7d2a16d3dc058d990fd2b102d36d7c3e57f0adbb4fcd0
SHA512 6448c139383b7572b881d1fa1c6dfccd11906ee9638c577a9efde4050b8977cd037599d9ab59ca625a4991336c9b7a80925138f37eac06aab0a5a18773e854c9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486

MD5 a89819593d326e7891db3102487f18ba
SHA1 e8972c883c57976a6a6e676a08b488abae9c82a7
SHA256 07f033948e887c74df5ee50ae72c287706f58e17a5b9e62635c2d3bac3f02558
SHA512 642c680c0813b4760442e504a8ffcc4bbec65c9ec22608f608992c6393fae3525c00709e83de135511f14709ee51ac82c662cd1b26a5f45f9f2b14ba2590fcd3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486

MD5 457a7c7288e1e1c4e4a60388ca13cce8
SHA1 9a7cfee1880a1d1a5e232de9a9eb4434f37757b5
SHA256 fb48f80118c1333ffda1953e188b0a5186c8b52cc98f536e4b3a34885b667676
SHA512 352f605dd5e77069d8889f20d3c106bb10557a5223d00bbfb8bf251d8587117a9defc36ffa85687a87299450cf050040bf1425e06cecae27bd736b72bf95fe74

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\prefs.js

MD5 073bc73d3992b0118e3bf06b2f69d472
SHA1 d01f56bf96d01635b413035a0f42525f59573b40
SHA256 e06c58b59405ca58e86f0d9f7e447050153c0da5dedc365817b18c0cb97d8963
SHA512 611445cecec28720d8c81af25085d2681078927b6c8cd19aabd2706c0938c57ae17aa5790b3efddf2560cb0ecc7d38ac03f3f3c3260579e9126c5f94fc7c30ef

memory/2092-1106-0x0000000000710000-0x0000000000711000-memory.dmp

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 7984ec8b25f4987bbac85082ab1a3a0f
SHA1 103e088559ce25fcd941e87a9fb9cd2e360d862d
SHA256 b5a994e37553a4c602f8d78dfc0e501b47364e689ee8196eba790e65d470b1f3
SHA512 f353d988419e31d7bb982115fc06ba3f435f71dff4a3aad3bef1a1ab148fd4ffb120c89c3573322297dedcc4be7c75af46705c944c886106cf8e2397d9e77fd7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\sessionstore-backups\recovery.jsonlz4

MD5 b5d7372fbca8d82ca133994be6c8ddf9
SHA1 6cbe48063eedba436b52691a188d6c390026f498
SHA256 6b412105742df5963dc9ad8f1a219d523be1d918240225cf0ddc4ecb8b68c4b6
SHA512 51262557f3df2dc17acf0e6ef95cc3a50006a7249b4197a7f0f56d3998382d5ad8a2b62226c3e78144d02d8fead72e6af77f975b5b3672fc5534b6c4f52acd3b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf76b1c2.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\prefs.js

MD5 88295b5521e163c3738e9bb8d18618d5
SHA1 fab7d388ff6847442337c8c078de5d88f1def5ec
SHA256 8e1c7dde1e54d6ea2aeaecd6329e510c396780520172bcaf10e713c04f13c57e
SHA512 2bf3cd46bcf66afbefbcfd20a71e8ad37b3495da4651ffdb1efbdb8b6eb084c2f77dc2bab1cbb7207e165bafccf6a48ec65bbf60795d8a0a10ccc492756a3436

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 bd0e5d49673c8faade5360318be3f964
SHA1 e1eb7be3e987b236ad8f4161a673f2191b887d26
SHA256 f5b2402f4d9515409afb99c548828909ab2f1d81b010219c012b7f072c601f93
SHA512 d1b34fa66a6fbe7cfee092b17173ac1b5cf469656925c593a95075a3ead82200684bc904e49c2bd5eb54371739b519f92d5f6bd5c661ff4f6285c088982634f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 977eb7a847f1c98e6461cbfa4bd9b9ba
SHA1 51292d0274c6eaf687329d7976da2e3287925d90
SHA256 91b30cb2f47d0ea855c41f9fa008c13896a49b010d189a625fe0ac044d22ed2f
SHA512 9885542dada447840e2f7f84d1689c760cbbf50a7af12f11a4296cca492dbc531ad1d64b16aedb406dccbbaad594d970c1c9811ca5f726a368041a4dbb5d83c6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\storage\default\https+++www.youtube.com\cache\morgue\74\{18f15075-761f-4e19-b671-e2550ec0d44a}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\storage\default\https+++www.youtube.com\idb\1866036938yCt7-%iCt7-%rceasdp7o.sqlite

MD5 55e55ada342727d3bb2c8702f04fe4a3
SHA1 ea24bba24b2f1ec914f305f92c207d1586f91b48
SHA256 41221b28ed67741282e73f04aec8a076917ff6cd95639cb1aab124b21b67be28
SHA512 51c9031872349a37e98529699d3180dc6c283bef20c62bec26d27941c73260645cd8bac7ad034a3799aef28076893a1184482d5dff12a8f69f921ae583c06b3d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\sessionstore-backups\recovery.jsonlz4

MD5 490921b1777a5f83a660f11e2f3b63b9
SHA1 0a5f917a04710eb49b3557fec391a8bba613e056
SHA256 df9a2cb1b443a29b762e38c0ab3d7b2448875f1206abe2a01fd06f733cd85f1f
SHA512 967cfbfb708ae7152ecb9c9d2d02eddddf66ab22b31eb67f6aff1936dbf9e6ad6448ab7ff41968fe2a7c502766d119e3910b2152b6ae08e9c7dabc524388a4b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f3b781ded7abff1e0a091e2a25ef71d9
SHA1 e5f3251846e235db97d66f2ab3a99a041d558660
SHA256 683892fd095252d25a2eecb859b058257f8b2fd2f59fd8f0e5f702b41a75d59a
SHA512 8a8a02ee9503089e9c875ff2ca9ed3d7e00476d924ecccc861fd21e83b9f56d08bba297b0cd7f6a18f910d7b62db92c6fe8529932860472bff85a3f8f31c0f06

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\prefs-1.js

MD5 118188c7ed86dc0ee114706d029a2ec3
SHA1 d2daa809c60dd2905a302b946ba0499990e1d2e2
SHA256 9f4f4ac42890c13ef4033232be0fb026990e01dd1f0fee3129dbe23f5676acb4
SHA512 0c4403b85afe5440ae6d6feea60205dc08787d2325eb1044ec02fc163c5383c1e01c1c4472ea8ac9c013b054412702a2658433532403fbe68134cb0728c77050

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\fe0e650f-8e8c-4242-9633-f278bf1437f2.tmp

MD5 314a56f37c4b8afa3bfe9bdf636bb4b6
SHA1 56965aa7470afee73de5f357fa43ef25efdd04dc
SHA256 a4b7b5b5623935cc8a18271345fef41c8e5f8089a23e5abeb58e241dcc4de0f0
SHA512 c989e5355c3607252c2f740d9cba09b2ab7c9b6e7c6a7a8716741e98f7116141de52913a9bdd463f2e97935633f4639bdc9c84bc2e62c7f6ef1fe1e7f91e02b2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 63602749e74886277a00c97e9635135f
SHA1 0a8a83de4ee0096e321cd9412f0c81f1cb3c5854
SHA256 e1e46484838977c21f07483ab51dc096341228259e4f93067525b973e2bbef92
SHA512 193dd627f10aa880d3e14b4ec89a176507ea91a812fcf0157f801803a8ac649a445bfca49d0f2a7d8a4e2896cde7e475448115c669e06a870083d08e02123808

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\prefs-1.js

MD5 0e197e448a913b6f4f8c347f99a92824
SHA1 a5989dfb8199c176963fba8fb3c2e7262457322b
SHA256 f6b8616ec62da789da94ea42238bb4e97cbd1bd1dfbeb68857046899f8ed31ec
SHA512 3ef1965f9a0a8cb6ad5254a83b4de6d8028b521031a80034d79836b1042b331d40aa2a65c8df081e899d83e03a3f1c0a2dce57bad1b8ee855dcd1a8dc394a74b

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ec6e42f103d3ca11e147c9b86b0b508d
SHA1 72b989f75e450687547fb24691986b4f7902f8ff
SHA256 4ea742e5e257718eca718eea541a05ebef5cf1c5960c4e3e335286ec07900e63
SHA512 7f2959ad6c8f1b7d3b027b0ac17dfa1d2c9e6c3732ca527a5739e40109a4616f26dbae00a86503eda566c18defb55beaf042bb233d3edf75ea09f32fa7028e99

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 ff238c1e3e1fa0cb83770b3ef1694828
SHA1 a000a19f3fb297f357ec648ab37c13e65f4390c3
SHA256 d6c5027d67f2a438e217e54b2a85852f1ae7aa8ba9fc3d554ce82e574e245103
SHA512 b1c30c123f0efffffd9435a2ddf26f8bf28afef7099d38d9a5df2f64d7f54b987191d7784978f779571a49f2677ab6c8b179e79f83f23de9bf4d26f0d0c56476

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6ee10af7dff83410efe6c537a72759de
SHA1 eb21470a4c4200dbf8ade7e1ad4a30e01dfef17c
SHA256 6a6187a09e05319c953e8cfdd0d67801551056b1ce4985bd382bc25827df78b7
SHA512 5e9045552a6b6b40d3409aa61ae2dd23e93d27a3436357fc10d9a56de1abc3d8da9f3fcc17d1ff2e6095b68f04d20b4a3af4a913bc2cbe077dc417f0fd904341

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e0c5a4fb76dcbe15cca847a1e57170b4
SHA1 8e7425a7fcfbc41c8b9aac7de961e41c48b048d1
SHA256 b94a23997a3583f74bef4758c58bcd4380cda5613ab247f48cd48fc163b38317
SHA512 8010516e9b9372734b309a2a11380dd91cbb2d1c84773eb9888008475e86aa5e27686fc56983d6792bc81fee4abaef234003665790ee27556c4f190d80d7e70e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 042aa6d02824648911a94af8efd3edd8
SHA1 ad416246e8e512c1e718392f136e5c58a078254a
SHA256 108c87c32f5f59814f985bafbbc70ceefea98eeaffd1e1a97f65b87addd90f97
SHA512 f8f13e213d9435b20e816c12bd29d4bbc6efe4c223d1bf001a7fbc266478d8f6041ce6d3d314ee7b0b43de7cf5c0140465362288208fd5916d10dd26d50effdc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 24f7dd757001ea4c321af4272a771307
SHA1 7ebd2acaa0533ad9a07874af148673389f47bd25
SHA256 7775f3c543442bdc17ea8f8e0d65785eec8fb670a547b2f29220abddbe29788c
SHA512 2730ba17bd9b8eb154202332d49670e47e8d2313c86fe8e5fc80576bb4b2ab14d106db2b8a499f4e6da9cf36609403d9a0ed1a639fcbde42649d93a702836440

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 4a47e15c01f9a39c077dedbf812ddf37
SHA1 75e1b96bf63d6028b24d02f35d56e390dbc4b981
SHA256 a286a11d2f8c1a8177cb6d9572a1023dd174db844336b5c0bdd947924a0491e8
SHA512 5332dcd66c6ffdc68aea812ef007ac46b68942494856f2b164352b3b4c197fa707afeb228a5f869d7087744530307a9bc7cf6feb8f188b754d23828314776084

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b7834725871877e71851bed019b77f3e
SHA1 6b878d79934ffd9aba3af097fdbe3c773e963673
SHA256 af65413579f3a0abf5b23057ba299eec72913bafe954bad4ef1522df3ba0ded2
SHA512 47bd609c50efc762c638502620abc7351de4ad136829cf4ccbd6efcc9facca85e40123fd46655db97d29f9004a2a85fdaa63769d4210e102ccb4563552fc1f2c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 96b5fa2072d0296ffd028322dfa450b5
SHA1 ec0fc021733247cf6762f5d0a412adc32a33dd00
SHA256 a127b3c2b3985629b30dc7c1cd6244b6491af283915afaf1a8f62737c0c9011c
SHA512 a8404c6d7df40d28eb8ac1b1be4f9356de32a8933c0537d6535f7de74c5f6693fc61057623503bf66e6da4f40a9cfbc47161e188028913dbd6dc228ae538dba5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fe43dcf82581e518f7eebebf20399120
SHA1 87a58f076a40931ff5d915fdb9dce43d465d952d
SHA256 779be21496a25a507d30b2fd53e986e33bc880101bd424b2a8e685d629c3af94
SHA512 e0e1772469a6fac22ce462c0c63095187739b98a133a44784082e58825d38d5038359f535823b707a5056c23a25a2b40c9979b0234cc4c772b7e440356e16028

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 6793407078182d12e3fa07df35ca16cc
SHA1 fb4273b00480554e143b50a6a071dbda332fdf41
SHA256 41bca943f4e6687d80aa9dc2433ac2851df14a92992a736b673cc03aa53bfc2e
SHA512 3cc8fcbe77163628c05b2b6342ab0134b501fd4dd4fd2016194a55eb31afda82caa6b60b2f7ce5db0ca1e6a8073bbbea85a193c87dd75b3573280d48ef080ec3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 73c14b83e865d0042ea6c52cb3045a43
SHA1 64b39970d228027812b6cbdbfd0349340391b8d6
SHA256 4256635b55b37b5cda6e2454777eedb2e3a7c8f62efaa8b5653d425531d2d594
SHA512 afc1fd32ec2b460ac431fb933c228c207a89806df544c1b06f26e0dbc4d51ba93baed337790cac16ae1352f9b272c92386b4de9f399cc53616342d7d9d3d7fc9

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 84b94c74a6f41e4bf2846745b51a7cf4
SHA1 d0f6664c5f3189d62963ab9d66e18ed3b8e84f1d
SHA256 c238e99be1949511e02d70352deaf705ffb19021a718936030fe03a07c9b60c3
SHA512 77272f8d08b1217d3cc93d5c80bca6a46a4e86d5e3b38971711748b8da399cf580b278f30689ca3300a22788e907141cfb95a7d936d728f033baee7ab9d90249

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 174d9f189bd0235b600429e3bca7b2f4
SHA1 85fa201e311ab5d7840f27126b46d0cf143570fa
SHA256 1918453d6d5bc83e312b82d07c30dc8d47dd652f79f148f49544e945a66d0f55
SHA512 08726f06f67fa6e1995d2c6da973bfbb7aa1238b93783e8a2cf621a5b2e093bf9010697331c1cb22c8d86fdc404875e25bfc65f8416309bbcf1395d920f878e7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\sessionstore-backups\recovery.jsonlz4

MD5 9c0c0ff508ed57c7cd51071b65f75827
SHA1 5da50240333cb4ce3be36df1ee00753074b2844b
SHA256 826baab67591f17b5d10ffef2a2c2c0fd050b596d8997eb1b86451dc5b64ce7b
SHA512 bf23fda738bbe2a5e965b3677287f1d287f4bb57c1b2f2fee54cd83df562c08cbca084708a62841fa46e7e3d155d7cb631334710b6974b993e4f402b0ec52961

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f204a0e287e77ee38b9a3a60b9ce1646
SHA1 ba903e74291265aceb2fe37ccb8b5af5040156d9
SHA256 33177a8f84957e092283070c663104964ef48768563657819272399a62d638bb
SHA512 2f03940242470f16b47edc69d3c0613ebbf4872543225a91bde0f0698d55adfaeb7fe4b4084c5fa3a53c7932be53ff49ed07b808d6bcadfba012b247a5ef8581

Analysis: behavioral2

Detonation Overview

Submitted

2024-02-06 17:55

Reported

2024-02-06 18:02

Platform

win10v2004-20231222-en

Max time kernel

150s

Max time network

151s

Command Line

"C:\Users\Admin\AppData\Local\Temp\file.exe"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-3803511929-1339359695-2191195476-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\file.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3803511929-1339359695-2191195476-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3803511929-1339359695-2191195476-1000\{29BC68BC-71A4-4FF3-A30A-56B3A4B9E9A9} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3803511929-1339359695-2191195476-1000\{0357238C-6820-4EC3-982F-340EDF760D61} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4212 wrote to memory of 4012 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4212 wrote to memory of 4012 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4012 wrote to memory of 3088 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4012 wrote to memory of 3088 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4212 wrote to memory of 4328 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4212 wrote to memory of 4328 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4328 wrote to memory of 2276 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4328 wrote to memory of 2276 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4212 wrote to memory of 3220 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4212 wrote to memory of 3220 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3220 wrote to memory of 2560 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3220 wrote to memory of 2560 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4212 wrote to memory of 4860 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4212 wrote to memory of 4860 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4860 wrote to memory of 212 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4860 wrote to memory of 212 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4212 wrote to memory of 952 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4212 wrote to memory of 952 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 952 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 952 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4212 wrote to memory of 1380 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4212 wrote to memory of 1380 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4212 wrote to memory of 4088 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4212 wrote to memory of 4088 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1380 wrote to memory of 3664 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1380 wrote to memory of 3664 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4088 wrote to memory of 860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4088 wrote to memory of 860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4212 wrote to memory of 4748 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4212 wrote to memory of 4748 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4212 wrote to memory of 4168 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4212 wrote to memory of 4168 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4168 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4168 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4748 wrote to memory of 3248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4748 wrote to memory of 3248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4212 wrote to memory of 3704 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4212 wrote to memory of 3704 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3704 wrote to memory of 4612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3704 wrote to memory of 4612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4212 wrote to memory of 4640 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4212 wrote to memory of 4640 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4640 wrote to memory of 4420 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4640 wrote to memory of 4420 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4640 wrote to memory of 4420 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4640 wrote to memory of 4420 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4640 wrote to memory of 4420 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4640 wrote to memory of 4420 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4640 wrote to memory of 4420 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4640 wrote to memory of 4420 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4640 wrote to memory of 4420 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4640 wrote to memory of 4420 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4640 wrote to memory of 4420 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4212 wrote to memory of 2460 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4212 wrote to memory of 2460 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4212 wrote to memory of 3080 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4212 wrote to memory of 3080 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2460 wrote to memory of 4468 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2460 wrote to memory of 4468 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2460 wrote to memory of 4468 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2460 wrote to memory of 4468 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2460 wrote to memory of 4468 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2460 wrote to memory of 4468 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2460 wrote to memory of 4468 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\file.exe

"C:\Users\Admin\AppData\Local\Temp\file.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ffcffdd46f8,0x7ffcffdd4708,0x7ffcffdd4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcffdd46f8,0x7ffcffdd4708,0x7ffcffdd4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcffdd46f8,0x7ffcffdd4708,0x7ffcffdd4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffcffbd9758,0x7ffcffbd9768,0x7ffcffbd9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,15896189183217479833,4466031017882773117,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2716 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,2755449787579215437,18407400228110249727,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,2755449787579215437,18407400228110249727,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1892,16233708871632715365,3545870186504776669,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,15896189183217479833,4466031017882773117,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1892,16233708871632715365,3545870186504776669,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2076 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,15896189183217479833,4466031017882773117,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,15896189183217479833,4466031017882773117,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcffbd9758,0x7ffcffbd9768,0x7ffcffbd9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcffbd9758,0x7ffcffbd9768,0x7ffcffbd9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffcffdd46f8,0x7ffcffdd4708,0x7ffcffdd4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcffdd46f8,0x7ffcffdd4708,0x7ffcffdd4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,15896189183217479833,4466031017882773117,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4420.0.249243587\1092008855" -parentBuildID 20221007134813 -prefsHandle 1868 -prefMapHandle 1860 -prefsLen 20671 -prefMapSize 233414 -appDir "C:\Program Files\Mozilla Firefox\browser" - {21137f02-dc73-4175-8b3f-06e7e4e11ce6} 4420 "\\.\pipe\gecko-crash-server-pipe.4420" 1960 1e835dd6758 gpu

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffcffdd46f8,0x7ffcffdd4708,0x7ffcffdd4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2020,3144049361217592898,6557780679482140703,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,8988416066473047104,15439108979856873950,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,15896189183217479833,4466031017882773117,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2920 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,11389545025322980110,9561642375723971560,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcffdd46f8,0x7ffcffdd4708,0x7ffcffdd4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.linkedin.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,15896189183217479833,4466031017882773117,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3160 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2044,9072461178869487056,5939996350993579146,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,15896189183217479833,4466031017882773117,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3928 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4420.1.121195816\1458484895" -parentBuildID 20221007134813 -prefsHandle 2388 -prefMapHandle 2376 -prefsLen 21487 -prefMapSize 233414 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2a11f911-0ea3-4709-8c8c-d0393eecd25d} 4420 "\\.\pipe\gecko-crash-server-pipe.4420" 2416 1e8292e2758 socket

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,15896189183217479833,4466031017882773117,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4504 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,15896189183217479833,4466031017882773117,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,15896189183217479833,4466031017882773117,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4824 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4420.2.1274668002\816146341" -childID 1 -isForBrowser -prefsHandle 3356 -prefMapHandle 3352 -prefsLen 21525 -prefMapSize 233414 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {28f45e96-13d9-4d62-84ee-bfc7a7d80721} 4420 "\\.\pipe\gecko-crash-server-pipe.4420" 3500 1e839636158 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,15896189183217479833,4466031017882773117,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,15896189183217479833,4466031017882773117,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5840 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,15896189183217479833,4466031017882773117,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,15896189183217479833,4466031017882773117,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5008 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1632 --field-trial-handle=1884,i,13110677525607872183,10693082013025636511,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2132 --field-trial-handle=2000,i,15575460159831942685,18136919845100092399,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1976 --field-trial-handle=1884,i,13110677525607872183,10693082013025636511,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1992 --field-trial-handle=1908,i,6270883372575099606,8599972248829385797,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3840 --field-trial-handle=2000,i,15575460159831942685,18136919845100092399,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4420.5.1605486946\2055924841" -childID 4 -isForBrowser -prefsHandle 3860 -prefMapHandle 3864 -prefsLen 21631 -prefMapSize 233414 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {50de9401-8579-405a-b189-9a9aa4f02c83} 4420 "\\.\pipe\gecko-crash-server-pipe.4420" 3968 1e839636458 tab

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3796 --field-trial-handle=2000,i,15575460159831942685,18136919845100092399,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4420.4.571936345\459674221" -childID 3 -isForBrowser -prefsHandle 3680 -prefMapHandle 3684 -prefsLen 21631 -prefMapSize 233414 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0b1e8d0d-d376-44a8-92cc-a15db751c324} 4420 "\\.\pipe\gecko-crash-server-pipe.4420" 3668 1e839563658 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3204 --field-trial-handle=2000,i,15575460159831942685,18136919845100092399,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3196 --field-trial-handle=2000,i,15575460159831942685,18136919845100092399,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4420.3.1137799135\963931861" -childID 2 -isForBrowser -prefsHandle 3144 -prefMapHandle 2864 -prefsLen 21631 -prefMapSize 233414 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3aec1770-c382-42b1-98e6-b1f998c2b9d9} 4420 "\\.\pipe\gecko-crash-server-pipe.4420" 3060 1e839562a58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1804 --field-trial-handle=1908,i,6270883372575099606,8599972248829385797,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1904 --field-trial-handle=2000,i,15575460159831942685,18136919845100092399,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1724 --field-trial-handle=2000,i,15575460159831942685,18136919845100092399,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4884 --field-trial-handle=2000,i,15575460159831942685,18136919845100092399,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5036 --field-trial-handle=2000,i,15575460159831942685,18136919845100092399,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5292 --field-trial-handle=2000,i,15575460159831942685,18136919845100092399,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5232 --field-trial-handle=2000,i,15575460159831942685,18136919845100092399,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4420.6.2102694770\1321369755" -childID 5 -isForBrowser -prefsHandle 4672 -prefMapHandle 4668 -prefsLen 25988 -prefMapSize 233414 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9d13e328-348e-4f37-b7bf-8ee536a8346c} 4420 "\\.\pipe\gecko-crash-server-pipe.4420" 4684 1e8394cb258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4420.8.370162778\1818468891" -childID 7 -isForBrowser -prefsHandle 5608 -prefMapHandle 5612 -prefsLen 26222 -prefMapSize 233414 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {af719b09-a0cd-4935-85f7-8f6fe8f9e2d6} 4420 "\\.\pipe\gecko-crash-server-pipe.4420" 5688 1e83bb3e858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4420.9.1308591241\628696306" -childID 8 -isForBrowser -prefsHandle 5880 -prefMapHandle 5876 -prefsLen 26222 -prefMapSize 233414 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1512ec30-7673-4564-9f20-f55967ff4bd7} 4420 "\\.\pipe\gecko-crash-server-pipe.4420" 5888 1e83bb41858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4420.7.438622091\1030088279" -childID 6 -isForBrowser -prefsHandle 5508 -prefMapHandle 5504 -prefsLen 26222 -prefMapSize 233414 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {dc73929c-e88a-4e02-bfb1-d80670a6b340} 4420 "\\.\pipe\gecko-crash-server-pipe.4420" 5520 1e83bb3e558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4420.10.2090806535\1551175298" -parentBuildID 20221007134813 -prefsHandle 6196 -prefMapHandle 6192 -prefsLen 26222 -prefMapSize 233414 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0085e248-27ed-4848-865a-9799dbfed041} 4420 "\\.\pipe\gecko-crash-server-pipe.4420" 6248 1e83d3e9558 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4420.11.871709329\1056422818" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 6368 -prefMapHandle 6364 -prefsLen 26222 -prefMapSize 233414 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a37eef55-971e-40a3-9bb6-b5b4890e4020} 4420 "\\.\pipe\gecko-crash-server-pipe.4420" 6380 1e83d3e9e58 utility

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2136,15896189183217479833,4466031017882773117,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4756 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2136,15896189183217479833,4466031017882773117,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4688 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3428 --field-trial-handle=2000,i,15575460159831942685,18136919845100092399,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2136,15896189183217479833,4466031017882773117,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4684 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4420.12.494012561\590374457" -childID 9 -isForBrowser -prefsHandle 2868 -prefMapHandle 2880 -prefsLen 26222 -prefMapSize 233414 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {001b9e9f-7caa-43a1-b986-d429a7645783} 4420 "\\.\pipe\gecko-crash-server-pipe.4420" 3184 1e837da0d58 tab

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,15896189183217479833,4466031017882773117,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2832 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3100 --field-trial-handle=2000,i,15575460159831942685,18136919845100092399,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 210.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 www.facebook.com udp
US 13.107.42.14:443 www.linkedin.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 46.200.250.142.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.200.46:443 www.youtube.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 84.177.190.20.in-addr.arpa udp
US 8.8.8.8:53 35.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 static.licdn.com udp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.213.22:443 i.ytimg.com tcp
GB 216.58.213.22:443 i.ytimg.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 118.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 22.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 227.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
GB 142.250.200.46:443 www.youtube.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 23.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 10.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.213.22:443 i.ytimg.com tcp
GB 142.250.200.46:443 www.youtube.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 udp
GB 172.217.16.238:443 www.youtube.com tcp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 209.205.72.20.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
GB 142.250.200.46:443 www.youtube.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
NL 142.250.27.84:443 accounts.google.com tcp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 44.227.167.82:443 shavar.prod.mozaws.net tcp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
GB 142.250.200.46:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 82.167.227.44.in-addr.arpa udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
GB 216.58.213.22:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.213.22:443 i.ytimg.com udp
N/A 224.0.0.251:5353 udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.prod.mozaws.net tcp
US 34.120.158.37:443 tracking-protection.prod.mozaws.net tcp
GB 172.217.16.238:443 youtube-ui.l.google.com tcp
GB 172.217.16.238:443 youtube-ui.l.google.com udp
US 34.120.158.37:443 tracking-protection.prod.mozaws.net tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com udp
US 34.120.158.37:443 tracking-protection.prod.mozaws.net tcp
GB 142.250.178.4:443 www.google.com udp
US 34.120.158.37:443 tracking-protection.prod.mozaws.net tcp
US 20.231.121.79:80 tcp
US 34.120.158.37:443 tracking-protection.prod.mozaws.net tcp
GB 157.240.221.35:443 www.facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 34.120.158.37:443 tracking-protection.prod.mozaws.net tcp
US 34.120.158.37:443 tracking-protection.prod.mozaws.net tcp
GB 216.58.201.110:443 youtube-ui.l.google.com tcp
US 34.120.158.37:443 tracking-protection.prod.mozaws.net tcp
GB 142.250.178.4:443 www.google.com tcp
US 34.120.158.37:443 tracking-protection.prod.mozaws.net tcp
US 34.120.158.37:443 tracking-protection.prod.mozaws.net tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 ponf.linkedin.com udp
US 144.2.9.1:443 ponf.linkedin.com tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 platform.linkedin.com udp
US 8.8.8.8:53 stun.l.google.com udp
US 152.199.22.144:443 platform.linkedin.com tcp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 16.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 1.9.2.144.in-addr.arpa udp
US 8.8.8.8:53 144.22.199.152.in-addr.arpa udp
GB 142.250.144.127:19302 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 127.144.250.142.in-addr.arpa udp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.16.234:443 jnn-pa.googleapis.com tcp
GB 172.217.16.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.16.234:443 jnn-pa.googleapis.com udp
GB 172.217.16.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
GB 216.58.201.110:443 play.google.com udp
N/A 127.0.0.1:59984 tcp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
N/A 127.0.0.1:51230 tcp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.46:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.46:443 redirector.gvt1.com udp
US 8.8.8.8:53 r4---sn-1gieen7e.gvt1.com udp
CH 74.125.173.169:443 r4---sn-1gieen7e.gvt1.com tcp
US 8.8.8.8:53 r4.sn-1gieen7e.gvt1.com udp
US 8.8.8.8:53 r4.sn-1gieen7e.gvt1.com udp
US 8.8.8.8:53 155.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 169.173.125.74.in-addr.arpa udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
CH 74.125.173.169:443 r4.sn-1gieen7e.gvt1.com udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 18.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 34.120.158.37:443 tcp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
GB 216.58.201.110:443 play.google.com udp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 189.178.17.96.in-addr.arpa udp
GB 142.250.187.238:443 youtube.com tcp
GB 216.58.212.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
GB 216.58.212.234:443 jnn-pa.googleapis.com tcp
GB 216.58.212.234:443 jnn-pa.googleapis.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
CH 172.217.168.67:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 67.168.217.172.in-addr.arpa udp
GB 142.250.187.238:443 youtube.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 21.236.111.52.in-addr.arpa udp
GB 216.58.201.110:443 play.google.com udp
CH 172.217.168.67:443 beacons.gcp.gvt2.com udp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 e2c23.gcp.gvt2.com udp
US 35.184.229.211:443 e2c23.gcp.gvt2.com tcp
US 8.8.8.8:53 211.229.184.35.in-addr.arpa udp
GB 216.58.201.110:443 play.google.com udp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 beacons.gvt2.com udp
GB 142.250.200.3:443 beacons.gvt2.com tcp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com udp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.200.3:443 beacons.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 1386433ecc349475d39fb1e4f9e149a0
SHA1 f04f71ac77cb30f1d04fd16d42852322a8b2680f
SHA256 a7c79320a37d3516823f533e0ca73ed54fc4cdade9999b9827d06ea9f8916bbc
SHA512 fcd5449c58ead25955d01739929c42ffc89b9007bc2c8779c05271f2d053be66e05414c410738c35572ef31811aff908e7fe3dd7a9cef33c27acb308a420280e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

\??\pipe\LOCAL\crashpad_4328_NQIFEFFHRSTUOFXR

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 a43c5442720748bc3520106b9b6d4737
SHA1 3ae6a4bbe5cc3acc29b02debfe78a366e7d046ab
SHA256 0e33c15bae9de0161695319643a4e46b888255d6b11af246e2050f7863708e3c
SHA512 9167b7a8ad92b7b82119edc9591c28d53b18256cf2259b6bbccc7c5c1833d20be514393845c6acce3dddc44d71a2c258ae27da3ea0ced8cded56e689f0b4479b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 29fd08a4644e48fa091790c9248590bd
SHA1 a8484d476d169b05b7f59d9e98a52647a3735ed3
SHA256 9cbc978fbd4578bd88484c847674e7f327adb17aad24bb4bf84ffa532c8f5538
SHA512 1a78094961b02521629729bfada6aa00d4779da4910d9a9e56deaf0c86f24f740c139bca76e5b720a4b2212ffe5eb4767edaf30a5a5fd203ed90eb113318215f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e3f24b8dcffa03da4ee41734227566c3
SHA1 b2bbb3cc16db34fc31aec622aea894dc3deaf705
SHA256 f3b03ba64f6b34fa86a27d77b6b4f3f8c4771e6afc1497dc61b0c04bb33562d6
SHA512 b7684ed39c2964d60a8e094369fca0b043a000c6f704a152284cfcd68caac605835618c89875acd7f5aada767d3c4e853d25ce68ced165db309be137ac08d2b7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0913a1cea9c1c2a794c2d3ec3509765c
SHA1 8a2f5a6d6602d357d0666200635b38f194b010bb
SHA256 95bec9f374dad0c55187a452833632d784f45443639b346a051e148f00b212ba
SHA512 3fbd29d622cd8b79aed7778f22d4013e09a677c40c16382b3d99bdc4e78ef9f3818a9bceb474bf0e1113d41ad357709d3ea671581eec7ea10161422d0b89a9d6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 b820279ff2dce54035d3d1f36d8b93e7
SHA1 05086f69cc3b30770f11625e78b928cd5c6ca9cc
SHA256 42d8e1ee9e33d0d0b9ffa03b8ea296ca7876cc2ecd095e5222220d8c067f5142
SHA512 f98bc8a4a398d25cd50237600f80d6e638f22fc85b7cbf3dc2f8e1864d7a900e3392322850bbe06140294450b5a036cfd64c1dbe8d90403cea19a31076f08a79

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0a6ee837ad3f039877a277cd77218349
SHA1 f3976eabca996c97fe57edee45643643ae1c7c6b
SHA256 7be132730a7d8baa21892fa4f0b37b90ef9c4678f83f188e1a6acb24d7349022
SHA512 671085c65c70a4a14e1e6e851cfe7bdd3622d264818c8e6a2b009d179c8fd5be9d0d1f7892bf11c1a2bc99f61ac2a5be689ae9a577304d88af11936a6ae6b830

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 8a1d28b5eda8ec0917a7e1796d3aa193
SHA1 5604a535bf3e5492b9bf3ade78ca7d463a4bfdb2
SHA256 dfaf6313fd293f6013f58fb6790fd38ca2f04931403267b7a6aef7bfa81d50bb
SHA512 51b5bec82ff9ffb45fee5c9dd1d51559c351253489ea83a66e290459975d8ca899cde4f3bb5afbaa7a3f0b169f87a7514d8df88baaeec5bd72d190fd6d3e041b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 5acef7953aceb270e9f6c7852155ea53
SHA1 7ae1d624128225fb0f1a1e0e1130ddc465b4cebc
SHA256 755e0412408893320716a1bfe46ad3e38cbaa7f359ee9835169b4588f40bb59b
SHA512 9eeb2321998105d977301b37f914a245f4bbc4a34900643fa4534a84fea9082eb81631394e3c49746afca75971692dd0e83af6172488df35362a9a9e56991780

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c3acba23d5f1819d4007f759081e8394
SHA1 4c58e457109192cba58cc5c70dff8a4ce1639064
SHA256 3169ef18b4289e21da3bf71fd630d8758bba58a61702b38075e3381bcc4e90ae
SHA512 648f7ee8c8446d2efb50cdc796406bf33b4d17d2092d679a54c1725400e093c49bd855c4920b26d2aa5382d2ca8e14e36baa18978eb09f41828da21d5453220f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 60245d9691c439aff59cc4c9670e21a1
SHA1 cef093690ff31a1917164b2448c60e39e02e6067
SHA256 607933163869e1573e462be3073c14ba27bf2f23fd6c6086d979f1114578fb49
SHA512 c8593deff0bbd125f8f91df027fea3141a2d66de04d92306d4cfa2e9c3afa4a50e300b1b8ee469bf2ad0184c49e330b5265162ceec579779dfacd6711ae907aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d11908c77f363dde8cea7192ed39e677
SHA1 6cef77e7a197ac619840894d3ca954adbb235d62
SHA256 75f332ec33d16b60265ad4caf48ccb062fda5b2bd085d13e619626d15e4799ae
SHA512 af6379866794f42993cfcb85ff9130a7b25c6419d6b0154cafe8327b4e6bc278ce3749882d28d43971a00ff22c9788a663e83d37975a1e3b2f9750f800e19bff

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\datareporting\glean\pending_pings\24151d74-4fe5-479a-8434-9643dab268f7

MD5 16ce8a73ce7c2326f3b1cb11846bc4a6
SHA1 5bae539fcd5a88a8b902ee8c55eec15b68ddfa57
SHA256 a947f38380fc753307f2384bb66927d91f21eb7b509c34758176d7ab9f161221
SHA512 12b56c35f8ae5a7d2ba2ceb648e8836181019b7c011dcb0f013ce49eeb8b62304a3929fd3319240a601d809f81d2b8a8b6e9f8f7e888c9b03c33f8f57206f97e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\datareporting\glean\db\data.safe.bin

MD5 77c70a2a21c52892b931181072eab8c9
SHA1 26657d7ca1faa680008bdbe7017d5aaad061f428
SHA256 7c0b4b0b641c88987c380189164663f9dc324f033a10e94f1a30d9f0d675eebf
SHA512 8908d74e9cbbffbd64af41ff8a53b945845e2b702b4356d2c37d1087082abf48c78e632e30f5bad8f9bed394b19c80b89bbc8ca4056b011cc6902616e78f69ca

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\datareporting\glean\pending_pings\de88c7f9-36b6-4af6-bbb1-5bf01ef1cab2

MD5 134cbf869395d64eeddf1ad8066e6fa5
SHA1 05610836f86e0019002fa63cf26c6e66dc8586b8
SHA256 f4735dece92b377b46e24940998f891fd9737bca2261b7e0f4640106c6883338
SHA512 fa1bbf5eb5c23ca27cf4be9bf9032a4d70d2a27a4c8d5bf81bfe8bcc10f81750e65c5b477dc5f80a54d2ae1d20efb41b02b90943e310213326392d955bf49770

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 1e551f77e9ba8e4e72070809d81a6ef7
SHA1 02a60a5f8c406cc1083629b267239e7a5e955d46
SHA256 48c4e44407894516c4d7264e4ff9fca0d500dc7479d24e9fdd39794931f719f0
SHA512 5143b0228e927de946a58b7b39b42df89d64c0b9fe5d7b640b3944674fb52e2045c91fe6a42f8083f5f011c28ead0e3ba9f49d1da8165afe611b4f3e01d8e354

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\nbjxj16p.default-release\cache2\entries\A9164E636E3D398733B770CAA613EB6B3F84EA35

MD5 98ac2038e4fb24f4c585b8643d7ed55e
SHA1 b4eb12318178e3a9954e31b42d797d7f418a243b
SHA256 bd90fbb46e6fa03ea288959d050d12c79adeb5a04e31d5240c4720ed004b0a7f
SHA512 0dba716d7a20489da764d6f473c14be9ce8cfb9bbc947c29a3247a14996f4b4a1ed565552e9f348784583f626e7531bd96783bf5eeb2fce052c3e4693089ab32

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\prefs.js

MD5 d1b23a674f5fd345690891d7a37749e5
SHA1 1bf9d95d16d8ac6050b352526ac1a680f620e53a
SHA256 38f249e3c70302f487cbc7c3934758ba128f0f26742bda9f46f9f979fb8e4230
SHA512 0c07a844b86fb16a3e3d19b5e07ddaab6a6433069558f90896c0a3d098b8660c084c098f3abed707fb11747e237cd661b25e123f075ebec71bfe2a7e9ad3a99b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\sessionstore-backups\recovery.jsonlz4

MD5 b5f6f5a71214fba69c72fb1e77bb1aa3
SHA1 2f2fa691a880fc88b83532aaf78ecd807369a0ff
SHA256 5cff12c32442adcff889be34e39a9e749a0d33d10c925f6b783b6d64e6022f59
SHA512 cf88b44ef8a70a5f50ccd8a10fb04c8d18dea19e87c7993bb36c2b20c9250eee32c6ecdea70d61ba98eb576ca23858ea10bdbe145873a5969fe66e41664ae9bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 24c97db048112f170ba4b6c226457eaf
SHA1 60a69923c9fab7ad8a709dd77fea2521eccd8e30
SHA256 95294140502ede463133df3f8d305e91bba4ee085eb873f2a0690c927c100ff6
SHA512 deace1d1014c058facde65bd33f7312547466f10a09be8b33abc8255075d2c3aab4837d995301d46fd9500805c7db06e491cbbdbad262c9751f4cb47ab84451c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 d1a0d8504b6a46215e2a4cf521ddb7b5
SHA1 3d6e16808a1e17ccdaca99f37ed30468391c62e0
SHA256 cb357178d5e09917800b0669d958b5517c4f8b322c01f2adeca3ea7fa4e707c1
SHA512 2ee68d71b04a78e1bc353f66daaeac1ab9f2e1119d7b6974571f8ef1a7a20fc1ea3903f3d90f3feffe7d820339abed4a26cabb230ddba3baa415309daad2d570

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

MD5 09669771a406b60b62b161a198e46566
SHA1 59b8fd31bddaa4b535fe4c13768bca3dc023d3f0
SHA256 71ad351ad4c777c29f07da3a383b9f450f8fd390f18e6a23605d72d5c848786f
SHA512 f1391aa207abefbbf67465f0d65b01f0ec89ce5bc5e7907efd4077e24e1cd384b43c0a1bebb9360770f63eeefd9a3eec94c216f394ebc873597f9fa25d265dc8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7d67d9beebb993d3e356e802132050ec
SHA1 dd536fdd624c30d11881bf1237910ffa2be0fc9f
SHA256 9b771f0a2d95b03a7d23a23c50c28cb864a8f98032ef6c3718a37ed00c12711c
SHA512 2389ca881b2acc4db3e257d48eee6e824993ca7b2fa50346670389004856514e1c6834426916a8afe493f2c8ad5e1367bd8788603173fbfc93c346af2c2f3bdf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 6a2d775d769277612a796454b727f404
SHA1 3180d339a289687eee1feca7e6cb6a08abb48340
SHA256 5dbdf64dab17a3b54845fb68a6246bd9b5f412eb4dc836156ee68799de06e77c
SHA512 a29d2b2cd0cf7f7bd92fe9e0f812e0f6ec83a5a295afd5e8dffbf3d0734f7befe02e1c80dcdd28ea7812bf274fda6ee580e2dea5f90f74996a6fba1269738a7d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

MD5 856a6e059b07e8da92b31a2cd957ba79
SHA1 db9e2b887e0c6908a5d40796205144e03c967a67
SHA256 336d420b7359d9dcca9145109e89e97c940aa8ca7ac0fb9cfff0a4cafd870b27
SHA512 e598d39a20d4ed5269a5828c44f2e95446cbcc94f1c28daa57188de8323abc3e67bb2387ef4a7d13e458b049d9e762e839bbf984854893006d91e2282ea1da25

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 92c1a75e44c7006e1666383bd2538b2d
SHA1 af87ec0804592aa3d84ebf011b756ec604859c87
SHA256 f483e3a3e8541540eccfc6676291a7b7a216c3deb4a5acf6e6b19f057f33f433
SHA512 c8e0154dcc36d088e0863dde3aef20a4338d2c38d1b5e2c2b114cc8bb7ac97d970fa910ce8de5cf089a550f5aee7ca7a38f8e45b51dfd4d71a7671c01e20efde

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

MD5 5a5c67772d44eca9ecb08e0ead7570af
SHA1 93ffda7f3ac636f88f7a453ba8c536fafc2d858b
SHA256 eef62541016d82bd804928b0fe0123d9ddbc20c2f4c0198ce98ae3adbf9a9c7a
SHA512 14a649db943dc9a756e24a043c5a946ab0dda3cdecbffa090bb71996ca3a35ad674052895a496195799def768ea318ec4ce8b97e4f2350106c84a6c4f50affb5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

MD5 b1375326603fe65cd42df7fed7ce5c45
SHA1 a7fc9a7c979e62a0bed17ae5e8da74738d3e25ba
SHA256 c9088547ff6883a0646b7ca0c27b0696524be01431ce0059c4ebe765d48dae06
SHA512 1a381b6193bd8380bdb81934bb0b5f75a514c5fb878ab70dd1f7ff5c5be397298d0ca4cbe1c65ca245074ee2052322f89487807b9f73f780851f3a074f74ced3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1e22b6cdcf1ed68fc2fe85cf1f33493c
SHA1 236b7c521e7f66cfd140a9ecdcac0a0ae231dbbf
SHA256 529695ab5c08979efed262b4c17c7e411a7d63d6be1ec5d0765781257db03c0e
SHA512 01fc0678cf232b3c64506a1ed08b10dd8db7f567f1dbc491926b23d2e07108152e9f9af492eef29efbddfd4c750fc9c309b3e4b5ffa91643a3ad221db69142d1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

MD5 5726b8078f29b68b99d29da545b0262a
SHA1 823550bac67c51a5fc846ddc04b8b4aa8e96d25a
SHA256 1032b22880ecb505e698a8de85a155c8a893c069ac94d72286ddf726cc4d80c0
SHA512 40bd30b4bd56200de6c8b649a5f73c6e90312335c9092aec1e2a3efdb1a37eff3e24760df8b85b7cbe62277730f6491ddec559c3f1e1e098c2f950f777814ea8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 e664066e3aa135f185ed1c194b9fa1f8
SHA1 358ff3c6ad0580b8ae1e5ef2a89a4e597c2efdc5
SHA256 86e595be48dbc768a52d7ea62116036c024093e1302aced8c29dd6a2d9935617
SHA512 58710818b5f664006a5aa418da6c8cd3f709c2265bc161f81b9dfe6cdb8304fabaa4ce9deba419fe4281623feeeaa0321f481ae5855d347c6d8cf95968ee905e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

MD5 e1cef60dbd744768d0bb35b469ae17b7
SHA1 f58108a5719f8dd7b6459290f4ec156f4841f4b1
SHA256 b061a2596b234a39e34d8c82da304accadb9dc31c113a54b747fa85ad44ff004
SHA512 8bad36275c1881eaff3842d10808bf909a9c702a2c234aee5e4b484945dc3523947584722ae2e45c28f6bd1e7f0dd5b114bebdb099d1f76bf28519215dbef12f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 3fa057a53f831ad6f787c01bdde50221
SHA1 a1fcdbaedf935bca14b366514cf7fee3e3f175a2
SHA256 efef42a7e15c6cdba8a3e03452281dbe161deb054dc90858abd0e54cc18c34b3
SHA512 6b2620574a789ad95a4e63ecdf3f76d84fd153cb664b8ac844054531b408d2d96785738efd74c1d761d5c10ced1be9ea4e9c1d019f18e2d991dcd54095cba635

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

MD5 87c28eb50c5bd0d3d260d1d487e2dda2
SHA1 e40ec4ae28c5ed24ccec7e46c2b553ca6336affe
SHA256 5f058c881fae307409fd8ed3120b3a0451cfc065a44310893557427223dd232b
SHA512 126f5ee211d869bf346f246476a6bf408f5c73d53cbc0e433909d0f2dbd704492225eb70f002f43fb3c71605f7b6caec251868699efc76e6dd9ae83cdc1e7a28

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

MD5 73f0575de5a9ba6cd2ab37308265fb56
SHA1 feeeecc6d0f4b66e2cfe50bdddf03e386e493980
SHA256 af9e40e95c32644dc21d988b86b51cab4bc5912a3345ac31de4e7af8173a7cb6
SHA512 7f14925c608a0e91bdee34965380e36fa146758e2418651419f7f36500ac84c8d573e9edce77989e493a73cc969fe0f1a9af345db6553970dcf0d43faa6f34a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

MD5 df4674fb2cbe04d435de09b8718d2206
SHA1 c639c65370de35d185ebf1f932a85dafefe22976
SHA256 9d220099005c25460295bb5b2c77fac5bb759ac276a736caaf7c3aa5bf7c2bcb
SHA512 4a8ea5fa810de8f34cb53ea281d2b58676de6f5e44b14141b16b4b9b3e4c2207ea7cf0a3841b0188e130d9add137ec677d558893eb41ac580383dda44e1cc641

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b1c883da1bf7f9dee84922e022bf105f
SHA1 9c5835d807f03272c3640f04b67cddc1d2ae6b6f
SHA256 92d3832382d2d1acade0abf8fe9fe3f0fa8a7f2009ec4611d41e58edecb8a94c
SHA512 17d3b0070e77e820aef681da4af310725b219a6630294c878afee75edcfe8001e9a15e019063a4529f53c4159e6420ba47c51d31f7561b3b7ccad73e3c51073c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

MD5 7665c7795e9c704745d2e1eeaeba9aaa
SHA1 160d7ae2304305d441ac7eed11322903c3d624fe
SHA256 6b0771ea2973709522a071349b428b94221df63edbf90e416ccd874b687bcd05
SHA512 33166ce5311d31227a9ead19a3c164d24779592aa0950657203e3b888446505b3b9a0875ec8b410f4b89dd7b5d6d41f80aa7d0b2c0dc3dfddb633e9b7c685e03

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a0e32dad8fe705b9b7d2324ddd01776c
SHA1 8461234b0f227c32fe0803f6fb81ca431d98ea4e
SHA256 e07225290a8d5680998a74aafa3576e9b0e5b756d23069b79046de1bac51460b
SHA512 6caeb86818e21c2367dda00a17b34fc7e605b99c1646c2d6f9892ed58bd2a093ca7300cc17a38f7341a474c40c4898edce8273151be914ab8761c23806f25b60

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

MD5 c24509b5c94bbc7938d432e43df80930
SHA1 7e3393ecf872fd9de12bcf982793e77f8014048a
SHA256 7e3e1f385dd12010d4ab92f2178202bccee67b0f1b598bc009cda801bc6b8a7e
SHA512 a6fa8443dd66f7fc89b50768e0811a73b3810bb92ddc5eadd077cb91a96e774df1e5eec33ba92fe559d6d2c91b32be986113386879d282f60cfcd5faa038c8a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

MD5 40565ae77bdd56c5065c3040f299cbd3
SHA1 326505677956a0caa2d8c422b300e510a0c44099
SHA256 a366a1cec37da47e00204083349df8c8ab365b666391bad9298ffeb692539ad7
SHA512 630930aff08acd9b76e3267597fbcd35cc74f4faf0180d8b164896b8ea0fa487f92cd054f0ba3382dfcfafd8a29d7b202ba4c291c6be3f2900cc4f64963d62c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4748_247921803\Icons Monochrome\16.png

MD5 a4fd4f5953721f7f3a5b4bfd58922efe
SHA1 f3abed41d764efbd26bacf84c42bd8098a14c5cb
SHA256 c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3
SHA512 7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\storage\default\https+++www.youtube.com\cache\morgue\53\{0da9a8c0-7dce-481a-b992-924fe3423e35}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4748_456686103\Shortcuts Menu Icons\Monochrome\0\512.png

MD5 12a429f9782bcff446dc1089b68d44ee
SHA1 e41e5a1a4f2950a7f2da8be77ca26a66da7093b9
SHA256 e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37
SHA512 1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4748_456686103\Shortcuts Menu Icons\Monochrome\1\512.png

MD5 7f57c509f12aaae2c269646db7fde6e8
SHA1 969d8c0e3d9140f843f36ccf2974b112ad7afc07
SHA256 1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f
SHA512 3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\storage\default\https+++www.youtube.com\idb\787055198yCt7-%iCt7-%raefsbp4o.sqlite

MD5 48344f57a746b5e4a902c0ae449ebce0
SHA1 5e4b3a3f0953f17362b6a6f7cd0bd58c15c7c054
SHA256 810dca39346fb8c9090495efdd441595e0d53c63b06b44ec9a577566656a77b1
SHA512 8f00c0a265ab343de8d954ad5b1577a8119ed6cf9e6a791afea2f15cf4cca0e081f0637502a10ab7718f502cd6d4b24dd02938fbe5143d58cb0dd08ab644fdc9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 d4a5c12f5e1a43ded77c6461ce5a41fa
SHA1 e9cd4434c4bc8cd09b6bb4544f06bd6cfb1ec714
SHA256 837fa0ebfaaee517fa72d16ed0f2fa1bf8871ef47b769b72ff87c1ed691fd636
SHA512 79c06ad9a5ccb40d64c73364f56f4c85e49bdf1277228a5e8099073d749f0714194f440747ac7b5238823e4f932596ac2f8a2cdfd76652f02cd5377175653026

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 f19769bad153dd199bde018ef5017cb8
SHA1 d538264971f7093b520d434a1d771cfd2c61c9f5
SHA256 8bd2124c7118f09062c3c92cb2caebf55043ed13014190913f5b2ecd09688744
SHA512 37dadebc002ecd302b11e36ecd4311f6adc33c138a2bdf68272c0171a33b7ca5eaf7d9f2ceb744ec6cc6cb5a9a84b6907f509c86b27e0fa6023adc442b7e6b94

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ee477f5b08eb470dc98a50cb72fe51a8
SHA1 14259582701ad821cb94e948da828d4994d3b908
SHA256 a5c0f034b793267eb5b282b1ebba21fc9ab73e38ee2de8ccdb3b508f06760424
SHA512 1210f1597b38f79c2f917583d9789ee2a5692a7fbf34f556a97faa27b044c24c6baf289640d6575e8b7e3b6baf19f30d1877b103f7bfbd9edcebc318eb4f0f72

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 028c16ac4ecc053be62822a519f952bf
SHA1 221824f110dbcd95e0e451a05fa3a032f4aa524d
SHA256 b66c3f5de9d8656d4d43994c8eb1cc1b595a95ba8bf0f969562ad15339cd76d1
SHA512 682d39543430658d9677cc3a7e9132551035f21c4b88f6542d3aa4f0a1c5c297f69fa4e5a06c07565c635fee83f1366e98f08da0b98a23decceff6b6b91f8f0f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 841b089895009fda1e9676e9a5c8eacd
SHA1 1f17b88854afecaf144984f6895f39ec66b36feb
SHA256 f6d78a7140c5a7c3fcf7776da3cbf387fdbb18231f34fef0692f96951208b2ec
SHA512 3995e2efadb22da28ee21a6dacb16b9e9a292fcf3cf9d74b4690fef48e310a043a1286e90bc54d29564cc290221d267ce5fff32eb94363d550afdb84cc5a7fb5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe579606.TMP

MD5 cc36ec9ec3358c29d4177a23e3c6c193
SHA1 7f9c0edd906931ede970a30070eb0886e90c746a
SHA256 839471fbba21b7edc2071abe5ad3cf9417cb6282f791002a774d716b11a2a72f
SHA512 700af766aaabe23e3c74c927ad41c48079e219148defe9c6df448a69b3f51477f2f53aee8a0ebbbce8d5c2f2b771e17662cac69bf4759f4dbc64a63ff20311a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

MD5 81ac05c6d01d84d913a56c11909cdc7d
SHA1 55f6bd5429c5a35ed53caae2cd50d856edcb7883
SHA256 b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5
SHA512 0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57abb1.TMP

MD5 16404e4666abac0671251ab095005853
SHA1 7a6c8d0c1090657ada0aa4b57ff18a1b695e2ac7
SHA256 2252f8a968972abfa482b794274b8109d6f82f45ad2b9637f32d2fb07e0ed1fe
SHA512 78be6bca3b33e3c000f71472b0efa73da55563cd508223008bcfeec5b6bbb906e4b32f58e8e78ea2060de58e1082fdac6e84ff7add7e51d2e807f434203d67d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 598c6d4db70a9216e811e8219d954b6f
SHA1 f29a5c5671f91e2d6c89d19ddfcfc24c783b94ea
SHA256 5d360531b27cce2b20a65257ac5bd409c36d36d212954d5b3b85e8a86e824030
SHA512 1efec0f37e2d70a0ba82c256b535f133734dd1b6d1cac708dfa17e2b6072be182c64ded54e6cbfce4f4ca140e794a562c09f3065e88454c58efb07a9ce8dfebc

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\sessionstore-backups\recovery.jsonlz4

MD5 53b0f17ecca1c9249d048f19e50248d1
SHA1 d55cb2169b651526e37efe414accae2140d736a5
SHA256 5feb73d949c4d5f9d8120b4670115f45e02ad005e71f17bfefeb30a98bda5b6a
SHA512 87ac16d7f2da85cd6b54bbdf967691417dbb5515a7bea58f2356b75ed3e41649918ce33024165b900d1b6ce8a1587985036a37f68237e2ed7c2a672ffe2b3baf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8b2a9422c441ffd9fb0707a18be60135
SHA1 e493df14330f044cce659057ac408ebad9f0fa66
SHA256 df45626f9a18b538e1f35730f9802f4abd404b30edbe25c372c3bc0f4f197e89
SHA512 220638be539749a2155e7cab8503d9f982292e89a33bb895ed4109cb201b0082ba98448786f8356c943e3456026cf59cd6e220e7abbd66cfe22819c1600ca34c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 34f7827d371d763c6678f2f842b1044d
SHA1 c4f7b8691ee07024a3cb18467043c825260e7143
SHA256 a6d0ce243bd99149ecae4b867dd7c5952f4f27a2f6186cf6ccb55b0ec57ec29b
SHA512 cd39d5ea3068c7f8c4456cdee11e3ebc0bfb01fd5783f9c74b5a6fec406744742a64984ffc05fc263ea983b07a4003f8dd3ca2e55d2388a91872564d12eb95d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 358bd224fcdf1bc8cfc2ea11ec8782c1
SHA1 d37128ab78c332f825830811c56ce0561d698dad
SHA256 234784fe7871d54ad1e2fe0a4ccbc82f6039ef4257c701117ac7e9f96e137032
SHA512 f979d4697cb9a6007e270680ea3c6bc7d946b5ecee64cced8dac67296d9179477398bbf75df91cf6e6733a557a5440eef74a11c0d56e421bfefc737d207add66

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old~RFe57b8f0.TMP

MD5 5f2152bd6c3da1df33564eba69a8f219
SHA1 bf49fc06de9d1f41aad93901d508a64d2b46212d
SHA256 4cf2255e0d7f2904ed8931b5d3fd7d2a430793a4d431860548cac4007b08c0a4
SHA512 7de0e0812a6480d979ae4574c670fb2971499972fe9df13ecf9adc73220a8d6d6e209541c25cb841ac7455547c50469e0115fb4aec120f2bebe250830de06851

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\prefs.js

MD5 a7acda5068a9f5aae8eceff72bcf811c
SHA1 68cabf75de204f88d23f9b8520dea166edbc6938
SHA256 c1f195eda7dea45517a7a1be969a9a5cddea71d52ebfc8120904d8a8397dd312
SHA512 61e0eb1f41b4c6ae32a1f0b83d66cf92fa2af6d36eeb4d650a583fc202b7581cb37d7ce34d857c583be25380a9d2216a7d670995b9293d4eacc2c1757b04b191

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\prefs-1.js

MD5 919c7c5f47ab061a50d340062efbce5e
SHA1 6be9ae69657e21a32ba607b31e4c6dcd94e52901
SHA256 b21ab3aff8161aa77ec61571152009bd0f347adfe60d032347be316050632884
SHA512 4bb20feaed0c36c8f2d3166eed79653008e0e4a5fca993df0db23d08a940c8d5562322e37d7b7b8ce3951e58d979fe00c966fdf138b2f8b9f940841237e3b56a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\storage\default\https+++www.youtube.com\cache\morgue\209\{be938559-c3f6-425f-abc3-8b254a2c53d1}.final

MD5 51bb0fe00991a2ae6707b3aefc583918
SHA1 21ec201ebf41ad57faaab02f7961ce5a746e6dbb
SHA256 97dc140355b2b45b54c3dab1ac66b951afae0bc742402cbc342be117f4424e0a
SHA512 41863cc0f1252366a5514dd62a06f4bba493029b8c7a35e19173b6d7f9114e7098fa35d284623b6641d28f7d7bee1ce99064987afc985dbf0354368f71f9a39b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\storage\default\https+++www.youtube.com\cache\morgue\196\{3ff6677a-8f49-4e25-9f2b-9a8fec8bb7c4}.final

MD5 5b0f165bbdb71faa1bb5b26c4f022e96
SHA1 704bbe81e0d8370e675246e1cbb347bf8599aa45
SHA256 b95a445bd9d295276e8423f1ad3fc50c740512a634f2115364217544bc87d44f
SHA512 6c521b2c55135ec98f79193bf9c62b73cfb1801cdeed03a9871878f677aacea46cae165a4290682768ca1c1192dff2e87b63c39228164d72d2c7abbe732f8d20

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\storage\default\https+++www.youtube.com\cache\morgue\174\{aa8742e5-7ba6-4a70-a4df-b12e74afe0ae}.final

MD5 45e25bb134343fe4a559478cd56f0971
SHA1 79f18ad0b7e3935c3231ced0edd8ea3c7997ca93
SHA256 dae4dd8e56ccc952312b3b238a1db294d4d7ad4f532c31cd1c2e5f9dee881678
SHA512 9b32b125c4183fe992630bc6ce9a511157959556fdce53f8264aba2aa8fb7b0e53b408b505da2cc96cdec771470927e74cba3bbd6eb71a5077e9f933cdc85292

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 da3e254be2ea3c7e373521e89f817338
SHA1 51436ffc2f75705686827eb47d4ad1b9eb2bc8db
SHA256 321c34ef83b700b39540d8d22fb0d776a9b63fdebca081faeffd7d1960824cca
SHA512 b205896cd8ecbafd1b1823076f34f1c907adbcd629b6856b48af2f9a7358d71439ccec61273882162fe50d774ea5fad8e32defa6cd47dc587f4c9b415ef87c3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9d2f6efc0dc80a07b8afe8e18e9b9d68
SHA1 37d199e05ed8fffe525bd7f43663bebaae2e6ba9
SHA256 57a466b2e5fc69b326d24dfac5cf132aef9eac5cfe1679719fd1ac487d48fd73
SHA512 2ff40d01b08aa461f5c0341a4eba3b81916f46eaa719c76614e380871a955ac73ec26859e388241e1079f818e44ac0d9bf8488d78e3482f41599e890e519f5b2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 51b92e8b4cb67192f28be7f4c67e298b
SHA1 782f03a1f32642f618e2c58fdc5e2908152ab9b0
SHA256 1f29d723bf4808520d2f3ed2bec2b44facfe5619f54d90aa83dfcd652dbaaef0
SHA512 d8e4fb55db5be4e8361f9bee58a9604df5108cbc15c422621c7208a11ca665531bec783d2a3a09588816c56d81e0f5f188a478b63319d7371c67db9fd9e8eb98

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 7c7714734db04dca7efce03dbf3c2b1b
SHA1 5167cb37880d8a04b8e00638907ad0820193f8e6
SHA256 b8c51913446328cf75571b048b6fbab6db542c09f1705bef4299d6f2a658eac1
SHA512 62ef6e419a4f7e280ff0dd3685f7332c19345d3842d835dba8b23185118bab89a6b5fdb34944f3c79abc58a1baec23be870fd0b7e142acad0aaad27335b11ac5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\prefs-1.js

MD5 531ff1cc38b0fccedf490b840f822938
SHA1 c663a479ca59668ef45b38db840fce18897abdbf
SHA256 8d554b877bb2449610be01e2beefc0fd1ab19124ce725a1837d693b5448c5e24
SHA512 65df3be9f8c1bd22c3963ab3891e018a57054992661289e92f3d6a574e27d3c5ea9ac326b14af12b6d46e756bb732a1ea7592fe14f3ea1f5016b1a4d319a5184

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\sessionstore-backups\recovery.jsonlz4

MD5 17e0382cf87a46b8bce3ff220dbc4eee
SHA1 a37c7e82de31c3fbcc92e36f8441812d1a40cd01
SHA256 f125308e13c6f78076cd3768b64ca7576ee2c51cfba69b20467e5ee011fa9d72
SHA512 cc774e16ef5df5feb2ace84808f48a19060b24e772ec4183f4e99df5bc4a53453648d3428f60a64465f104b875303c209abbd9ea07b344ffc76afa9044d33d54

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57f03c.TMP

MD5 11f17084b4e0e0ed63eecc771eeecd7c
SHA1 444cf9339750a4a34932aa955d665379fca551fa
SHA256 3ce821740581473405982b76c3b38d938eed4c99889d84ad1f58e1bae7e7c90f
SHA512 12699a7a38bff899d5a4be15ed0061cd83454730ef565999cc06d0231f1582c6c10e505cf14a0d894d11f06cd710f50b70eb4f0d85a37571736fdba28f32ecb3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 4776096e45afba31b557e9b5618e1f3e
SHA1 5b074e83db39812194558b879c77c9d8c0c91a43
SHA256 6461cac0dcba655f6542e9ee172105d92bbe377e84c5d7439b95aa036393c06e
SHA512 8c7203323a6c7d33f3e9e29562187f712081a4f965e09f45bbce152afe10906359c24737123c5e0fb80d44de5de8c82abc8a97963a026556dc5765ae811d7486

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 7c9e1d3834dace36526e1e388f132199
SHA1 cbe97761b1b6417edceb65fc54130c74f50521f3
SHA256 25ad689248e749390795f0f314012b269d432a12a9dd84e08a9dd075ea495c41
SHA512 e4aafab91edd9ea5de981371575694bb52af1066a63ee8b02f84533c9948767fc0508278f90e98f09e841b3383f25b5d71ec185cc713b1c5603481f7ad512c01

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\storage\default\https+++www.youtube.com\cache\morgue\80\{45652e64-5422-474d-a286-3c994f3e5250}.final

MD5 d0d1672cc7d147f9f802ebefdb01e914
SHA1 22ed7eb147f695ec1df8ae6f43cb7787dd0ea652
SHA256 62efa98b135e5ef8779b99489ab8200b60026a5b1000ff3c997f3be230febe2f
SHA512 7f8ef8af3f57a6aab90ccda6ab1079e43630de11d14a780786a1b0f1ab057d7cfd5ab512b53ecd8ddd1bcc669fa56a0c260b2df421db64e3855dee7d63251a68

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\storage\default\https+++www.youtube.com\cache\morgue\209\{cadb4433-1d1d-4a57-a334-e411785d45d1}.final

MD5 7981f433590b9d8b8a3ddcbd9d4a83ed
SHA1 58944a6101a8cd3e37574d26f2d03638c0fe2b2b
SHA256 097ca92e3fe122231764cb6d23deca18894c83cbd4128b39e925c88c061096b1
SHA512 67e541767b07de4f4a1b88b13c5ae2f0b0df41c09b22648d8681cd7e7cb2cc7d0c15f685f8d6165317fa5956687f46731867892d3e811b78a9b6df2eb3565d4f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 c84fa25c27a09452451955d8a2f2b6e1
SHA1 eaa9d69c7cad24842f9f0842134385a819147426
SHA256 65de4d1ef72e0d9e4ed637e36e005e417872942ab30a8eb9b65eb231b6cd2455
SHA512 9d7e14d2a66355de778049ff9fcd42e1306d5d88a53914ebceeaccd8d8bc25a995513f9a61b4dbe493881ce942a2f8a8d47c2468b91c000f2dad4b8cc823273f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 3ba7e6919bc260bb6ab523197f2be3e1
SHA1 ce2d7fe3aa42d99d733266d023f6aef3766e7785
SHA256 1032fd6f298c16aaae3f1ae2059591f2f5d40e839de4f22a5bb6d41c38a39818
SHA512 2806c96ff57678813e20abc51ffbcb8ebe8986b3775df5d42812be6b50c905840503486d1b963d1fcc6c3de572da4bf9ee175b802032753785d3de69fb0768fc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 3b2df667a176193cba046f74787e731d
SHA1 0525109b7a249a66df8c8eb7d24b49852cd076cc
SHA256 f38e1d77aa0173d1c110ebbc24f55704f74d28b33c70302f1170c1f4213f611e
SHA512 f6a90da9852126be776f2b7b488e04d8ff3cc6e0f4b222e1d9fb7aa2c938d586d4c88150dae1fecc24606c5a80270eb7c70ca4286a0efd2c2478aa2701056ebf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 37abff5df521ac05c05195bb21197345
SHA1 2633c60ce35a055c79763c1a0638d0ddf4d55506
SHA256 0ba6792c89e4dad4f166235f7b656023dd8286b5d385648cae8cc7d450e6aece
SHA512 57536a3442da8ed0045f852d53e701092b18cc8f26de6d741d5ca731c02577309b773952ad85fece9371abfcd252e179817b5fc5dbc242912656543e10868ca3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fad484ef045019b5b48e6634ad5e0b83
SHA1 b3054d194f6d84d3303c91bed177500ff672d2e8
SHA256 6f759f40ab8839932009b3c10e5113f62c845effc31ac4908eb17d3e887302f7
SHA512 36f9b9ed639a2548c5c09fa4e2900685799111862ad1be74cd609ea307d8219b0e763801748100884b6573b315adbf64a20bbb4040f819b68228f2f03896b075

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

MD5 aaba5e872ba07d60f556b78df854279e
SHA1 93d1494959f4027195f527db143e5aa89d60925b
SHA256 0d950d310c06f5df42df4c095f087e9e04f1df621baed053ad73b6c526cdb75c
SHA512 fb9f3fe53d97caf3624a5cfc952daa6fc486e153f9fb33a3456c7f86c655214b520432d150286dbe383bb30fee251f1f63e89e6bb5b45618a541ec03f8a94346

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

MD5 bbac7bb99faedea9a0cb17dfcad195af
SHA1 409312e9c3a5eaa03f2c8227a3693e8a6dc850ff
SHA256 b286f84ee8d1ad423d6c6d681d44ec338a542abff016773fd133db9eecbcb3a3
SHA512 727cc47adb0225730fa4dc9b2a791fc9b88660082bc9ab4e2bb65633a666772a75bac12cede3feab5609fcbb3c4807fad4a3b499d5633ab273e625b3650e2e5e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d2891872fdf6e675a14c75404336a89d
SHA1 2b27ed687e93e052c949385041ef84a326a4a6d5
SHA256 6ab8fff8b82b474e46cecb368c2b183fb245e36baec6b3831851b2a350841807
SHA512 ccb76b26294311bc58bdc113db8fd0eb27f8a0b23a66a6c877d64f7005d88bcbc74c7092950facc3c45da32bb94b48ec8130972d5ffaaab9638a562d43709b34

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 7fa164208bf29dc27b19274d225008d6
SHA1 d03eba72a37538d996cda69b29806aaf10a9f559
SHA256 ee540ebbc18aa3175b9c47919f70efc70b03ed72d5f8d063b3012406631eb99c
SHA512 8126ecc8a279a9d5a78dca96104dd810af917a291dc004994f535b74d76cfe88a36efcec62874ec7f64cdd2eed4b39e242ac18635f1cd2ec2bc5ff03319ebe83

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 58997a0c0c3b3ff38b6f1a473d2a3f5a
SHA1 600f8640ccb21bd8e908b847dc7f13612d8ec7d6
SHA256 cb7ba0b1253c7bc4728ade9ffeec1ce9f4cf4c50fc08ee18aa4dee981c39b5f4
SHA512 e561f09ce3bd34c92ad05303e5acce49c059fae08f5643dde068f6b1ae044987c7c3f4a33d5805e07a99925230922455fa44435493e691d96a6cf6c8e4a1fe20

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 d46ef4ecd700130aca97ffeb609bbffe
SHA1 759be19cb27ed31e54ba625e62a5ab6cac66c34c
SHA256 fcaf31bc5b0546d26cf6099fd5f67b396deb4f3d0026f23edcb556b7c036cfc5
SHA512 9eac25adfc81e53e229441d3f67bfe627ab82f0c9d7e5d3851b96ecc6d74b4528ff038951fca050108de8582dce30616fed928cbb3d71ec25b175650d2ec6051

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe584225.TMP

MD5 b52de3a38ac9a4c911cc54287c668af0
SHA1 a0286c72f69709ae453934d3cf820dbfcb84f721
SHA256 f188f300bd80b8b895babc0fb7af6cf25f6561f350e361b84df6012428f7dad1
SHA512 6689babca33ab27a78c258f47eaeb87112715e55689829a39228fb3f0c6933245ad6b22583f4737a89a553c3dac1064dba78c191a0a7b520aa5573bb9831beaf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 e282010ba7ca8e5e7dc5d9499a4ef4e7
SHA1 234871e11acee0d8a99c4e7d3410c566d797d1ff
SHA256 2dc1a6da74e7e8b11b78d112bdb474d5ff647cdf67a35c68f03afea37699d05d
SHA512 67b744c8651ae20b240cc7d8c33a312ec221f8992928275ff5d75a714b0f2834524fd711525224f58c1b4eb738c4bbd2e6e4ac2679acc354bff327c69159dad4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3c2f1f85646b8f8312c63c2eac991e90
SHA1 18814b0a973c52ae84fc55e66a8f6d6c99c286df
SHA256 031475b0a915634b45e2d85dc5d018fdbbf22ff1fe7983aef5aa9ca5353b5faf
SHA512 9f13eaab06b821d9e45d914c1c1827d1b4cbc04cc8949c619f7f543a1966e130a653d44994693dd4b2a9837fe24673e26845710c81a9c2d4735a84ec7d1fe2c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 57186c9a6498433d47e40bc4fd6c6b41
SHA1 c1ff3f8da04b40ccd51d8e764c4a47c5a478b36e
SHA256 db0359f407be21f0787890762671909bef44c0784bde663831449699ac4724ef
SHA512 d854f34ac8cd7b549156f41cc7eb5de129a6106c6944aad5c12d17d8d7cd2361c7206d5e1479625ef10e03425e134f992296f0ca2c96f33c3922930cbc6ab0a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 3d28ce95efad9ea5b064c97364a37781
SHA1 304c3ad5af43b80a3c83eb648165570711536005
SHA256 ae4da5c190c87648db6f741b4da29c576b55dd8784aed83c081a99825dc1a7f9
SHA512 40179b7a758e06e65948f02b1f74e779b6e6b46b68aa1d23106e44553641c15649f653649f725874f96f40ada39cba84a21564727391c80b8afd9ff890602180

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 507fd29cf2e73f58b09d29188d0443f4
SHA1 8fd0a8c025973e6ce4a13fea02ae01c6519998c0
SHA256 913a82113e980d2c9b28d5f9b2432cd3114cdbf77d057dc2bf6573026a7c4994
SHA512 1512c00ebdcf534854b68569f302add9a0b4e26c4141e6085317d62fe740eca677340c5c60d760d59437af9c80f09be4201310ad565fc327209fcf3a75a309b7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 838f710558ab9658a1f1f4403a47987c
SHA1 cfdae5d0d66a6b9acf09ed4cee5641d3286ae079
SHA256 87d7f1abfc20ee70808bc6f1032636eaa0e741bf0f1b33112189817cdeca808b
SHA512 dc6c172cf276207f161b5b66b9b02b806f226ccbe52a1b349cd8d3dfc8216e977a0b7a16a5dd9638bc9c85fa81df14db60f67d8ade457c6152b291924adab39c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 951a40ddbbe48464685e95bfef829004
SHA1 17a76b7c98129aa01aa63659a49be8eb911115e1
SHA256 d3425514a7b41a05575127b40362411206a945168d8acc6ac209085b443b27fd
SHA512 f358098398e658a58523fba9f8778a65f8a5b5e59ef06f838fa19895800c4ef40f2636b8acd8eb0d0578dab30a399027a96a19943b2e5303e1f3d7b25723589b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 c77164d420b29a882a5a8d83d34378da
SHA1 36d0302f2963ade0d0dff4772b901205c825133a
SHA256 69ffc88236e8315f9915b13dda4a635fec39248e89ddde60a91be448f0a6771a
SHA512 9a819faf9435c9275b55213bb04de82acde33fb5841e4d5ddaafae33f3de9b2a5fd887f42cae209bfc2c6377aa4b1319b109ec8a17cd5f5634d47c3f877ffedc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 e337014ceba65092b027bdeddc48b00b
SHA1 98ad97b8adbb411d6d4623fab506924aa6772304
SHA256 c8376c9fa189541da0b65cbac556fea079eba00755803b97808f79b6d2b07c95
SHA512 24dc7ea8954498d7eb926f6ff07d245d82dff98ecbf77093b717351328434306d37c0a95aac208f711c8f3bb901ffa05daa974aa719518eeb14bb844df5e3d6d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 2a7f5b5f79d009af48310436e7f6374b
SHA1 be733d68cf94f164ed3e909eda8bf0c49e63b661
SHA256 c20e808a8c41aadd77f42cf281662ad39e918964f2d69ddc908334f3a90ead50
SHA512 fa6f8c60caae1fda6733a580d1cf6499ab9a80e661a6a068930a607dfee8b3f61723938e523af9167ac5f1ef23f72e9e4c1796c4fc6f60860a363396355d4d0e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 6be6ad429bc6c8e22ac988dc922827dc
SHA1 b63eaba95e8368ed1e93da22da8af146dfeb2136
SHA256 12725fbe8c256d83fbb6c23ef11f1a44588396ccd8b10014f8abf73f63c143a1
SHA512 64e9c7391ec7202b4af0effeda6cc3b7d01cb5808ce87fc87b18362e465b7e98374392cf91a8ce5291649154ee0d6ccbe5fa4dee72c4d8fc63771886c32b6110

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 514a77be4d9c8dada6255897e09d293d
SHA1 9545e74e7ec8e91dfd336e30a6cf31e82da62089
SHA256 3427c879d6fb5dbee5863d0441b2a30e052b7d9c71b7d5634837725e13850db0
SHA512 739cde817911db382f9696f04f3db42a2f37b7277d69d65f8d47e2954a1edd1bd71a609778ab199e5479d06f421e9c642a5ed01f73d9f19c41f8a67a6f9c0e16

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 02d2c198df1417ffd7b7dc3fbc8768a7
SHA1 d9decd360f45c49698410640e79b5c0e9b2394be
SHA256 6a37e2383bba6195ab7ca4cc6b5408b59032b2ae7d9f1050998d7aa4350183e9
SHA512 2d274725511e9f583c9eb87dd802314d5252de5d7ae6280bbfcc61e7cae92603e044a09c155c8f3192df4b46061a54e3e7eb68d4f6df671648973d7fa086c1d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d2b195c5054d56051876660ec4a24253
SHA1 332f463bc16f316da6eec07ac9584894038acbf0
SHA256 f2a7f7091ec37a7eafdad6ec15b2d3a5421043014cc418ca354905f4a4de73d7
SHA512 cb51ce1a2ad58c5fc73a92e2d61b381305b51bbf8163c7fc6939063a76f92f61ebb2f222b1c1de12ee028273ef057595cf52e081de6e0afdcb93d7a377f2bb0f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 e75f596f723601ba0441db22a5953de8
SHA1 4dcd0656ac460ef485df096127e666859b5a1a7e
SHA256 6fdc8cf48085abc845d93db6f23cc68b387400043e55a05a85a4aaf9a93258a0
SHA512 9a7692c8e0b46a23f566ae1762b05b72a8dabed2c8f2c51ecf2065c2bdad280a49a72e769f7320127617adca672329c0693101d8312d3afee39a14cfd563150b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 787f1641b048832a7f52c7ec5684d907
SHA1 3071cd8ae7eab59ed84bbaf95e73c830380d6a72
SHA256 4ebb20e514f88092825ff12a85ef7bd00f8a32661023dd214e463e8877dc652d
SHA512 9a2be111e4be2467121f162c6f4c0c3a3257e6c2e1166d4347463e4fa8a341e068e3d58037a73a31417fc8b2cca2749ae703073a28ea3e5b3d1cf5a8bc7059b5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 69a461d33344ed297c5b70c5b8cbcfba
SHA1 98a1207dbca951c1894e0670c52a12148ccb0c4d
SHA256 36d7359785f00d3d9b1153247f2182d33decc7d3ab2c7d98d91325fb99e66695
SHA512 4a7477508fc815702f95d827d9e513a9ab6305371248b61ba864bd16af4fa00940b8d2132a25e38702034481006d15614bf8b88828bd41f70557f9ce9664eb85

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 067b4797412c3b88c005276b0fa21a49
SHA1 a89a304ca758051455888936cfd4ead9640be8c2
SHA256 5cecce4e814d659935e5c353dc935bca1945303be5c9efa6bcb5fd0b20f9a660
SHA512 f64d4aed56ca0e4185d1069b9ae37f527da12bcccb15d70972c39f609e6b4f18c80a2d62701e7f2e43a73b363eb5ab560e03071d70a3f17bdfc7d77357694b17

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1f9ae168925391dd27a0593acc2d948d
SHA1 63badb9aa48c0b21bce7200b694f6a64e7e252e7
SHA256 449b42923443dd64b0d1710623362275c048cf54b942bd139a3b127f13abc7ad
SHA512 2eb3a2a713bd9c84ea010b9aaa0591f9ec16cc72518c391f76af6469953b7b1a3e7f1582bee63fd147df25c98f75388488ffc15baf028772da15155d67720dc4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 1aceefc6343e743f2c466ed4915d4bff
SHA1 9734c2bee2a91b5f4f809614582a26722c850885
SHA256 c0df7bc510932a75594b8deb150ed3373c2a164d301f9d6fa2e4fca435d454e4
SHA512 dbcf9dedfd5c4a879608ba55a23affd191f506a7a2ae62301efd555455c2a298308dba7ff30993b624855b2ac740690ac0f4310a6b027755b4fb9ff8d0468a15

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 4cfe673ea5431d36accc951b16ce6a9b
SHA1 6bd0db04d9785daf518886cc38b5d28c14cafb8f
SHA256 c12493e149f64b004049eb0d0a4633eb1e1f5c444f37d04154d858b8c6e188cb
SHA512 08ee569c63ccc247944ad39f3b111cd80f9a8513ad95b27edb829b2272938673c5c0ff94bf89c180268450e5fb25ef3283d61198a502878166732b1a1b739a79

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 52a43a1c8672a8e506d0dcb6c5737ff0
SHA1 93020767aa4ffec0967ec704e75659ec131cfc8f
SHA256 03b8bdd48d0685388174846714d2c9700717d2aa1141e3a21074a67e37973991
SHA512 7a3d89a1f50b33da5da5327daf77589438d96b2c1a2a54656468d7a55013dce9440bad53410715cba4ec638724d062732cfa54a9697fdd113fc14c6ced131a7c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 56c79b35e38118182028639016b4e35a
SHA1 3b5e7ca693e1f80efce52592c9c76e2ef9fc6997
SHA256 22fba73df29b2b0acb64712a0bda66e886abe46036f75a2b08fd4a3cdb6fee9f
SHA512 d467a835c6f64bac6fd22109af5ae4bda0a2dc047ba27d47110240e53e227f5e945625ece582bf79d197ac41c7ba261a0abc00b701cb6f4a757cd0e5d575dcbc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 ce024c55cac69525096ea2a38d64f1c1
SHA1 ec865946f8e23e3264f5a2e65a5251fed3ee7b2e
SHA256 c8416c259f24b782830b5ebf61c6926428cfba9cf7204fdadbf2c0c35cae9dcc
SHA512 2717e4426e06c9299ed3c42850acb60909245b5f4726d0f9d892fb63cae5956e750d4d18e3b71940137022c2b247f1afe2c995beaf90f43da64c98a2aa6299f2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 d2d6ff0eeda1c6e4a38a5c63520800bf
SHA1 360b8278eb5e90837ed593975b9cff6cb8d17e59
SHA256 22a3d8d6bcd3c2d23d35eae9c4d0f5dd65732b612853a07560032979e704ad71
SHA512 931680202f01060daffff7ef54b42bc1c398b7869b64786ef8f0231ac0665297c9e9d318223e99979329efc22c2921fecbef55cbad59696044fe2086f973aaa5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 f6110240f1daca6a535f9d471c8a1785
SHA1 2e4506ee74bd9b2183ba1977785be26dfdd00790
SHA256 984f1e9350e325ab9d2a13ec2800b134fedae6085ab3bc1d510426176de2ef66
SHA512 9f3c3287bb8caa0a4904f02379fd5987fc392d7abdfd833e7b6d8ac2475912f79fff7ec717b23d41393e59db503f70b31abccc3800cc751338f8cac2fc55c2ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 e692cbb46994def897be66bf5ab5dc75
SHA1 7ead9eedd74c44499f4d47697a9eedaac3a8a8f5
SHA256 268815e759cee301cd80ae7f52f62dc9d273111bb91917652ef575beb5da5873
SHA512 cbf7ef43769effc75e7829e0c8815ef35dd43e127094608ebcdd62ae64e56748cc3393a01804f02b63fccd7d48e94aa49ae4a4886b9770e8cf6634c22feb8d7f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 73c58fe894e57defdcabe841dbce8f48
SHA1 99729e4b5843c68c6045e67134369b56d0452de2
SHA256 1b478b51be9f1e78699ec945a9e2aef16e22be8f7c0d0e9cb25f2b7a352cb13f
SHA512 f3d1357cee884800d54d695e4d16b2f7cc4afa85a828d952ae37506f8528b535f4eb8d5f6c6cf04158e631e91dfd45e25f1f83164e2ab89a9b00e60303b3223a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 5f9e2a4ac994526519e2fe0ddcda454a
SHA1 fda521e3048588eff1f25b219c60d382fff5cb7a
SHA256 bf47c7209dace0264dc610ef749de212b865c34908b55f0bf7a42d76e62a7451
SHA512 dc16f8b8e58ef4077418050e8e8aaeb91604e835e98814b40f4b5c08b6becbfd7c948406455452cf947c10aacd7755a7ad3f1ad61e58cb9b9ff3e88ce5450af6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a684d16b206e9fd6f439d0302f3d0a0f
SHA1 61cf8301eccd15e5bb9408d431eee3821e40ba00
SHA256 4326b8a81642c3c2c51d2407833418c4e1290831a105d6954e83f01812c5457a
SHA512 d5d870d4d4056e43deecff2186216fe1819b43bac32cb16187d76b600c3c6a17e88d4f83bf5f1540db94bfc08447fc844ec9fee09ad5bc35e92825cd69eb4d0c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 5bdb649bd4ece4ef14b1a32041c19b22
SHA1 eed01adeb5dc4a79c38246d8ffee6b6e55e942e9
SHA256 ffa07c7788b296be1539de3718b01c1a96c17a3ab385433ba03b50731c778a8f
SHA512 26ddf59f3f7adcfa739b9a8a368eed8b460f80234b89f7227d5c4c317dfb6407398be4e5a26ef33c16f1e4a0ef370608414e73de2e558314bc5910834568544c