Malware Analysis Report

2024-11-16 15:52

Sample ID 240206-wkhkascea3
Target file
SHA256 a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77
Tags
google phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77

Threat Level: Known bad

The file file was found to be: Known bad.

Malicious Activity Summary

google phishing

Detected google phishing page

Checks computer location settings

AutoIT Executable

Enumerates physical storage devices

Unsigned PE

Uses Task Scheduler COM API

Checks processor information in registry

Enumerates system info in registry

Modifies Internet Explorer settings

Suspicious use of AdjustPrivilegeToken

Suspicious use of WriteProcessMemory

Suspicious use of SetWindowsHookEx

Suspicious use of FindShellTrayWindow

Modifies registry class

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious behavior: EnumeratesProcesses

Suspicious use of SendNotifyMessage

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-06 17:58

Signatures

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-06 17:58

Reported

2024-02-06 18:05

Platform

win7-20231215-en

Max time kernel

52s

Max time network

155s

Command Line

"C:\Users\Admin\AppData\Local\Temp\file.exe"

Signatures

Detected google phishing page

phishing google

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DOMStorage\facebook.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 40cc09ca2659da01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DOMStorage C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d80bef292bee784c8e3c940d61fdfeb80000000002000000000010660000000100002000000095d11492d0fb67b0722805bbb7cb598f3e3686b99f87b69b3c23c5b1b0acc0b4000000000e80000000020000200000000f58124bb89f89b40812f5a506d9d58cb13de184b2b8d197d4157f2e1b640cf520000000f51f02b85bbe296bd41b8af22200eab224aefa1dbdcb4be5d963498161d3829f40000000e84492d79af73d64226d747914989be0cebb86950fc7a4b84707aeb7df3c768b791889960bb79576f62c04aa46f467cf916eae60b992d949fa2efa10329281ec C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3036 wrote to memory of 1028 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 1028 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 1028 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 1028 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 2500 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 2500 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 2500 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 2500 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 1212 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 1212 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 1212 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 1212 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 2312 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 2312 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 2312 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3036 wrote to memory of 2312 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1212 wrote to memory of 2708 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1212 wrote to memory of 2708 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1212 wrote to memory of 2708 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1212 wrote to memory of 2708 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1028 wrote to memory of 2772 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1028 wrote to memory of 2772 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1028 wrote to memory of 2772 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1028 wrote to memory of 2772 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2312 wrote to memory of 2620 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2312 wrote to memory of 2620 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2312 wrote to memory of 2620 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2312 wrote to memory of 2620 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2500 wrote to memory of 2844 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2500 wrote to memory of 2844 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2500 wrote to memory of 2844 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2500 wrote to memory of 2844 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3036 wrote to memory of 1896 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 1896 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 1896 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 1896 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 1512 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 1512 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 1512 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 1512 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1896 wrote to memory of 2668 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1896 wrote to memory of 2668 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1896 wrote to memory of 2668 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2408 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2408 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2408 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2408 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2428 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3036 wrote to memory of 2428 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3036 wrote to memory of 2428 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3036 wrote to memory of 2428 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1512 wrote to memory of 532 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1512 wrote to memory of 532 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1512 wrote to memory of 532 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2428 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2428 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2428 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2428 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2428 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2428 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2428 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2428 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2428 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2428 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\file.exe

"C:\Users\Admin\AppData\Local\Temp\file.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.linkedin.com/login

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/video

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1028 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1212 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2312 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2500 CREDAT:275457 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7159758,0x7fef7159768,0x7fef7159778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef7159758,0x7fef7159768,0x7fef7159778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef7159758,0x7fef7159768,0x7fef7159778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.0.546131854\812104435" -parentBuildID 20221007134813 -prefsHandle 1224 -prefMapHandle 1104 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {93245448-cef6-435f-8a42-9bf1990e1a12} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 1332 43c1758 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.1.1877368214\2053567437" -parentBuildID 20221007134813 -prefsHandle 1564 -prefMapHandle 1560 -prefsLen 21610 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {43fab87b-b787-4b2b-8023-534b307551ce} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 1576 d72b58 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.2.452701397\1974697941" -childID 1 -isForBrowser -prefsHandle 2084 -prefMapHandle 2080 -prefsLen 21648 -prefMapSize 233444 -jsInitHandle 700 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f9cfa8e8-581b-4994-a109-222b55148a88} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 2096 435a058 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1176 --field-trial-handle=1384,i,11639190767066514686,9601958552693816821,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1548 --field-trial-handle=1384,i,11639190767066514686,9601958552693816821,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1604 --field-trial-handle=1384,i,11639190767066514686,9601958552693816821,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1152 --field-trial-handle=1332,i,13766649379118703003,16395127431852237203,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1488 --field-trial-handle=1332,i,13766649379118703003,16395127431852237203,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1200 --field-trial-handle=1020,i,4293327695786981847,5944574556845619391,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2308 --field-trial-handle=1384,i,11639190767066514686,9601958552693816821,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2320 --field-trial-handle=1384,i,11639190767066514686,9601958552693816821,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2480 --field-trial-handle=1384,i,11639190767066514686,9601958552693816821,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1496 --field-trial-handle=1020,i,4293327695786981847,5944574556845619391,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.3.557523417\1138276867" -childID 2 -isForBrowser -prefsHandle 2900 -prefMapHandle 2896 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 700 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f0fab97f-eb61-4ed0-bae5-cbc58c33b93c} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 2912 d61958 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2668 --field-trial-handle=1384,i,11639190767066514686,9601958552693816821,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.4.929645669\1480057993" -childID 3 -isForBrowser -prefsHandle 3308 -prefMapHandle 3304 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 700 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {858d17e7-909a-443d-a32d-5fd74ac799c2} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 3544 1ea3bc58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.5.164689268\729634801" -childID 4 -isForBrowser -prefsHandle 3696 -prefMapHandle 3700 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 700 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {04090312-c2dc-459a-aba3-5a3bd874fd63} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 3684 d6d058 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3180 --field-trial-handle=1384,i,11639190767066514686,9601958552693816821,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1408 --field-trial-handle=1384,i,11639190767066514686,9601958552693816821,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3360 --field-trial-handle=1384,i,11639190767066514686,9601958552693816821,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=784 --field-trial-handle=1384,i,11639190767066514686,9601958552693816821,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.6.2039001888\631808498" -childID 5 -isForBrowser -prefsHandle 3332 -prefMapHandle 4020 -prefsLen 27382 -prefMapSize 233444 -jsInitHandle 700 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c337e102-eba6-4a83-886c-71bf44ae8b20} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 1896 11634058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.7.565474441\1701314418" -childID 6 -isForBrowser -prefsHandle 4244 -prefMapHandle 4248 -prefsLen 27382 -prefMapSize 233444 -jsInitHandle 700 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {92be8922-7a80-44f7-ba6d-dea77fcbe461} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 4232 11635258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.8.1582381684\928452547" -childID 7 -isForBrowser -prefsHandle 4416 -prefMapHandle 4420 -prefsLen 27382 -prefMapSize 233444 -jsInitHandle 700 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9e10a2b7-ed70-4789-9e6f-b6f49abd7b9a} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 4404 1316f858 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2004 --field-trial-handle=1384,i,11639190767066514686,9601958552693816821,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.9.1327801994\1834048262" -parentBuildID 20221007134813 -prefsHandle 3932 -prefMapHandle 3936 -prefsLen 27382 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b5eb2e13-9504-43fe-b579-7b2b1b1fa31f} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 3508 16ba5a58 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.10.721053486\1139793375" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 3484 -prefMapHandle 3452 -prefsLen 27382 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0e44ab4c-a67a-4202-94ec-ccdc914be24d} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 4284 1316c258 utility

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.linkedin.com udp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
US 8.8.8.8:53 static.licdn.com udp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
US 8.8.8.8:53 m.facebook.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 www.google.com udp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.35:443 facebook.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 fbcdn.net udp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
US 8.8.8.8:53 platform.linkedin.com udp
GB 88.221.135.98:443 platform.linkedin.com tcp
GB 88.221.135.98:443 platform.linkedin.com tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
US 8.8.8.8:53 fbsbx.com udp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
GB 142.250.200.46:443 www.youtube.com tcp
US 44.227.167.82:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
GB 142.250.200.46:443 youtube-ui.l.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 142.250.200.46:443 www.youtube.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
GB 142.250.200.46:443 www.youtube.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 163.70.147.35:443 fbsbx.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com tcp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 172.217.16.238:443 www.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 142.250.200.46:443 www.youtube.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 142.250.178.4:443 www.google.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 216.58.213.22:443 i.ytimg.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
N/A 127.0.0.1:50162 tcp
FR 157.240.195.35:443 www.facebook.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
N/A 127.0.0.1:50175 tcp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.178.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.200.46:443 www.youtube.com udp
GB 216.58.213.22:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.213.22:443 i.ytimg.com udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 rr5---sn-q4flrney.googlevideo.com udp
US 172.217.131.42:443 rr5---sn-q4flrney.googlevideo.com tcp
US 172.217.131.42:443 rr5---sn-q4flrney.googlevideo.com tcp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 172.217.131.42:443 rr5---sn-q4flrney.googlevideo.com tcp
US 172.217.131.42:443 rr5---sn-q4flrney.googlevideo.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 172.217.131.42:443 rr5---sn-q4flrney.googlevideo.com tcp
US 172.217.131.42:443 rr5---sn-q4flrney.googlevideo.com tcp
GB 172.217.169.46:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 redirector.gvt1.com udp
US 8.8.8.8:53 r4---sn-1gi7znek.gvt1.com udp
CH 74.125.108.201:443 r4---sn-1gi7znek.gvt1.com tcp
US 8.8.8.8:53 r4.sn-1gi7znek.gvt1.com udp
US 8.8.8.8:53 r4.sn-1gi7znek.gvt1.com udp
CH 74.125.108.201:443 r4.sn-1gi7znek.gvt1.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
GB 142.250.178.10:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 www.facebook.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 accounts.youtube.com udp
NL 142.250.27.84:443 accounts.google.com udp
CH 172.217.168.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.212.234:443 jnn-pa.googleapis.com tcp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 youtube.com udp
GB 216.58.201.110:443 play.google.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.200.46:443 www.youtube.com udp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 rr5---sn-hgn7rn7r.googlevideo.com udp
FR 172.217.130.234:443 rr5---sn-hgn7rn7r.googlevideo.com tcp
US 8.8.8.8:53 rr5.sn-hgn7rn7r.googlevideo.com udp
FR 172.217.130.234:443 rr5.sn-hgn7rn7r.googlevideo.com tcp
US 8.8.8.8:53 rr5.sn-hgn7rn7r.googlevideo.com udp
US 8.8.8.8:53 rr5---sn-hgn7rn7r.googlevideo.com udp
FR 172.217.130.234:443 rr5---sn-hgn7rn7r.googlevideo.com tcp
FR 172.217.130.234:443 rr5---sn-hgn7rn7r.googlevideo.com tcp
US 8.8.8.8:53 rr5---sn-hgn7rn7r.googlevideo.com udp
US 8.8.8.8:53 rr5---sn-hgn7rn7r.googlevideo.com udp
FR 172.217.130.234:443 rr5---sn-hgn7rn7r.googlevideo.com tcp
FR 172.217.130.234:443 rr5---sn-hgn7rn7r.googlevideo.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp

Files

memory/3036-0-0x0000000000CF0000-0x0000000000CF1000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F294DB01-C519-11EE-9853-CA8D9A91D956}.dat

MD5 1bd81073cd92ee38c481825d3e191db8
SHA1 1ee0924621507ee3a47100ccdfbad86502ee6b23
SHA256 08f3ea7029a635c559eb8e62f1d539f2944ef2a059f3e0339d54c112e13b18b6
SHA512 c95fe4f25b41f648247b0fe111142ea557ded709f4ab147abf68e0f3c7eaf74d38826bdd3c01826853402dccb1ea4c7d611858411678061c30fbff855e329da4

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F2A32341-C519-11EE-9853-CA8D9A91D956}.dat

MD5 135e46bfd6ceae9c1bf8a96e97bda619
SHA1 2e2c55952d464fe71456dfafce8937d1e7122eca
SHA256 bb4afbd7ed29d49236152808dd1fd6cc2dde16239c2a9245210678412d93fcc3
SHA512 18f342551bf9aa9fdaf985fe4fbc05bbea57bd8720cdc2e37303539a01884b7812bc81d4f87a90b340a487a2d60290d407f505407eeab489a618e2bbd054114d

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F2973C61-C519-11EE-9853-CA8D9A91D956}.dat

MD5 3969fe55c5dae3bef2570357cfe3f30a
SHA1 a6ea6bf8df7ff1ca4dbecf4d0150f817df9d4dfe
SHA256 74e5c16d9157da18497cea6ef30c692aad29f55766280ff2675bfb899c5e15f3
SHA512 c441f50e0da87406acfc1b3fab4fcf84a2d20d053627ee97d64ace03756b4d82c37d8905d2c620fd409c10d8697a5f0017e8f1eab18d064bc70eae22b3e239e9

C:\Users\Admin\AppData\Local\Temp\Cab9ED0.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F29BFF21-C519-11EE-9853-CA8D9A91D956}.dat

MD5 30357eb94fea7c004465f2a3a2c7eb83
SHA1 ea9077b88c26559bc2fa3bf8143ed3163aa4360c
SHA256 9d48db406fa43c857fca553e002b094f06896d6b15c0922b77d5b3322bfaf256
SHA512 e35b33c0094dfa662042e5d077cdce42d12243fedf04b45d8538d8ddd5000610247d557b2173759da1dc3f3f6aa4ace16c152defc4bb8f7b6d7a3180266a4ecc

C:\Users\Admin\AppData\Local\Temp\TarA180.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ff044f8d91789c5627fcf336e795cb82
SHA1 198d6d8a64364316d1d79a2b814e84c9730bf7e8
SHA256 b1389ee8f62406bc4a6ad9a4bb5fc755bc6dd56b592540dc11930cf15708d2bc
SHA512 b73b4fb8a8cd649c99b9c906e6d33138810345110f03bbc2199902e03ba75085032e848eb78cd2290dad89ce4c6bb975b5b402dc9c1293aab702b09e40867cf3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 27961932a781925729b72ada4e90f498
SHA1 0e4410004975f749ec57cd5e82090678eaf8895a
SHA256 bbd530d7c1074b735f1002c4615af3106cfd75934146b43d1d18b1ece103766e
SHA512 2bc87969a276a4bec89d4ceceda6b1d80d20755eb58908ddaa4cc64b428b985f06b8a5895bbcc8ba2982eddd6e089251e497932da7cb92bc4e4b07be74f1643c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 e30193fe7817049ed60b056da0f1d0c4
SHA1 ff19b809dc60dfff9951b7011c4f6f32e7c67d9f
SHA256 3ecc843307afc18457e4d9e657e1b4d930f4c86233d84b667796c116f3477715
SHA512 7ce3379eb5bfcd1d34ce29a8ddb3844e083b9fc26bb4f91ee974bd73cc48d33b5d3310c546057c85f461f0aa920e15b5f558d555e40a4e9937c396a224675502

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e4df3b5c0b6e432c3a37351c8c2457ec
SHA1 e6f394bfb7ee655d0281989e1ae6f5bc9309cb14
SHA256 f8ac29c084be220c31cca6d1dae73bfa7bf14d2c390fa426b6cbc0c2685394cb
SHA512 67914178646be7eb4fed55300527997327b2e591a3afad9fdf20ed885c0345100b81385b37e7ff5130579d0c6e78531a77d63a85a105fe2b2395fa5365d44ed0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 26bf4f6cb8ef6d48e335c02f4066b0db
SHA1 dc5cec1bef92107ac0da6dae9a77d1ac5209c61a
SHA256 dec61fbff4f370c235264b784ec7d9977e4a2f97a52df351eff3fa9d7fd7abe8
SHA512 4cdeedbd3d54386f10683d0366166557508f2a3268ea820a640bb76565cc2ef4ef9793453da095621d360c3a6c1fb04e1613580c1deabbac3c13885978e729f2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4def6b30c0b021dfe099d1091d20ab47
SHA1 d0712784ec458cc169f397585a257e8d0929d9d2
SHA256 7f84dc0ae2c6500b9241c1106de6ccf4a531f59301a961df80ddaa951baa3c3b
SHA512 c197ee59bc7db10adc10c5826511d7f96e8febe8786ee415d8afb65a189d37c2ab347a4cce5a622ae7741f415a5cb46b807cda25ecf3d747c2869aae49086642

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7fef49de4d8fd6a50864f74ddac55dfe
SHA1 831a47e01834fefa1aeaaf5c4761c651136d29c7
SHA256 f7d6681d1ade668e6fe52ae834e4bcd6bb64d05dded2a54652c778ce6282cc5a
SHA512 1dc4672050c02a5d267f9788705492e8103354470ef009ab135388952fc7d87ab91ef36390b35879db746d1b40b10e57528d465fb36829bf4c748c75f899114f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 85aba89c53bb7c2a4f540128473bc3b1
SHA1 493feea8df0a909b5b0e0cdc04c86b193fc76f27
SHA256 98e383259fd9f2d438b50930f12b97f0ecbfc10365e78cc24bb6154e2ca888f1
SHA512 08a64ec7a30d04da12cda38456315e19c1816f9382de4dfbc9646a2a755d7eb8c299334246b3831d63c2d668b369e1c2223ed3a570e0fb10537272b2c7402614

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 8be44a36f4dde419f48434c4aa2bb28a
SHA1 d94d6bc9d5ed05a39870940c9b266abbc54afef6
SHA256 3fb77f4e41cd1d184347f8906fdacf9bee3a8d5f438f25d7c81e556dfc245543
SHA512 0ddd74e84a90297056debf5a2dc39a8d6722fee9931def86f6c05bed2e415fc8ed9928ba20fb8323fed8132ea112ea694112a075398e2b10f4ac65dfd24d40bd

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W79VKSP8\favicon[1].ico

MD5 f2a495d85735b9a0ac65deb19c129985
SHA1 f2e22853e5da3e1017d5e1e319eeefe4f622e8c8
SHA256 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
SHA512 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0ptx2pp\imagestore.dat

MD5 e87292f28cc5a7828fed4b9933e28abf
SHA1 032ef133ab8485744bc0374f64f0eb7fab1e7e03
SHA256 0560b836d493e3b49ca5635b7a784ac7f44baf68c2e1eebaa6a61b64078ccd75
SHA512 0ab58d55300890f7dea0906da3613c941ce9785fc275d6e510fccb6978adc193c24ce26f2ca10a2eb2bc0a2ecc7c949f5496fc7ba785f490306879c5f0d47e5b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3e7752c7cc84d0c5ced9655bbebd22ca
SHA1 89fda828e3af6978a8a3839241ac0bb15b58993a
SHA256 d8dd6080e86a63b253a5fbf24d9b280313dda0961a7ccb44ae958e51d63eddae
SHA512 111adfbd72a2887df90dc6662f851a78b9d6afbfeeda35a383c268b40c062197d90e82f95ca6028508b92771547a4c0df74ee5a60a5f0790b0e6842555f9b2da

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\7VGJL3QM.txt

MD5 31eb6a0a8a4cfcfc5f31090c40d0532b
SHA1 457d2102c719d4f828a91f02974ed2d0fb2b7388
SHA256 481bc46e6736dd06cbb651a4c2cd11fff24af6f806f6e47cf4c0339ea56d5b6c
SHA512 d7271d9ace50e028147edf997bbfb0f261d735e5f488dfc92223bd95c2975e995a6afa7dd2890d5132e67f18fdffe6907d3f77eca1d3c978ef5ea78f33075a2c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 7d10d6a2d05142b2f7de42728ab93a9d
SHA1 dd26f063d2bf4688cd996ea46ec9c79f9702483a
SHA256 a06c2f6ee0ae9af14551ac19e95835bf20b775d835b558529eb5979d474f0919
SHA512 74738a2f5fea62431113b09022d031000ee1ee3fd15d0c02dcce313c1f67d7c9176d13a715653d1fd23ed10c8c8fbdeccfe09bdd17511e3f92e218ba151e9139

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 41227a79f6a9abef1b09d12c4b86db85
SHA1 72905c597b07febf49f084eecdc63b9549e2d75d
SHA256 2af488e670e0a65b3f608f60690ac08049a60d5c5e80522131c1d643c8ac9605
SHA512 f481b584430b553cb75c28144a628eb1103fba6d6ecfeaa3b9954dac058902729fae27ce6bca7d5cf544140547a612d1151e86159052cba61bbf9885746fee2c

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\53STNJLW\3m4lyvbs6efg8pyhv7kupo6dh[1].ico

MD5 3d0e5c05903cec0bc8e3fe0cda552745
SHA1 1b513503c65572f0787a14cc71018bd34f11b661
SHA256 42a498dc5f62d81801f8e753fc9a50af5bc1aabda8ab8b2960dce48211d7c023
SHA512 3d95663ac130116961f53cdca380ffc34e4814c52f801df59629ec999db79661b1d1f8b2e35d90f1a5f68ce22cc07e03f8069bd6e593c7614f7a8b0b0c09fa9e

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0ptx2pp\imagestore.dat

MD5 9b1e4e5d213d0f9ee0643a91ce4ffabd
SHA1 77075bb90477385cd59e95825b50cc7699d901ac
SHA256 1649819c0185d9012f9c6e59061de0991f9ca0315319e82195d384acda159853
SHA512 45fd65665f860498363a015cdb09cb8b5c6d61f1436db1a503c0b38b31b1cbfe7686a1c85617b84bca8a117db5657ee253c89be79ace0a21b852806c18cfb82f

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ0GGVIM\favicon[1].ico

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0ptx2pp\imagestore.dat

MD5 aca66844ed7bdac2b8e69935e30825b0
SHA1 eb0d3cc0e5dc8bb2f055a1b99abefd0633fdf62a
SHA256 235e38d578b5bbb215386f37956f5e6ac196c922d14bfbc82ad30c46ab8e3306
SHA512 38c915b4da620c303b30c18b9c12a7256adf2c424fa6a1cd08cb3a9626e2877f1c4a09946f2b878d29f7623164cf4df61e781e946ac36571ca4dbcdda658b5fe

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ0GGVIM\gB76kJXPYJV[1].png

MD5 389dfa18be34d8cf767e06fd5cde4ec6
SHA1 47b751cffab47d076816c63ce08d3e84600376ee
SHA256 3c45ce612f41b1e7936e7cf5b235047344fd3146d1630e342f186d1d1e8e00d5
SHA512 c4db18f636ad85e87f93a208fb4b02b528659ba367e51cfa6d7826ac1159f445a85fbca8d12ac67556e8fb5208dae24ae309e783d50feb088ef0e9f47ac19430

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0ptx2pp\imagestore.dat

MD5 17c1411f9bbea56e06a688582f95ba3a
SHA1 5f1e1e78d51658fe394b6d9bc11ffbc5ba24523e
SHA256 fd1f370d7fa5036273fdb030485fc3dfc89a84dfa1dadd2ccd6daa1622017184
SHA512 a12c96c6ccc805d41c98a6ffad2abb31a9cffc880449d69bb83ae3cce90d0f0ae6b2e6623fcbe8fc62e6e78ab62c1bce8361246a78f97fe0a1237ad382f136dd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ffce886d591ce4c14faf48a09ce1cbfa
SHA1 bed4ad442d48b5f7277d151ac6d2942f054af4b3
SHA256 873be50e12fb732ec8b3de765444123d41aaf3229548a7c8167c81b258f37e60
SHA512 08d2992f62474ee354957886d37ee666e9b2dd5b46f86889ef8ac529d72fc4368d839ac8ec09b78df48524eae33c90df4c40cafdadae2a8174a799dc369d362b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3d6fd8e872b50bc2b104efc4ef30646e
SHA1 6db4637324f85ca0cac7c9ffc8379a1097a8b44f
SHA256 f764c57a7693d2e99121a611060f156dcd3c3143d3d9b5e7f82f8abbdcc42264
SHA512 caccbf5293e64c5bf2a47206bd0173329adfe51db9c644ec3b7998d96231fe95193c0c7ced0c5890ac8d26056a8cfce1ea802ded24cae4dc01deec7cb5b601dd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6f673f8aaea378128aeebf1818264699
SHA1 996c009c7c25293fd7145542e77b493ea56b52b2
SHA256 c2db103ccf439f15050501ef2ade915692c6264f0f950d1e9cabd84de0d018ff
SHA512 9d239634f155ccac985c7c9daab8bbef27c13639de49aadef9f6745d66fa2a4f38a84866f4cea2002bd4975ae2f396faeef8d9ae86b6570d71808306a9bb6351

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 45405c8c11105a6b0d35fa2c4ec617a5
SHA1 84554a909cc31d1248c572d2c48b2b4b5328ef86
SHA256 5b2a839dabfae466dab019b9d5a62372bef590ae5d7290d1c7d8907e8dc04de6
SHA512 d811a060049bb3b875d13121ff9760629ea0476ed7a152509a20c561da17fe58bd9243fd4f5d092ce6c97973b8893c1035f692769ca91fdbb2b4a14e392a2cb5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bdfec5b92baaea0d9abf0fbc6852a000
SHA1 16b559a9efe4f0c993f1b9c022c163448a1c7ee3
SHA256 9cdbac43cbbe37be2eba46de60c5b399e2f56cabbc13b57318615fedf5a87d1e
SHA512 a809a6639643c61e9109be5dfeabfa5bb5c8cdb194ac20a5e35cf08fdf1efe2afaf63deac64907000171c5fcd38c62c593fce280c893c14aa0e162014808c725

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 23494e1951969600cb888e144591959f
SHA1 2d60b3b17204c81ee46455f69b75f3b984e98885
SHA256 2ffa54bcbad5702102b76a3a71b1c2455c71680a4ea811bdc1d1ab4f2cc73b68
SHA512 f3d2e2a783d7dab70012ae318c80c1a26ae6987bc50c60411c56919c76a2d7bd4d0cb49f4a1f04a7e767b3d47ed18408f9a73b625ec45ce504b3c834ad76943e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 be11e3a41c03848cda18eb4e66f6527b
SHA1 f831d72d348724f875717e865c524e0c085516d0
SHA256 5146bc8c490a09649fc8e63c10c6af57e6263246eafd7b4abbec74cb928fb6bb
SHA512 04bc061e106b1b8011a655062cc4ababf7a064b78954bbeb3500d9a1177863ce9244a578a925e8007b5e45c2c1555fbbd641079571a15f26543557759ba5093b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 21083acb7415dda2941d7cbb4942ef11
SHA1 fabd3581187e716c53bc477411f062fa8a432c2b
SHA256 30e495ce94cf4ddf60240e95e5625142b8256cc9a33addbc3c1940bd3c79d85e
SHA512 9cddb763a1df1b44dd8a0edb1402b0904353835e083a8b990a1a4acb566bc7641005b8a9f00449baac4f3d001be3e663193b48a987925dbf76ab679e0ff64b32

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 6ceed0c88ffab51ae4b831f53ba82b6a
SHA1 3f6500fa70a8f4fa4506551868ba008b23e3d6e4
SHA256 6efbe2390fb6d125e1d4d26f2c4ac6f9130a3dfbff7da0e60f31a9e11d697ef9
SHA512 0bd942ee8e7ca33fff6611e6658001480b707137cac3932ef73de61912caa26eea6479aeb64f9b87eaf306c3dbcabd07d1528b16e11524dec4b3dba7e3c2b2ee

memory/3036-886-0x0000000000CF0000-0x0000000000CF1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State~RFf7702a0.TMP

MD5 87a2b0937c2488936d1cc5e43b1099df
SHA1 fc69854f90c04af6b0c978732e7106f83a24a9b1
SHA256 c236654e039d4158cb3ac3e4f8b5c03084fe29394d54ea08d4a39376d41b0f05
SHA512 8403465aebf8b072fbe75b11bf51506cec80f66e332864957691bedc6be78e63da349f59e95520d25d3a14771a669e35e9892fe4dab078fb322153f954168813

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 8549c255650427d618ef18b14dfd2b56
SHA1 8272585186777b344db3960df62b00f570d247f6
SHA256 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512 e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\3606d86a-7c5a-4a42-a5d6-91202c594941.tmp

MD5 adb89ae54a2f8289506613c373595c47
SHA1 80e14378871dbca23bade326a5fab0ffed49103e
SHA256 b2214e38c06ffb8b81394b21f6681eb4eb1fe9d205c09c5be51f3fdf43b4edd9
SHA512 627b8da1884502a4f447046dc7f3546e893b1c33ab23c6806b5994c441d9237eaaf24b1268b5a3c3d5d42b11b306d4ff3dccd8b3815b06ff12c0a3693772a9d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 265db1c9337422f9af69ef2b4e1c7205
SHA1 3e38976bb5cf035c75c9bc185f72a80e70f41c2e
SHA256 7ca5a3ccc077698ca62ac8157676814b3d8e93586364d0318987e37b4f8590bc
SHA512 3cc9b76d8d4b6edb4c41677be3483ac37785f3bbfea4489f3855433ebf84ea25fc48efee9b74cab268dc9cb7fb4789a81c94e75c7bf723721de28aef53d8b529

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\datareporting\glean\db\data.safe.bin

MD5 7201590fd52350af48d47d45aea4e186
SHA1 2ec7685710e4457d92af33facf11815db2fb9a69
SHA256 2e797d327e1a011f83224a1e5379829026a580d4b7c7dd6d9945f7c0cdaa5cf2
SHA512 4fa49b40e5a1cdb534c4419853e7539bc012420078f5fa68c7650a6a08721864e28fe093f92bb1e6ee7f8f9d34236aa3525e2acd20f7232b138c8c0b63bc5296

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\datareporting\glean\pending_pings\8fdd54bd-964c-4ef7-8016-c60a99fb4a06

MD5 0649444a0047cc72dcfb571f01de92b2
SHA1 a1bfb6eea27e5a3db839a5e1be345d9ebd21014b
SHA256 beb1cce4cb41a747de543340a855461ef8ca291a76e6e9dfaae8875de075435e
SHA512 60db32e774f7625f436c2a04a7c79f47984d01cb7875352c1ee59564b7537e1b2f6dcbc6652fedc6091ed9036a76586ae89c0d8b893f86809d9637973eda3168

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\datareporting\glean\pending_pings\6a2006aa-8b3f-4ec1-a476-a8fe8346cf18

MD5 5d3365ec8264610fffe3218aeade112b
SHA1 5c119f7cecff552e648413fdc9db561fc5b939c3
SHA256 02735cabc5269ddc52408fdccdf5a0212d8764703feee5f5808355b16d2daaa8
SHA512 81237bed588218fe4e61af35b5902017d0ddb924c14c9e4690bd2b7269ac440cc7e11bf866b46cf8586f592d2e1f87eda538c7912da238704871e554b8204b30

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\prefs.js

MD5 391e4bf0ec3767f8646d0b60653ddc9e
SHA1 f62d8b53f7c33289bc2eeb5e6c66479eeea5f4d0
SHA256 66d793efcb281628bfbf5042fd9f2926e7688510a7f2e4029f9f49ceea6b4c02
SHA512 e2340f807979c01c614a31ead8f4f991b40968bd6f2306b28388ae397050994afe26d66147a858112360ff72781b3e26e53a02f13e5b4dcc8aa63c0535e34544

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486

MD5 a89819593d326e7891db3102487f18ba
SHA1 e8972c883c57976a6a6e676a08b488abae9c82a7
SHA256 07f033948e887c74df5ee50ae72c287706f58e17a5b9e62635c2d3bac3f02558
SHA512 642c680c0813b4760442e504a8ffcc4bbec65c9ec22608f608992c6393fae3525c00709e83de135511f14709ee51ac82c662cd1b26a5f45f9f2b14ba2590fcd3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486

MD5 4b360f84665b259533b50149c58d7134
SHA1 9eaf3f9a4becaa9d437fd18d9d7051f48cf260e0
SHA256 14c75fca7ac41464fca1f142246f51087ca4fea78cd120d46ad310872c6c2e0d
SHA512 7ce3126df3975323e519b3b3755cff0e68d3afe7917514d2e336c7b6f61c5bd2bbf6387c51e16089501c039139a60e882df83887e58c6a45ef2d5ebcf27bc0a7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_DEFE6B99A4F3DB39CF646AFC270A09C7

MD5 61f6ffa083a6c599aef923271546aaad
SHA1 4012ebff936adc6cda4410672f84a6f501fb432f
SHA256 5ac5ba3af42bd29af7fcf3aef59d4fc096850cf822e51e00053c17998500eaff
SHA512 6d1b319ea1ffa601b7beaa720b9077fe60409595236f25f89ae904c9e4c3db60fd856ece10fc2d81572362d1e3eb06089eb016542adac13f2a4b3cfb39c3434f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_DEFE6B99A4F3DB39CF646AFC270A09C7

MD5 8d07a5f5d54658ca9de694803d4c2bb0
SHA1 d824e93c4235162057396e9bb9c8fcc002c50928
SHA256 6d6d8699b7420c572e26ab8521ee06461bd5ff08eb0e569c86c2e84706d375b7
SHA512 024242691c38522f4e01fdde857236cf5a39f0121e44d5e0706b9ca3552dadfb110a6737956b425465f9dcdd8bb9e6fe1a6c8fcc7164bfac2fe8ef16fadcef5b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 5252066f674ab70eaa9fd575b45d69bd
SHA1 942d0137d5882feced7f8059fbba819a2defc9fd
SHA256 38d0f640decb673e79f7d2a16d3dc058d990fd2b102d36d7c3e57f0adbb4fcd0
SHA512 6448c139383b7572b881d1fa1c6dfccd11906ee9638c577a9efde4050b8977cd037599d9ab59ca625a4991336c9b7a80925138f37eac06aab0a5a18773e854c9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 0c3c859b1ff0353f0880a2a38d6e554c
SHA1 a01471f1ece3577a3928576e1fb2b7e01ea60b9f
SHA256 76693dd03c4c2bc58deffcbdd09dc83bcd02de9b9b5a0b315c7f62c2afb9bae8
SHA512 8d85aac2e7eea238414e8d9c5ea07fae6889ab77637c44ad702af446a91de3e05303f172601435db6339950d75ccaea7ac66969d4dea2e3151e336715cace740

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C

MD5 0113178bc5ae00735f18dfa81ec6645f
SHA1 b4935e7ac9c639ac709262d69a15d0a1233f126f
SHA256 faddd603379eecd69ae7fc7acb713447afd75fd4f46bdf1b32c73c43bd3435c7
SHA512 64948388eed7d1631f2b110593c2be7d78eba94bb03972e68bdb1091329cc6334be4baf4dbfb44c4a0c63a3704e7e5fad5008f0693abd2d57e920efc8b609a8b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C

MD5 71eace03bfdbb348408615a698c4cfd4
SHA1 cad40d36b2fea4a95587c2395f235cfd58c909a6
SHA256 c0f97ba4c87072f6fc3ee617ed6a20742983abfad56821453a8a5968fe4b88d9
SHA512 054d6c7d3cc392e7855348275e8a2d466965c29f6b9b592f53478853575ac5babb6acd933bd755a6550a3d5b8f4abad6cb6b3102d878d2371a58ea910b0345d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 19be8fda4eb91b2b3fd5175a0ac55679
SHA1 b6948b0497a2e6e5231b2cb2d87c91e0a7d21804
SHA256 d07b6f4e6a032b7ffdfee443424903627547707d4efd9d7ccf459e07288281de
SHA512 c79a662e79a0b8532a180f31925d09b85833d4da69f5f6614f0dabf8174579da12c63dc6774b32b8d858b450311f1fa3bf7b33936d52b44a354587f7cb63a210

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\prefs.js

MD5 6d0a81c52bef3302f7239a9e1fa3b130
SHA1 11d12a42339a0393bfdf57e57b3d0d0571d23015
SHA256 f14593d26f97093b2d282a6f6217228cd303064eaf7b87a5280edc3ed9baaf5e
SHA512 dbfd082cdf12a5a4bc264be924d80748885b998c9eb457389b4aa567fd8744bb10fe2b628b1c2686e2cf4ca1ff548a92cc2042254be35559cb45a115d56b90e2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\sessionstore-backups\recovery.jsonlz4

MD5 b0bddc5673118bcb5c754f5d7ef32993
SHA1 0e44c9177c7ac566cb0b6e41bb07fdd0abdc89bc
SHA256 0dee2620db7e1d78e564ff4875eaf62220adcdb04df840f77754fa91543c4001
SHA512 c031f63a1ca1f252fbc1f509924cf42e93493abfc51af678bd0451b5d06cfd17868a74e64b3f3b0e1439e8b441ffeb4cd353bd103919782dc1a135861b886755

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\prefs.js

MD5 f9a50d8b1b7a4f8201c0ef852f21bad0
SHA1 37a53ee57e2e10b115303a134d4dd1df7f61ad09
SHA256 45c967e164d042f509df242ff6b5a453a06ec048b29036a3ed1434be76598248
SHA512 a50f35eb5bd1feb0498f6fe19b6e3d357192903baf3703daa55f9dde4f9e2e89ba21b57f026e8bea6152379949882756b307289198f41ffbc176dba0c09cb655

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 774d6d9e546dad4674b686a7065b8876
SHA1 250ee7b356943aedd1998a559c8729b8cba1f0d3
SHA256 47146a4420d3cf4d05f339d78d5c4706ba4a63c0d6886bc546a8901021014eaa
SHA512 cb4f68a425f82a1a48187aeda65f0528eee34da3e5f245fed57a11f1d880db7c757a7bbde7476203b25735efbfc69cf2d9047e8626ab5fee89aeb557636a6e5d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4e0885c1b082d957387dd5f3c0f56a6b
SHA1 c0920d2389bf7bca205e1f5d811a5cc06d0fee47
SHA256 899b9cd058d7b56c2cd5436b689ee01298e09dc98dbe80ff71d42ad438030259
SHA512 df4e5931f9030c9726beb7648fab34ad9e97e804e63f78e6025864ebddf5e131f9cd8b75db360e433b6c9d36ecfcc8d8345392193bcded03b146425388dbb49a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\sessionstore-backups\recovery.jsonlz4

MD5 743f8c96bdac60b004536acf765599f8
SHA1 bd6a0da4b28a8bdcbaa60dc675b0ab36ccdb5110
SHA256 72b03b94716eef0e9a9323bf9829d22923e11700afc4d261f37d55c281c8a79b
SHA512 dcb981bd8b0c2324791a18d6b00b000ae6e0e3a5b9c8a6ee27308e9a6fad43d79f2fd1219f91928ba17cdfff6bbb67ddb9509d33010beae03518f5f8bf2f4d8a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\prefs-1.js

MD5 91958f84acbfc1f379efa58b8b43c406
SHA1 6b0810b0026cfad261d0e7bfa8578edb34d7598d
SHA256 6c7b56473630ff6af0ad26fb8feda19b3578dca4fe6119da046b7ca2baf30eeb
SHA512 b6e8da469c1a7692965b054832ec7196610f400e56aac70a39371a28337b59b072f24204f320aced316dc947646fc6fb22f4347e3ea89c690c47fc9726d914eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf7784d9.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ca3d91e05bd2146a352fc45285e96d72
SHA1 acac72687bef07d0bf59a5b6115c72325882bfc0
SHA256 4a7c041ed503c675bc24d1faf2dee85d69db4beb89a6b646b234b7eaf109269a
SHA512 6cbd43335a26631d18fecb6e431d872256bc4987f0a415e860190b246cb67d7d8bd88dc7aa84ed234e7a1463b21c9564010bd2c62c44a12d9997a270c38f2e14

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\prefs-1.js

MD5 84a5426610345241bcbab6883dfbb5b6
SHA1 85262335752065d9c96c64a2c8cb05f3b384621c
SHA256 390b3fc26286ddf7ce3819f7caadbd0f43c007dd94a93a998fd6a0e3ce7f71ca
SHA512 3255b5449c5c1c40d3bc8660ef502b2a013963465c0ccaf48edba38e16346647f539e89f26e712b04c7202f4c8bd5de05afa6c63c1d9e6811004b5f012b48546

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 1640c61b8444463cbea36f8bd5a04dfd
SHA1 220ead07cf1aaf1328fb4f0dd72ce1678b4c8732
SHA256 c89c2049fc25dfb87717f757b4e2944bd5a1643654d0ac6c1a15c2d242572194
SHA512 ec818ce5efb588e3ec80547005e5ad0c051571d18d00b2d3d7f2577421be494e2a0e90516360768697e9c6008fe1334b617f77463efb38cd8542368d1b88df89

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 00d4a51250ecef8af795a12e3e6c0215
SHA1 d76d16e018db549db45a114da0fd248e130c1400
SHA256 4300c0cf039be558cacdfff8a7864889df8ac7141959cbc43c92be90f2762833
SHA512 975c91dc26b3884e7bf53172bac5d4d42df9e8fd36ec940bab08272fc47a2872101db05d29eeee101f06c6b2c0cd4cc8fe4da8a48492c99b5ee7172fd42e3ab3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0fbf83bc598398c20f07502c9a6a6a4d
SHA1 1b435601f79764b9e48c5503a234cee845abbd22
SHA256 8c1ca973b842ca5967cfdab72f11186b168ef856dfe460220a15c6f21ecb9622
SHA512 ed7625b23b92adb775d6144ae773eb7832d011445e1b480ab1f6558412a013db21443311fa4dcef61f1b04aaabfe92a40686cfd38fa7b8b16638d705c93d9331

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 79d851e6a0d7074c8fe641dfdf339eca
SHA1 d5ef40c17b8e33440d6c9c81105e64fa83b7b8ce
SHA256 a36bc5686c379ca64f612c6555d1b2b1f598ed88225f3196d3421c87074a4960
SHA512 09665c99772b89ac184e961a05746382b2abff06e1efb17c42bc1cccaa06d75967c74cc4d83f9db493539644a827d0d449e4e0ee2750939239a56e6a2a0c2061

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 eb706b5ce144c5244e7462226b35d180
SHA1 9f1bdcdd6614db8561e3d0d9d79503f21cd01dfa
SHA256 f382b9db24e2cea4c7cf8a9020dc01356724090e02b1eaf13ccf5e90777acfd5
SHA512 6917fd02c137f71375695dc035290741f567bb8f447a59199199b9faf53caa32ae3962f308ec0e675d2f5c9dbb770d781a1fddfc04b0a0b831b70151e4d6c370

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 08af6326771adb961816bb73da33131a
SHA1 8f8f16995b8a0d03d32b0a27fe74c10ab471662b
SHA256 e3d2b04fe937f3ce07098f9ea5260d772b89da3d88929788125cda392ec038c3
SHA512 ad30e630e402b652a96d633355d2819459ec2cbb4a083324a513c4f94684e8ecefd091165b74d40e49781995b2eeff5f6ea2ef0687a56be77b3c494c2ec9b250

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0f5ac0cf8e002bc8873a8388d1a1a747
SHA1 c9339c515e05e9ec99f520a6d7fc691ecfa02f50
SHA256 6f75b282104614683380af1da3fda7430700ddfb8d08944aa8ea7a95ebb1bfac
SHA512 dcda98e787724b8538578afa694c87dc4d388c645c52c46258c8058c7d9617bdd68f88d2e5702166689cfa08e025e3f9116f53736b2332562919534de15c9460

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 eaf8bb5db0b61c97336e5c3e6aebc902
SHA1 e76db88b37887616f63d05574cf0e4000908091c
SHA256 7b479db1f5218dae321670116140671276895741c72ab1e0a6fcf0b1951678d4
SHA512 4ee5cb96b507fd53c6ca4c3f5217a9b491236b28783f3ac2e3beee9d648a8ba7d97ee1b954e9c2482a625118a0ed5a12501deb0c307c32a34e37aff9549f6b11

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 b06a35e5ad9668c2a4f0b9ae7836dac1
SHA1 8edabff1a9724236442b5d26dca825350f419f35
SHA256 a89534f2a4cca4ed539d167fd7fd7280e4f8d81c1b6befe5a782d8a2981e8c92
SHA512 06724e333865eaf64c28d4cddfabded8016abbd251fa1aa2efe2efaad38891962ef5fc06eb705dd93fb0385b1af0ac0db0fa924eea55ca3af42e16e34c9259b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\sessionstore-backups\recovery.jsonlz4

MD5 4fc3c79368e0d1ce7bef250b518ccd56
SHA1 a6456bb8e1c2f032c3626bbda13cdd8595812c4f
SHA256 f4bf3d2994fc9ca756f9b96069cfa0c97e2c05beeec4f10bf40367d28770bb60
SHA512 38dfab110685a226821af8ad2c5682ffb1a5cbe214721c22393ea735960f5e8006aa4b78413f21f144898b87e337f6ca5698b9dd5dacd608f7a5047b38f41556

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2729ba6bb56752cb5df58bb78fa3ea33
SHA1 37d34cafcfe2b1a9bfd411405171fd3469ceebfa
SHA256 b8fb17ff2b2c19a11c54563e7b3b1c481cc727c6cc1ba2be861bba8135678dd1
SHA512 eac1112427d3f765585dbb485c2b0df596b63ee0bbeff5f1024b3b93a32883e7d042c553058605c36e5654f5118a9fd6682c758e3c30b84d4d02b32d8966b902

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\61470c55-1964-44a9-9418-045be85dcba3.tmp

MD5 3f21d10b78c3dc08642472a6d0171d0a
SHA1 97740af661e668acdf5a5b8373422d64bfdf164c
SHA256 9700278ad7d0dcb9ba5e581f48709eb82b256a2e5db0007f86c35dd8b0b549b3
SHA512 f96dbb2438d9b7c7f24c0cd5f7f1fa5d17805e5dc60de2c96902e1b74ccef77481bd8b31f23f087cb1368132e71f69080df29352dad63854b345e457691f107c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 163968b1a1b850545b33cc8d0c716709
SHA1 832d645b1f59a4c23d59c0bbd7b9fdfb9d7d8638
SHA256 4d15ad6619f1f5f54fba8ade67ceec275f91f9526021beb8fcb4b607ab6e95fe
SHA512 240d0c03624a3dc9a8b1be0242e661b31729b5f44e1c8b39f682804a0ac623f9f9187d4a346a2ff2934efa11546ef4f424d2a84232a0a925a2789880843462ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 633c604debb7c1d4879476641cc2653e
SHA1 77725437712f4facabd4d51e2fab5d6c324b47e3
SHA256 a7df98d5ad8d728cff75f2871c871a2662c339a01bfadeb996c3d28e4bfa1ab9
SHA512 95edf077ba1446e6560ad0774ff63bff154bac0f5e05a1228590bfeeb24e51d01bd1af4bc8a8bed09f9a4d04416582f2e38fbd6da4ac974c91aaffff47f72c3a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\idb\2759247079LCo7g%sCD7a%tea3b1a5s.sqlite

MD5 07d6a6a8bbdb845c36f76bc99b46a80c
SHA1 e4805493ac7fdfe480e46722f840e15d7563db49
SHA256 03c61aeaa71bc91efc69686fd0cf4fa039c289654958d42847a64889acd6e4fe
SHA512 4e0b8ee965cbf10a7a97543b3bc2942a96a16275c1fe3ca71d7f7767c19559b58c968c1ee1ffaae3805c553e7fcc941be9a3e2ce653e8a54a6e02cc63aa57b58

Analysis: behavioral2

Detonation Overview

Submitted

2024-02-06 17:58

Reported

2024-02-06 18:05

Platform

win10v2004-20231215-en

Max time kernel

156s

Max time network

163s

Command Line

"C:\Users\Admin\AppData\Local\Temp\file.exe"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\file.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3073191680-435865314-2862784915-1000\{25CB91A7-7D6C-4795-8CB3-489146F35E2D} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3073191680-435865314-2862784915-1000\{27F51075-5051-4E10-A871-6AA2525F400A} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 5112 wrote to memory of 1352 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5112 wrote to memory of 1352 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5112 wrote to memory of 1168 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5112 wrote to memory of 1168 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5112 wrote to memory of 2384 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5112 wrote to memory of 2384 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1168 wrote to memory of 4760 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1168 wrote to memory of 4760 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5112 wrote to memory of 4008 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5112 wrote to memory of 4008 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2384 wrote to memory of 3484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2384 wrote to memory of 3484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1352 wrote to memory of 1312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1352 wrote to memory of 1312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4008 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4008 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5112 wrote to memory of 224 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5112 wrote to memory of 224 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 224 wrote to memory of 2044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 224 wrote to memory of 2044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5112 wrote to memory of 1824 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5112 wrote to memory of 1824 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1824 wrote to memory of 3424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1824 wrote to memory of 3424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5112 wrote to memory of 2588 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5112 wrote to memory of 2588 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5112 wrote to memory of 3328 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5112 wrote to memory of 3328 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2588 wrote to memory of 5088 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2588 wrote to memory of 5088 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5112 wrote to memory of 3956 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5112 wrote to memory of 3956 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3328 wrote to memory of 3292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3328 wrote to memory of 3292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3956 wrote to memory of 368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3956 wrote to memory of 368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5112 wrote to memory of 1632 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5112 wrote to memory of 1632 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1632 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1632 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5112 wrote to memory of 2336 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5112 wrote to memory of 2336 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2336 wrote to memory of 3848 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2336 wrote to memory of 3848 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2336 wrote to memory of 3848 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2336 wrote to memory of 3848 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2336 wrote to memory of 3848 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2336 wrote to memory of 3848 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2336 wrote to memory of 3848 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2336 wrote to memory of 3848 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2336 wrote to memory of 3848 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2336 wrote to memory of 3848 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2336 wrote to memory of 3848 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5112 wrote to memory of 1020 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5112 wrote to memory of 1020 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5112 wrote to memory of 3104 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5112 wrote to memory of 3104 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1020 wrote to memory of 180 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1020 wrote to memory of 180 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1020 wrote to memory of 180 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1020 wrote to memory of 180 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1020 wrote to memory of 180 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1020 wrote to memory of 180 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1020 wrote to memory of 180 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\file.exe

"C:\Users\Admin\AppData\Local\Temp\file.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.linkedin.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb5ad146f8,0x7ffb5ad14708,0x7ffb5ad14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffb5ad146f8,0x7ffb5ad14708,0x7ffb5ad14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffb5ad146f8,0x7ffb5ad14708,0x7ffb5ad14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffb5ad146f8,0x7ffb5ad14708,0x7ffb5ad14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffb5ad146f8,0x7ffb5ad14708,0x7ffb5ad14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb5ad146f8,0x7ffb5ad14708,0x7ffb5ad14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffb5ad146f8,0x7ffb5ad14708,0x7ffb5ad14718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb5abb9758,0x7ffb5abb9768,0x7ffb5abb9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xfc,0x10c,0x7ffb5abb9758,0x7ffb5abb9768,0x7ffb5abb9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffb5abb9758,0x7ffb5abb9768,0x7ffb5abb9778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3848.0.977350456\1303663499" -parentBuildID 20221007134813 -prefsHandle 1788 -prefMapHandle 1780 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {736cb568-c916-416e-830a-11c05ce87529} 3848 "\\.\pipe\gecko-crash-server-pipe.3848" 1880 1ad97b07e58 gpu

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,4350150322742426116,3818830517367131672,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,4350150322742426116,3818830517367131672,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,11421388634878571859,7868839860447955902,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,11421388634878571859,7868839860447955902,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,1138441258839759858,11289259566538750063,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2148,4350150322742426116,3818830517367131672,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2972 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1444,3295717896050238570,7744114478240614183,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1444,3295717896050238570,7744114478240614183,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2052 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4350150322742426116,3818830517367131672,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4350150322742426116,3818830517367131672,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,1138441258839759858,11289259566538750063,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2136 /prefetch:2

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1556,13750176963233596646,18391434344476225648,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1556,13750176963233596646,18391434344476225648,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,10156553338590043250,14565507542762501548,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,2795591086500515282,9716951404620579756,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2136 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,2795591086500515282,9716951404620579756,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,10156553338590043250,14565507542762501548,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3848.1.540792339\374327705" -parentBuildID 20221007134813 -prefsHandle 2340 -prefMapHandle 2336 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {10d47f43-4bac-48c8-ba9c-bbf5a590136c} 3848 "\\.\pipe\gecko-crash-server-pipe.3848" 2368 1ad966fc358 socket

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4350150322742426116,3818830517367131672,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3988 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4350150322742426116,3818830517367131672,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3796 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4350150322742426116,3818830517367131672,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4300 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4350150322742426116,3818830517367131672,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4412 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4350150322742426116,3818830517367131672,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4608 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4350150322742426116,3818830517367131672,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4724 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1944,i,4354501888571874240,10789937889834087140,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1700 --field-trial-handle=1944,i,4354501888571874240,10789937889834087140,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2252 --field-trial-handle=1944,i,4354501888571874240,10789937889834087140,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3848.2.590271058\1969491991" -childID 1 -isForBrowser -prefsHandle 3164 -prefMapHandle 3008 -prefsLen 21603 -prefMapSize 233444 -jsInitHandle 1136 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {510860cd-cd75-45f7-b728-1735e075fe4f} 3848 "\\.\pipe\gecko-crash-server-pipe.3848" 3316 1ad9a417458 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3100 --field-trial-handle=1944,i,4354501888571874240,10789937889834087140,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4350150322742426116,3818830517367131672,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5636 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1796 --field-trial-handle=1960,i,14141862797318209394,3601150476799804091,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1832 --field-trial-handle=2000,i,16590012876240307064,13926689279578688201,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1960 --field-trial-handle=2000,i,16590012876240307064,13926689279578688201,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3848.4.1994286177\751157476" -childID 3 -isForBrowser -prefsHandle 3868 -prefMapHandle 3864 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1136 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fe55bf42-de3e-409e-897f-4c0d22f436b6} 3848 "\\.\pipe\gecko-crash-server-pipe.3848" 3880 1ad991c5558 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4992 --field-trial-handle=1944,i,4354501888571874240,10789937889834087140,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3848.5.1490144805\767089319" -childID 4 -isForBrowser -prefsHandle 4572 -prefMapHandle 4564 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1136 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2ef6f29d-184c-454c-88e2-98be7f969317} 3848 "\\.\pipe\gecko-crash-server-pipe.3848" 3356 1ad89f62b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3848.3.1351743000\932001921" -childID 2 -isForBrowser -prefsHandle 3484 -prefMapHandle 3500 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1136 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {75f5c0d1-0b94-4afb-a669-a3434d447bee} 3848 "\\.\pipe\gecko-crash-server-pipe.3848" 3516 1ad89f66e58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4836 --field-trial-handle=1944,i,4354501888571874240,10789937889834087140,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3848.6.491080502\1612193382" -childID 5 -isForBrowser -prefsHandle 5104 -prefMapHandle 5100 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1136 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e33d6a33-f4cf-478e-bf7f-e59c1ea4429c} 3848 "\\.\pipe\gecko-crash-server-pipe.3848" 5116 1ad9cf8e158 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4350150322742426116,3818830517367131672,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4350150322742426116,3818830517367131672,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5600 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4212 --field-trial-handle=1944,i,4354501888571874240,10789937889834087140,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1676 --field-trial-handle=1960,i,14141862797318209394,3601150476799804091,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2960 --field-trial-handle=1944,i,4354501888571874240,10789937889834087140,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4350150322742426116,3818830517367131672,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3116 --field-trial-handle=1944,i,4354501888571874240,10789937889834087140,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3848.7.764783527\260661261" -parentBuildID 20221007134813 -prefsHandle 5680 -prefMapHandle 5668 -prefsLen 26381 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1f94bcd6-34c3-4bf3-ba2d-5db33d9658ef} 3848 "\\.\pipe\gecko-crash-server-pipe.3848" 3296 1ad89f69f58 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3848.8.1605277351\1937144954" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 5688 -prefMapHandle 3296 -prefsLen 26381 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {09c4659b-917a-40ac-91a8-7cbada9727e6} 3848 "\\.\pipe\gecko-crash-server-pipe.3848" 5784 1ad9a1c0958 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3848.9.402577972\1406917741" -childID 6 -isForBrowser -prefsHandle 5420 -prefMapHandle 3264 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1136 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {95f9454c-b744-4621-8223-eaf91291e680} 3848 "\\.\pipe\gecko-crash-server-pipe.3848" 2876 1ad9d1f6758 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5556 --field-trial-handle=1944,i,4354501888571874240,10789937889834087140,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5472 --field-trial-handle=1944,i,4354501888571874240,10789937889834087140,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2148,4350150322742426116,3818830517367131672,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4380 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2148,4350150322742426116,3818830517367131672,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4332 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=212 --field-trial-handle=1944,i,4354501888571874240,10789937889834087140,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2148,4350150322742426116,3818830517367131672,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7264 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3848.10.269981559\352403123" -childID 7 -isForBrowser -prefsHandle 5476 -prefMapHandle 6752 -prefsLen 27337 -prefMapSize 233444 -jsInitHandle 1136 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b34f26a9-d316-4162-b6e7-d45b63bd91ba} 3848 "\\.\pipe\gecko-crash-server-pipe.3848" 3292 1ad966fc058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3848.11.733457716\918203301" -childID 8 -isForBrowser -prefsHandle 4012 -prefMapHandle 4008 -prefsLen 27337 -prefMapSize 233444 -jsInitHandle 1136 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bd2e7de2-fc7b-49f5-8569-659b70378603} 3848 "\\.\pipe\gecko-crash-server-pipe.3848" 3880 1ad991c4658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3848.12.1707195855\568823425" -childID 9 -isForBrowser -prefsHandle 4796 -prefMapHandle 4108 -prefsLen 27337 -prefMapSize 233444 -jsInitHandle 1136 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {94972788-2dae-46a1-b55f-87e678f52e23} 3848 "\\.\pipe\gecko-crash-server-pipe.3848" 4004 1ad9a330758 tab

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,4350150322742426116,3818830517367131672,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5336 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2712 --field-trial-handle=1944,i,4354501888571874240,10789937889834087140,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 www.linkedin.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.200.46:443 www.youtube.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
US 8.8.8.8:53 35.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 85.177.190.20.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 46.200.250.142.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.200.46:443 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.213.22:443 i.ytimg.com tcp
GB 216.58.213.22:443 i.ytimg.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com tcp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 22.213.58.216.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
GB 142.250.200.46:443 youtube-ui.l.google.com tcp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 44.227.167.82:443 shavar.prod.mozaws.net tcp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.200.46:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 82.167.227.44.in-addr.arpa udp
US 8.8.8.8:53 61.179.17.96.in-addr.arpa udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.213.22:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.213.22:443 i.ytimg.com udp
US 8.8.8.8:53 227.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
GB 216.58.213.22:443 i.ytimg.com tcp
GB 142.250.200.46:443 youtube-ui.l.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
GB 216.58.213.22:443 i.ytimg.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 rr5---sn-q4fl6nsd.googlevideo.com udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 23.147.70.163.in-addr.arpa udp
US 74.125.3.170:443 rr5---sn-q4fl6nsd.googlevideo.com tcp
US 8.8.8.8:53 rr5.sn-q4fl6nsd.googlevideo.com udp
US 74.125.3.170:443 rr5.sn-q4fl6nsd.googlevideo.com tcp
US 8.8.8.8:53 170.3.125.74.in-addr.arpa udp
US 8.8.8.8:53 rr5---sn-q4fl6nsd.googlevideo.com udp
US 74.125.3.170:443 rr5---sn-q4fl6nsd.googlevideo.com tcp
US 74.125.3.170:443 rr5---sn-q4fl6nsd.googlevideo.com tcp
US 74.125.3.170:443 rr5---sn-q4fl6nsd.googlevideo.com tcp
US 74.125.3.170:443 rr5---sn-q4fl6nsd.googlevideo.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.202:443 jnn-pa.googleapis.com tcp
GB 142.250.187.202:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.202:443 jnn-pa.googleapis.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
GB 142.250.187.202:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 static.licdn.com udp
GB 216.58.201.110:443 play.google.com udp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
US 8.8.8.8:53 118.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 8.8.8.8:53 155.134.221.88.in-addr.arpa udp
GB 142.250.179.234:443 content-autofill.googleapis.com tcp
N/A 127.0.0.1:53002 tcp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.46:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.46:443 redirector.gvt1.com tcp
GB 172.217.169.46:443 redirector.gvt1.com udp
CH 74.125.108.201:443 r4---sn-1gi7znek.gvt1.com tcp
US 8.8.8.8:53 r4.sn-1gi7znek.gvt1.com udp
US 8.8.8.8:53 r4.sn-1gi7znek.gvt1.com udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 201.108.125.74.in-addr.arpa udp
CH 74.125.108.201:443 r4.sn-1gi7znek.gvt1.com udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 209.205.72.20.in-addr.arpa udp
GB 216.58.201.110:443 play.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 ponf.linkedin.com udp
US 144.2.9.1:443 ponf.linkedin.com tcp
US 8.8.8.8:53 1.9.2.144.in-addr.arpa udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
US 8.8.8.8:53 platform.linkedin.com udp
US 8.8.8.8:53 127.144.250.142.in-addr.arpa udp
GB 88.221.135.104:443 platform.linkedin.com tcp
N/A 127.0.0.1:49851 tcp
US 8.8.8.8:53 104.135.221.88.in-addr.arpa udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
GB 142.250.179.234:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 16.221.240.157.in-addr.arpa udp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 rr3---sn-q4fl6ns7.googlevideo.com udp
US 173.194.191.136:443 rr3---sn-q4fl6ns7.googlevideo.com tcp
US 173.194.191.136:443 rr3---sn-q4fl6ns7.googlevideo.com tcp
US 173.194.191.136:443 rr3---sn-q4fl6ns7.googlevideo.com tcp
US 173.194.191.136:443 rr3---sn-q4fl6ns7.googlevideo.com tcp
US 173.194.191.136:443 rr3---sn-q4fl6ns7.googlevideo.com tcp
US 173.194.191.136:443 rr3---sn-q4fl6ns7.googlevideo.com tcp
US 8.8.8.8:53 136.191.194.173.in-addr.arpa udp
US 8.8.8.8:53 rr2---sn-q4flrnl7.googlevideo.com udp
US 172.217.131.71:443 rr2---sn-q4flrnl7.googlevideo.com tcp
US 172.217.131.71:443 rr2---sn-q4flrnl7.googlevideo.com tcp
US 8.8.8.8:53 71.131.217.172.in-addr.arpa udp
US 172.217.131.71:443 rr2---sn-q4flrnl7.googlevideo.com tcp
US 172.217.131.71:443 rr2---sn-q4flrnl7.googlevideo.com tcp
US 172.217.131.71:443 rr2---sn-q4flrnl7.googlevideo.com tcp
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp
US 172.217.131.71:443 rr2---sn-q4flrnl7.googlevideo.com tcp
US 8.8.8.8:53 188.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.35:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 35.169.217.172.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.200.46:443 youtube-ui.l.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 beacons4.gvt2.com udp
GB 172.217.169.35:443 beacons.gcp.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 8.8.8.8:53 116.32.239.216.in-addr.arpa udp
GB 142.250.187.238:443 youtube.com tcp
GB 142.250.187.238:443 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 233.17.178.52.in-addr.arpa udp
GB 172.217.169.35:443 beacons.gcp.gvt2.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 b810b01c5f47e2b44bbdd46d6b9571de
SHA1 8e3d866cf56193ca92a9b74d1c0e4520b5a74fdc
SHA256 d1100cf9e4db12cc60cce6e0e2e3d9697e762c219f6068eb55a1390777bf4b45
SHA512 6bbf900b2f7614dd17aa6d5febe3ad1100851e2309ba2cd5219c5aa5af7bf830eec2cc88071d37987aa7e3f527b8df5b2d85e8b21b18fcb071baaab1a2eadae2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 efc9c7501d0a6db520763baad1e05ce8
SHA1 60b5e190124b54ff7234bb2e36071d9c8db8545f
SHA256 7af7b56e2f0a84ae008785726f3404eb9001baa4b5531d0d618c6bdcb05a3a7a
SHA512 bda611ddba56513a30295ea5ca8bc59e552154f860d13fed97201cdb81814dd6d1bca7deca6f8f58c9ae585d91e450f4383a365f80560f4b8e59a4c8b53c327d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 8ae25b226e0662d256cdb32f2777f840
SHA1 39594f82a6dd98b6e4a341648cd56e9efc6aa16e
SHA256 935b4cba7114f9adb0c7ae6acbc8903ec672ae318ac63c5d5e5edf857b4db207
SHA512 e529649b71c7a7fccaabc2833af3cbfc9bb15b66cc5735fc95a2bd741c502bd11af05853946d045a49d823e3f6899523d050fe7d33c485af5abccc8e2ca02e8f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 78ba30121b0e4f6ec0c29dcae25e0a61
SHA1 9fd5f1e45bb71a465e93eafcc132aac761662d92
SHA256 91016b505f30d21211ab0dc75a4b9d83b742d1f17d5e81a7b65af4354407ca6f
SHA512 0d3a1acee9c869e8c1da66472a1e5cd7d3eef814afead56a180fa3e99f36538d38be3d5c8c33196eb28f8a54dd9471fd1bbf844e276c0167a39d24f9e1062ad2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a157d5cf647d5e0d37a5729469354994
SHA1 30f865f052981804ff6597b34406789ac9262378
SHA256 1d667829a47cc7a9f4f4f181e9f229ea392f8e0680c0feebe9af0918536331e1
SHA512 0a5fe0a7006a42283f2eed577842114c72dc8631fa6fc70fa3d323c2595c6d45dd5a21ac8b5dc67d9fff2a2286bb6e98b4079570495802ce65d2bcd39f5a4286

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 93f2a22ffa8b355c8b01bbd5b73b0ebf
SHA1 a0e4232c52f41f9057a8faf634f3a327c518d360
SHA256 251b94ed7510ce787c67d125d994eadc01c847f502ffdb5a6fef8233f7916315
SHA512 7e8f80c61cb435413a900cde5cd207f8cf6599275857e8666398d9839190345f5e166821dd4392b4048eea098d4c6aee9d7d8e36de5196b69b22834d5ef16ffc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 7e5854bde9cffc9f92e1558f7813ac7c
SHA1 5d6fd945d09aa2be5b0657b9a7bc70dcc5f252fe
SHA256 a20f47867c946787515a4c1619e5d23466aa2b596b85f3c4f92748738d940a7e
SHA512 1a124bbee8c3d8af1d11e91e66234d5401b2770f1e51db46fef73c5d9866cd28aa7ee0812e3ec9385984f4a49bd5264f33802a4c9ab31aeb61ef9cc9d4b02916

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 54a0290d978b647e69e47583799c4097
SHA1 2fb61e4ad500fbfc55b078bcfac1cdb3463eb23f
SHA256 1aff82fde29e84d8a5d38f4445e1a4a5ef1afc47b80a419ec506d9f4d5fb0a7b
SHA512 66943c4af997d1b8e104d99835d8d3f95d8cc4ad4352b035c8e712f539557bbec1994363f778eaea0207ca8e89e3830121e2d41bba599c06dbe4ee553b463d63

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 cfb4b33d37fad446330b659e8f76b383
SHA1 cf3017385576edf025c60f56548f20b44a50dcba
SHA256 754b63b552489fd275d656afab0401ef4bfd07c2b7b1df5aa3d321c595e7f5af
SHA512 6dfca09089f9801fc5c026c3eeb22060e798f7634e72c37f78ac8a7a8b9bbea8db4ee23c80b33bbb900c099cd2cae538d041efb617c08e80f8eb94a356256e38

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\datareporting\glean\db\data.safe.bin

MD5 d0a11cd61e9c3e780864583540461e0e
SHA1 1ac2dd47ada3fbf83d1197177ecef76867f6730c
SHA256 58ce12ff99d90c2bd69a4be2af6d595fc9b5dfe34e973c3e267e4bef0a3c7691
SHA512 0fc28c650bc3c4b84a34d17993daf9551b2abbb4d396248fb131c24d3cf6d39c17405a8154e0178384da326a6b9483112a88e8aa58f444a76ae7861aa5ceff43

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\datareporting\glean\pending_pings\9a4d44b0-c004-4195-a149-c2bc179acffc

MD5 5a09349d058f593aee4ec5cc562e94ae
SHA1 653e1cfa812e24aa07065a361dbcc4f5c915e272
SHA256 0e6fc5c09427f77ffc409ead29bf8f8292c3669ac8d68eb965129a0444a1b55b
SHA512 9614856cedf1eeeb10a9e907edfc65fc7662199f23f88329c0da94d26716ded83906e87f7c3095a342729a705039e8e299cc87a56e70ff3250b7fa1ea08b9c8e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\datareporting\glean\pending_pings\4afbb221-453f-4a8e-90c9-1032658cac11

MD5 afd461dc5c07a6c92e5521b4fd39cad0
SHA1 21da86fa466c6f4ffe1bd637a4fcba8efd5f775b
SHA256 f54f3c3b1b92f4f8ad40c9cbc11324202d01d90c2d2a31d486f3dac699acf0a3
SHA512 7f082af2e202296e4680ea8bebcfa825cf09c4e02fcf754395c86d454e41d9aaaa468cf5d08e2a44cb7fa26e94394593599c719968b7da0a22790315b57186a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1d823f1c24ee505c2158c5b41f307193
SHA1 3ae5d8c6ba72f5fb37df00682281f98079b6e5b1
SHA256 d100e078c9f377c030d41a9e5619ac55fe06d91c2f441ffbc277949429f37dfe
SHA512 d5d9c575e092475bfe11a6753727516d4f86d2ffee30534817efb7adbbcb89d46a9df86662ced585bbe9d7cc0acdbb753a4f1539383cb36ca1d7dfa56edb4bec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 bc6142469cd7dadf107be9ad87ea4753
SHA1 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c
SHA256 b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557
SHA512 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 eae7aef49ba06d70e0039bef82fe4dcf
SHA1 26ac0f950910bfe8154e70ac56be7ea7c927d0f3
SHA256 9a94075540a505d9ff69cef010f77b205fafa6f472ca3f0f90d3cbf83286ca69
SHA512 06aeb7d3ce1bf065166cec7018d6a8748da20bf0456fc8dbaae5af20931b240ea85a860c01267bfd24480817f7e904f3eca851c1fb19e457fbe6c3d38519ab5d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 32285f43af25cf830ab6440997697e09
SHA1 7efbb132a52d29f46877487f4dd576ace33711b4
SHA256 540030c006ecd189f2853246fb959691cc6d3df5c4634689d07e5df6a6c97f56
SHA512 7bee6e1d00e16821e52f3d85af8bd3f6fc39a92563329ee56e64953fd94696d5931f26948dbea99161a0a3a2f0c080750eed86e7a6f7b84fac06c0494cac675f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7823e7996f4410c84fc0ddcf34ae603b
SHA1 51d3122a42863385a41a6c9e10fbb5c9993872a9
SHA256 6f8a0e2a5107c85318d0ee307c2b63ae9047b0c742a4cf85f3e4f2e38a0eccd2
SHA512 f42a8b90ee419d7bd72f763d984833d9679839e59ae5c4eff20c9fcca5e5b3c7121ec1228e775a7adcfd264efdda8b38568d3d82185766d7362cba981cddc5f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 20bfa86a55283127241351e042f55137
SHA1 9ea3eb4e3d45ee4246895993ae868f44c061c1f4
SHA256 58ee6a414c9c99830adb8c5b166afc85c0b848b65c0079dc7236a325c1f7c49b
SHA512 4d060930d6693c1c5e38fafa43e3ac71bdadff8a1c86e946d869d52fc43508c92a88ca153dab3437aa9731e2a2c3fc6ea9403405c4604d818474c61971378626

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 1999a8d0d9f0d717699c103bbbc9ec9c
SHA1 9338c6c3a7150de42a835935a34889cb2a7e15dc
SHA256 c3231480349deae244292f2dc05ef49c1d9b67e0d73ec5da9d8e6176a5c5c994
SHA512 d7eb1b3f122437e6a72735bdfc03ad0e69e52df7707c0d6295f8b1f9b54828df87b3b40cd788b108ccceca7c09161151954b689cd7e9da23633a91e329c7d290

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a556e502daf5484264ae84c838eef7d3
SHA1 518b33cab55e14aac64ea48443479e7542ce80ce
SHA256 d4212269bdfaa02ac428db6f995aa08b7aa2a6c536b38f05dd276231b6cbeb08
SHA512 883cb450d3f2c9d8a3d20100fe4e172e47d2fd3fc5b91bd1d867dde61a87939d914f5c03bc45407c1bd45ed6da83d6d179ed741e764790509b91357e5be8bd9b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 768e214abb5e84db7cb9ab871c0c2ea3
SHA1 2e81b2fb40c583218876eeba22fbb338ebbeb74a
SHA256 efe6b93f7ac96a4fb43b599922a3210f54109e6327ab0019ca4b619771d70d07
SHA512 89fd313afb3d8e6802be46c1fdf929ab3026f21fd4bb3845184eaec1e012f932029968116ba502018c9a9ba41e226b314dd4a30b94c3093233b4f1d2daaf71a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 121510c1483c9de9fdb590c20526ec0a
SHA1 96443a812fe4d3c522cfdbc9c95155e11939f4e2
SHA256 cf5d26bc399d0200a32080741e12f77d784a3117e6d58e07106e913f257aa46c
SHA512 b367741da9ab4e9a621ad663762bd9c459676e0fb1412e60f7068834cbd5c83b050608e33d5320e1b191be1d809fef48831e0f42b3ecabd38b24ec222576fa81

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\prefs.js

MD5 2a688db9fe1db17bc392f3be398df1d4
SHA1 f20796f94b02014d18fc1c3270d78295f89d255d
SHA256 f711d00518f88a187c0b5b2bf26699036acb1dc29b9a707e38c80a3c4f741ddb
SHA512 9361ba3221e51967c6763f7191849cddb36eb48343f017cc11b568321df402b0dc1927386a087d074a660578f3c1c8cfb59c12386a46ad66d7febb73224057f6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\storage\default\https+++www.youtube.com\cache\morgue\101\{21254a32-ddab-4144-8334-471d95d92265}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b1abba804c8106e462b14be02f15fb37
SHA1 fbf1c91b85a7f97fa2516407ad61361ed37888df
SHA256 9321c02f89ad7058c205d38b7f4cab8bc269cb0332106e8c48dcb11d9a5903a5
SHA512 a0b5e35fe7b2b937f92445932af3ad78fceecf1abdb464f090fe1866874bc2caa2a1bbb9207afadfa0912a08da8a17e364517e6578d0304a38437797fff2d69c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 7a204d478c8dfe822bf86f9103bbd9b3
SHA1 7114b36ea1588d9372d730b2ee5dec7a3aee36d1
SHA256 d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb
SHA512 f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 6686240bc8fde45cce7a08351901aa87
SHA1 9a77b17cd17da5bfefa44813944c2f83a0be7fe4
SHA256 5e03df5cf23f281e1468adbd4f7c6fecde0aa49aa091dff502c502259f08804e
SHA512 54d778639e5cac66fc9c6cc47198afef9ddb12052620ee35116c7e84131e10da986f45188db5ab384eb038d27d45ac7986ceb5a45f5683145b79c0f6d92c14e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 39d7414398851112641abe197c97e5c6
SHA1 c7dfbf990893685b21141c8247d65a9456e2983a
SHA256 77582e84856ae1d4de204a2cbc3a201920bbfff53086eb555e94f6c63dae079e
SHA512 030c552abde8d74d47a829435c30fe0c09ee7a124e6abbc38ee9097bc1e440ec9447afdf69d296730e007c57e1f7505d5b751f36a228ad0bd054ac9071b9d929

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\storage\default\https+++www.youtube.com\idb\722300996yCt7-%iCt7-%r7ebscp7o.sqlite

MD5 c8db70b0b8cab910762215f651f3a074
SHA1 20fa130a4320a0448757127fc3b5c5efcb2ad238
SHA256 5ece994511886433bd30b01bbe9751f81c55384f4d52f1fc7895d1391243005b
SHA512 0b6d9c54e224b4f84485d1c7d8394efd3a2a3a16adabee0a49cb64df9c83f9ef7663fee6811424b944c99ebdc4fe119c8ac0dc7597908e0302dd1630bf70fdc2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 76b1d978624e625aac6a16de4546b2ba
SHA1 51bc1fbfb0c40c66cc16893c7cf21f4c20a48162
SHA256 9a288196e0bfac85fb8c6b47847cda6821da2d6082da19a97879fd531027e181
SHA512 b856829fd81eeb439bc387ffdaede43f2ec1ff9a38224b17a26c24c1f2eb0d86afe72244456460546c222a3ba7ce6fb6b9c3603600267c0c6baf3ca9b117c808

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

MD5 13b557fac5b38edafe500b6f38d8d381
SHA1 24e2fa42c9d2727a15667bd87b2121ea1a7e14d5
SHA256 08ac1a7327a1db87776aace18bef3ff1c3053fec213e0142b8bbf5fe7e8b1634
SHA512 e8c998e68030d70f3a54ebc24072cf9a14db9a8357f61820164be6c65a4d4aacadf81424dad586082844e5b29ecda792f4c51a552ebf7741c6f62f8ad615b87d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5654888a49c12d291e6bb778c4cc851c
SHA1 9d9236b75b3059ec61689554455eb450ab39a1ad
SHA256 de492346c0ef0f96e8e021f332b24eace170da387fdfe4b96bb5d3bb047ca079
SHA512 d0423abf75d6bad3b02a178932a678d72550d10d493c251d32149ef7a0e07044ce229e5c99213283d2ab9452014e32086c34481ef44950701c7a6c834bdc02f8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe585d2e.TMP

MD5 735cff9c309281f3c168b17a60de6544
SHA1 fa1a5c5123d55b8c4d89b26144fd143227bb1217
SHA256 ee4b1086b4d1b5cb8ae006bee80e45435655cf8f24bc544f549f91965bf329dc
SHA512 1eb4de14a6f75b09921266a95b14713a8fb691ebf16181f98f7cb163d1af71c2131629811e03c5aa93654967d71d3eb06652efe886336382c733da53736c0f96

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 10e077fafb1863acd192e398cf4b8f78
SHA1 9ca0146e1d76f287cdecaf44e29995e8b2652695
SHA256 1fa3308b43d65ad2d9f2a12ed258d25eff5eec247dec185faae8986fcf9673f2
SHA512 731e8624c20062f3f24593a659cf39c6ed4491ff965a84b64f9c7a354ea19f78fab6a1223f632721d1808ffe5f9f3995f86739cab82ac28cfa49904201378468

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

MD5 09669771a406b60b62b161a198e46566
SHA1 59b8fd31bddaa4b535fe4c13768bca3dc023d3f0
SHA256 71ad351ad4c777c29f07da3a383b9f450f8fd390f18e6a23605d72d5c848786f
SHA512 f1391aa207abefbbf67465f0d65b01f0ec89ce5bc5e7907efd4077e24e1cd384b43c0a1bebb9360770f63eeefd9a3eec94c216f394ebc873597f9fa25d265dc8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\prefs-1.js

MD5 aa48b1afdabe99ea3a4ff96d3f28edb1
SHA1 619f747ead527399e83fc83e760f3d92805ed3e2
SHA256 fde35f526ccaaac4277a9c8007caba5a8a832f39de3178ff98248e9ba6c2638a
SHA512 cd8310dda742d19a61674d564f9574028691473c7ed19877f069d2638b57947be67dc778f92461fd430d0306c42738f02ba894ea77a05a327200158885b17f28

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

MD5 d1a0d8504b6a46215e2a4cf521ddb7b5
SHA1 3d6e16808a1e17ccdaca99f37ed30468391c62e0
SHA256 cb357178d5e09917800b0669d958b5517c4f8b322c01f2adeca3ea7fa4e707c1
SHA512 2ee68d71b04a78e1bc353f66daaeac1ab9f2e1119d7b6974571f8ef1a7a20fc1ea3903f3d90f3feffe7d820339abed4a26cabb230ddba3baa415309daad2d570

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

MD5 6a2d775d769277612a796454b727f404
SHA1 3180d339a289687eee1feca7e6cb6a08abb48340
SHA256 5dbdf64dab17a3b54845fb68a6246bd9b5f412eb4dc836156ee68799de06e77c
SHA512 a29d2b2cd0cf7f7bd92fe9e0f812e0f6ec83a5a295afd5e8dffbf3d0734f7befe02e1c80dcdd28ea7812bf274fda6ee580e2dea5f90f74996a6fba1269738a7d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\prefs-1.js

MD5 7dc051fd3a57be0079e4379a98a9db93
SHA1 909213091e5add9a88aeecfcb21d7daef5a5d35f
SHA256 14710c89d3e63c19b5f13239b0ea4cd1d0839bae1c0c739d707f5027b8fe21fe
SHA512 17a71eae3d13b1aff71d8ca4d27abef41aa45a62044d9329215242306b04018391b915cb2763b54d9d7f84d50b321b1a3217ffbca060a033fdb70f6e8210a699

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 5a5c67772d44eca9ecb08e0ead7570af
SHA1 93ffda7f3ac636f88f7a453ba8c536fafc2d858b
SHA256 eef62541016d82bd804928b0fe0123d9ddbc20c2f4c0198ce98ae3adbf9a9c7a
SHA512 14a649db943dc9a756e24a043c5a946ab0dda3cdecbffa090bb71996ca3a35ad674052895a496195799def768ea318ec4ce8b97e4f2350106c84a6c4f50affb5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0b6c05454b919fd675090e02e0c98d3e
SHA1 f1593314fd8422f36f5886dbcac76594eb1020f9
SHA256 771b58e288aa5499d07cd2c5eb51022ca1afa2bd6756d1232624969c401a8448
SHA512 606c77b76a6c271c4cb0aaab960ee03a8ac17c56c3f96db34b0e732f8fb794a3766a7893858e8b42c6f8df6539110f2102eaa093e30018a5ef85f75c14f1caf2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 92c1a75e44c7006e1666383bd2538b2d
SHA1 af87ec0804592aa3d84ebf011b756ec604859c87
SHA256 f483e3a3e8541540eccfc6676291a7b7a216c3deb4a5acf6e6b19f057f33f433
SHA512 c8e0154dcc36d088e0863dde3aef20a4338d2c38d1b5e2c2b114cc8bb7ac97d970fa910ce8de5cf089a550f5aee7ca7a38f8e45b51dfd4d71a7671c01e20efde

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

MD5 b1375326603fe65cd42df7fed7ce5c45
SHA1 a7fc9a7c979e62a0bed17ae5e8da74738d3e25ba
SHA256 c9088547ff6883a0646b7ca0c27b0696524be01431ce0059c4ebe765d48dae06
SHA512 1a381b6193bd8380bdb81934bb0b5f75a514c5fb878ab70dd1f7ff5c5be397298d0ca4cbe1c65ca245074ee2052322f89487807b9f73f780851f3a074f74ced3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5bf3881e004493590098bc37430cfceb
SHA1 17e5f3afa974eb35c119d04053014702366211d1
SHA256 c17203dbc6793dbe13da546b2a626896c881ced6ac0aa87086b701afa4a3036c
SHA512 73ab37067608b148d353b2c329f2afea64c1b245f953ead908b761cee849059efaf2044d9257a53a991f054ce9d9c11dab9dcc25f1d4db7f06b2de1c09f3190e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5683124ea8ee7ddf9b83570a0e7a0091
SHA1 7bcbe25a3ed1b190d9e086a40b15825867cb77f8
SHA256 7c7a7776f5746c77d68309c6abe1ee185659027c87273125dc8fe7ba86690fbc
SHA512 dfec6d4a036109dfbdb556746b508215900086f6ebad9971aecd3268b9b33a37fe47e2b65477948c537e4ae4e3cf6c2e16267079e57214b41f8f1cfa695a9e53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f303d7a42dac1eb992a3a195c573a16a
SHA1 c80b48ea771e7243a1618afe96c59afa911ca1fd
SHA256 7e0d1d19973f9a464e9769af25874eea6c77ba6f54736bb815449ae55e7c321c
SHA512 b046a2facba2e639a753cf209c669d94d71ea6414adfcd60b136424400a128ff75085adad274b8c816c8611a6b515709df3f02283f36dc05d7920ceb2f996cf1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0c56b35f5799f9db94e10e8e1cbc83b5
SHA1 b202186ba240e2f50e744c7f268451c26f89f978
SHA256 0bfc859a6f2c4439b2d7a997bd17b11f7eed555166e310992a989770937c0e92
SHA512 7412b7c7383dad6453cca04fb204308ee50707ed32f4703573c44918fe55df32a0e68864380547a49d7b5ce48ac3ded4ec0344b8ed7613561797d03e596b7b27

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

MD5 3fa057a53f831ad6f787c01bdde50221
SHA1 a1fcdbaedf935bca14b366514cf7fee3e3f175a2
SHA256 efef42a7e15c6cdba8a3e03452281dbe161deb054dc90858abd0e54cc18c34b3
SHA512 6b2620574a789ad95a4e63ecdf3f76d84fd153cb664b8ac844054531b408d2d96785738efd74c1d761d5c10ced1be9ea4e9c1d019f18e2d991dcd54095cba635

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 e1cef60dbd744768d0bb35b469ae17b7
SHA1 f58108a5719f8dd7b6459290f4ec156f4841f4b1
SHA256 b061a2596b234a39e34d8c82da304accadb9dc31c113a54b747fa85ad44ff004
SHA512 8bad36275c1881eaff3842d10808bf909a9c702a2c234aee5e4b484945dc3523947584722ae2e45c28f6bd1e7f0dd5b114bebdb099d1f76bf28519215dbef12f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a9f882b66b2519ba47ed752666955c55
SHA1 da9d84f0eb3a0b325183c8c82b1597bc37c24a48
SHA256 a614291c54ef4ebf467143e27eee46d06649f589c476e5404cbb3800c0d151c3
SHA512 0a79f5997a46df65f63066af95f3c911d2c8e9e56349b2445535b68c09893f63bcf7fdaaf62649a11dbc3b57dfc845510dd6a823218aa3ea6a04054c79f60c9a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

MD5 c24509b5c94bbc7938d432e43df80930
SHA1 7e3393ecf872fd9de12bcf982793e77f8014048a
SHA256 7e3e1f385dd12010d4ab92f2178202bccee67b0f1b598bc009cda801bc6b8a7e
SHA512 a6fa8443dd66f7fc89b50768e0811a73b3810bb92ddc5eadd077cb91a96e774df1e5eec33ba92fe559d6d2c91b32be986113386879d282f60cfcd5faa038c8a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

MD5 40565ae77bdd56c5065c3040f299cbd3
SHA1 326505677956a0caa2d8c422b300e510a0c44099
SHA256 a366a1cec37da47e00204083349df8c8ab365b666391bad9298ffeb692539ad7
SHA512 630930aff08acd9b76e3267597fbcd35cc74f4faf0180d8b164896b8ea0fa487f92cd054f0ba3382dfcfafd8a29d7b202ba4c291c6be3f2900cc4f64963d62c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

MD5 5726b8078f29b68b99d29da545b0262a
SHA1 823550bac67c51a5fc846ddc04b8b4aa8e96d25a
SHA256 1032b22880ecb505e698a8de85a155c8a893c069ac94d72286ddf726cc4d80c0
SHA512 40bd30b4bd56200de6c8b649a5f73c6e90312335c9092aec1e2a3efdb1a37eff3e24760df8b85b7cbe62277730f6491ddec559c3f1e1e098c2f950f777814ea8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

MD5 87c28eb50c5bd0d3d260d1d487e2dda2
SHA1 e40ec4ae28c5ed24ccec7e46c2b553ca6336affe
SHA256 5f058c881fae307409fd8ed3120b3a0451cfc065a44310893557427223dd232b
SHA512 126f5ee211d869bf346f246476a6bf408f5c73d53cbc0e433909d0f2dbd704492225eb70f002f43fb3c71605f7b6caec251868699efc76e6dd9ae83cdc1e7a28

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

MD5 73f0575de5a9ba6cd2ab37308265fb56
SHA1 feeeecc6d0f4b66e2cfe50bdddf03e386e493980
SHA256 af9e40e95c32644dc21d988b86b51cab4bc5912a3345ac31de4e7af8173a7cb6
SHA512 7f14925c608a0e91bdee34965380e36fa146758e2418651419f7f36500ac84c8d573e9edce77989e493a73cc969fe0f1a9af345db6553970dcf0d43faa6f34a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

MD5 7665c7795e9c704745d2e1eeaeba9aaa
SHA1 160d7ae2304305d441ac7eed11322903c3d624fe
SHA256 6b0771ea2973709522a071349b428b94221df63edbf90e416ccd874b687bcd05
SHA512 33166ce5311d31227a9ead19a3c164d24779592aa0950657203e3b888446505b3b9a0875ec8b410f4b89dd7b5d6d41f80aa7d0b2c0dc3dfddb633e9b7c685e03

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

MD5 df4674fb2cbe04d435de09b8718d2206
SHA1 c639c65370de35d185ebf1f932a85dafefe22976
SHA256 9d220099005c25460295bb5b2c77fac5bb759ac276a736caaf7c3aa5bf7c2bcb
SHA512 4a8ea5fa810de8f34cb53ea281d2b58676de6f5e44b14141b16b4b9b3e4c2207ea7cf0a3841b0188e130d9add137ec677d558893eb41ac580383dda44e1cc641

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

MD5 8af829a7714336fcc1bc4fb322c65599
SHA1 9f5d0ab72deaac0b9f1cb434d684001369991bb6
SHA256 94fef098d9a00c10591d7e567a768008124f48ba9e0c59f496c53da7e21c3714
SHA512 549ef0402e456685e6afa3351b436fa0a44b0a4703c20b8532b21defdf84e1ce455c48c6a9790343710b1108ef6c783ea98afe117574e1f47d23e44fbced3eac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 c608bcf06f8c279db4b80142aa921b8d
SHA1 51633bf029347bfdab6a1155ebee09db1dbff56b
SHA256 ecd3daa5000b9e9ef915a18ef442037249ae8eb123f9294c6892f8bcfd81ec04
SHA512 41d53322b08bdb14af6c9998a7b30381879b691fa4ed0ccef9901826b5d2cab68984f3c58e92d9ff454aad5781d67cd0103df3ef0770353f0ff297a75044d059

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old~RFe58d25e.TMP

MD5 5a7da84cd31489b8b653b3cecff292f5
SHA1 bd8be88e5a5e9e89506b5a1f6a17acb1c955c513
SHA256 390d4234b47635544d61b82c179884e34996dcb3451e6c2ec1004e5f77ede14e
SHA512 1c9d2283bbab78f96f7ca3739261d01b620227e65272164ba46f6122ccf8a6ce760c9e2b0923086a041cc31e1a116a50aaf3fc3fc5a744988d267c0ab9b20b31

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 f63d33db549c6413427c9cab2840afb4
SHA1 75018c54d8f2eb547c88b0f99a46c21dd950edac
SHA256 729b3048d182e9191a551a2b934235b261ca45d3ffd9280d8d04f5ac1b0f38cb
SHA512 1a5e40448fcbc9a36e7aae4a6cff70576a55f744beea0437a0409c60f4270dd87d82fbc960960744aa6f9900f744c1780c91631233fecb6f65ad90737ed346fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe58e1df.TMP

MD5 cbd31d4f1c1b9971a68064715b068492
SHA1 9addb9604b3d5b74aada1c58e5ac92fde8f7de4c
SHA256 b22bc8ea4ce3d758546fe968d7d4a291b2ad08d2779b75e440ca8b9e7249c6de
SHA512 2e01469cd8828bbe2f885254ab1b2a7ce6d9c115db9b4bdf5590c6af3a5e6bce21ccc24f4f7d3b19a03bb9e2a4ab242704738c84886ea51a58d845ca80282a72

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 1b4bd18cc02181db4276bc3701364946
SHA1 e080a17a7d2bb1a4f330cde8bf3871c320349ae0
SHA256 6f661dc7ad091a9073815c3a72bf41990c353b01c3fede143161f47b2d2421f2
SHA512 d27d1cecd640531ab4ac873bc5632669aed9d7641a2e6c19b56e8da1121ef304f74ac84af3f1fe422a84632e276603e674c4944707328c88668efe995e9dfd67

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 a0889848650954c9a2e1e80d56942182
SHA1 b6f216990aed38d34e7c8748fb49497acf499fc1
SHA256 f4dba6bdcdb08fa62cb7e7ea23077bb40970cb91badf1ab8c96f3d6ab80e4d7d
SHA512 87b3657a4cca182a29a3f7687f7d743fce3891e5730f59ad4f960a20d2ab76bf7904f56d8dfc54024f27369ff670503fa7cedc77f2976cb453992c57b4f09575

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f1ef76b2b82f8456c4b64c26f4c1a256
SHA1 18cd453cbdc048a4ac80906485dba571b15a5040
SHA256 8e72401cca9e1d2ec67329f3522936b586335fef397a92a6ff6001dc45579355
SHA512 a64e3b8cfd8b143056bd1386e5dc2a3353ae4648552ea20d480abfe78ef28662a4a6f20daf86778821cdb7e159934a7a8afdb66e7f178b084865cf9340c895e0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 aea8cf54971855df64a13eea44320bbd
SHA1 d00aa957fac39def4ee0cb81d82b44dfe3394b4b
SHA256 62b5e11d0f676bce8d4e6fd972bfdce89a82a32864e6099ae1bc03c41d2bd03c
SHA512 2c34df259b4655eff669be3ed98ea1d460099eb94bf38aa09a5b862ac43815ecb557fcf6ddabb71d0bbe6236629bc8bde7723f1ee15360869da0e06096929698

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 a6256af715f552b2a75948663cbee6d2
SHA1 1f99280cafcc08b223377c9ea0a83297332f9cd2
SHA256 68bf25f579b56aca4549379f3b65a3bcaffa7acb901e4b8894d82de2903d254b
SHA512 fa5849f9682fa1d1435f1a22675f73ad048c84f79f568fa358b9f7e954ad0b515fe4eee68541aafc462294e6e8a773b083625c4af3054a5e2c238dc258eeaf7e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 e580b7ee1853530ce7c7e4db3a9c9454
SHA1 5b0e76231b11483b426b027c43a2be55630f7647
SHA256 5411c8e8a37bb2f3ddfc75644174e5926a2fda3532ee424b92e30585cf7cf89d
SHA512 d7945f2416443efa74329d6e7f8ff9ecaada3a8931fabaf4b5b254c60a0da08f96a3a2dcee7830adadd78a29492cc223d102f9ef7fe7d4d712be9966f0900c2e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 d5947f056a4606ed2d84b65cd890ff69
SHA1 315fb8ac3d8b6708be7f5578b03dda29223e2a2e
SHA256 3acee97f2e1da0b3f52e72d43fd5dd9ce5f197130a7fa80a93b5275afa99308a
SHA512 340bc9cbee61a98e6188c1aea29de24a9942b17c35357fd4448cd9ae043981392d969d582a2b93844a5f144759eaf2592cf13400a39d7fd4451ccaaf41993140

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a898555d-d6a3-43b5-8cf9-f2455257b437\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 914ff3963f2e021e3b573f48bf06b3b1
SHA1 6cf043eecb7d312eec621853b78cef854e29f306
SHA256 89bebd311c0c0007b111ed38353f8c32a6bec2a7b287f80b37a8bc1dff4b60aa
SHA512 785b27ea7fb0ff5691afe9add581f6c115fb6af8ae31e98c6f8c1bfd9067c55fd6e8d8421b48a2d98a9df1d94986e7651b79797df70556358c0c77f291eff34f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 239c60893312d28996c652d23d7ad578
SHA1 28563b38072ad1be028744e51b45a73dc8fe47cc
SHA256 52998ad83409a703db3253da9995ff079d6229c7ff1b98d58516bd8886b30c50
SHA512 7230bae6632ae5c51ca5480a276e873391a1fbd9942b414b694642ce94bc49bc8ad1474d55002b90afaca3069840e0386ecc0603525209c9971b56580042141d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c

MD5 81ac05c6d01d84d913a56c11909cdc7d
SHA1 55f6bd5429c5a35ed53caae2cd50d856edcb7883
SHA256 b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5
SHA512 0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8af7090d43e8effaaac9a4ac4701ab86
SHA1 872ecf95a948ba9319302557146c0f4ef03292b7
SHA256 21465d4b12dada0fb8b3a02866619a3aae5262d39b594aec63a00073677f3bce
SHA512 c43d162ac8d3ae9f6ed5ab61c56806a19b276c4996222abf6a8173abbab9c74b0a7a472f71edda43f86736001c1820dea4d44c1e5ec4418c6e037c0ec22551c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 cbdcb591ac2772f92cbccffe93e5b625
SHA1 303991685549ab4fe949a15dad3746b85c4619f1
SHA256 0c066e7d5ee1ab0438e185b06ce3632ecfbb848499c1f37e9f33f54abb92e7a8
SHA512 2cbcf7e7aa8c9206545ce6808882efce4fd22caca19ae5858f924dd56f76d9547e616b538bceef706d08d02e087d93b53b478452fe4137c048591da63c9ce0b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 3a63b304630abf9d194e1cf4830851a2
SHA1 3445cc4deb8746f193f36edbeabb6e4896073ddb
SHA256 d6c81805b3fd7bb6a95e98d95ae3b92a7bb5427095eee4c235702d740a32d645
SHA512 8ef63914cc0608a3fe9e372d78052a692744429e794c344e18bb4c0807a0729cac13ca685b1c5fd6d254876ce16990c153642fd822cbaf83df0c8fa5b0467485

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fd33a27978645b32433a9808ae56794a
SHA1 edb417f9713cc21d8c561dddd9d8fff2011fbcef
SHA256 e7b8bdfb6ddbbe4f8d201ed0ad4e1f7414eb3ec65935e496bf00f68bcbb11f48
SHA512 5091be9741f94e5f872310fd806e59c31d41cfe3087f771bff506ecb4caedd2b59c9d092d578680b5e533c54eeb23f78958e3b8801a0fdc00ee40478353b7a33

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 1a18efa38f75b7e309e1f9be91d56e32
SHA1 1b0c8718d8349ac303e08784ee0d1a7339d1a866
SHA256 5ef446b5c67ef118e357fb83c730583969602b8e2d0030cdf8a0ebfb2b848894
SHA512 1fb503f592e0290bf7437b90f293ee77e23fea4c8fe26ef9eefab4f1ff1bcd5c6e770a075bbc32ba8911a92490e0faa38b3602844ef3b32de1d5277c11df6589

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\f6ea510e-b8cb-4b17-9af7-d42c902f98d9.tmp

MD5 5d5c073152aa647d970cf7cedb8a8ab0
SHA1 781b6d34d3dcc2373752042278624e7a87d7b94e
SHA256 e50584f2b93fc653acd69450a6a5d9ae5fa89c2f4cdd59fa2ceaf56e25cb7d65
SHA512 9143641f78ee8dabec775efb2d19fddbd0e651cba9863e82a3b8786ba70d2078cb210cdeaba0aed594553c6b6102ba42c8d141c2d3290f79e003267a424f2c9e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5431e53f068a037aae29c1632df7721d
SHA1 bdd40ccc7fe790d2e0a48c068800489187482d84
SHA256 cafdce26c902f719d59195b379d39d1a993152dfa09a5edcf52351daff01e9d2
SHA512 9b2913b657b939b791a70b0a157e3a206c7863582501681b5f1108ba567c7d46b03d29e232e146363aa94631a416130c54e21517cf1c0c35d892994193364860

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9edb67b8590b6700aac080fe63cca34c
SHA1 ba7ebbee6d3a49d5cf6964c87f407e94a75e4061
SHA256 ac51e11885db7221cf0587e40963c3670bae4a44d48996d6a5077cf37f6fa320
SHA512 76632f9061bb3f24f6a8e909240309ca5461283a0e514f83a7deed33556752d390eb209caa1c6e6ea3a5477ebb8f985f3e8a20721bf9c293cef54b27d5dd30ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 21a1708df9236c6a91262753ae305295
SHA1 576d871bf00f02f09e42a5c5ce05670ca6953b15
SHA256 1d3c66f4a7e2ce05667753a5def6412c7345295919d7be4ff5ea81a93acc0fc7
SHA512 24b37f857b9177e40a312c4f17a9a7fb333b666141ffc5acf9f55f55d5d5e8574e7025ea28d9fefbe36506ff8048cdcd88bca91165b595f2284f93fccfba6d7c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 c24ecb673fd21ef0bb1c8496cc27d36d
SHA1 d1353da00a4c65f0b8a6a248824195622afb15b1
SHA256 f5118237a72a6c791bd9fab0f9964b24fe3996fdbba698431622d01f019dc862
SHA512 f2f3b76a8203be42b31e05fd15d1bfd43acaf56f91e82ba4008ba37c64f29d40d31d24e87459ed40e673d20bad3528c2911cc2c6c8bed91380313cd7dadc1014

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 1e23a0358755acfb40545f6cb7373495
SHA1 c8f41a7e5144ab4dd5ec3af5dc6f2723c0cee3ff
SHA256 a9982d68779b99f662f670b57a677db26984829ef9f5bd2b7044669be2fc94da
SHA512 cc8ddc7abe6eee45a4f8e6048fa3fd480506feb071c2d6159730bd825f00351a17209d775a62d4772b619fa1806081d13f056da912ada7f2fcc0a4343897e503

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe593c34.TMP

MD5 8377e0e0d6e729da2e6a23474fd370d1
SHA1 749bde23f02cfbf2a76a2e9957623ea92a87f93c
SHA256 3678ad556dcf8274e65b48ca2605014c0febe881ec7c97537430c7fd48249171
SHA512 7f4861637465f750b251859c84aab5c212e351b455382251fe1e74d9f086b8093095a150233b3cc27231fd64c1b39a8fa4cef1ce156eff4c7854bc2d5b50a196

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 e0cbef0e6d21bb602adb1c9bd923e870
SHA1 ba1826c58e782899999249dd6b438f1c25b35a41
SHA256 e355cafc6a1338ced1dfa306114d4c667ce480f06fabd5d9c995c75e0d99edf9
SHA512 01b239231c33931ff776ac423902701b86ab195acccb39f1d2783234f46d73c7d24149c225973d9e8a45711c7fef17556a798851d22d79d543c3558a9a3481e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 21414d7f8d025bb2fda050bf13d6f284
SHA1 0faa6756005770494f6bb9a0d098983edbcbee46
SHA256 02d5013cec51f99c96aa22f6d0a703cb3a0d2a99e1391ccfa502c3948d2f0de8
SHA512 6558cab9730fef27018f5e6f834c96dd41054910f631728fefc58c8cbc6b6e448b26eda150dad9f0ae8cc891f44928b327a669ccb70f71e1e886ebe07e40bd97

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe594acb.TMP

MD5 4746aa9df9f4ac04aa2d0edf2f0c6c1c
SHA1 d0e0ad716365078e61af7e0055e0a558f65f49d4
SHA256 1170361a959c926a93216a8f2e57d4ef0cc94303757eb7148d54e40866b2c00e
SHA512 25d276c83a3c8b1ca5d5b67e25588dd46048e333d67ac956e3cdc22db1f801774ca2bb6dd587c46ac88cc762a26cbecbc993f89c7a9d5c56277242f3f9c0f716

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 114d7b1bdad8daca25ac84b1eda8994e
SHA1 be294857b28b0a56d19b9a6656275d00f865d1fa
SHA256 e41d1b0874a25a40f6c10ad35c4112abcb00dcf88c547de057abf5610ee00084
SHA512 795d502ea27c3ecad1d7de60519fa292494bf87c701f1f4e6b0fd88755ff6648372bc046667b7dd9a43b798562aa583b88a8ce55f156ae0ad8b797e05f2de4e1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6af5873784666eb0e1b9c2d1b3603503
SHA1 f9a8545aa50298b8614a0150ae2e59d6fe36b16a
SHA256 dc522dd771551f1385bf28de9aea59449b3da6b0ac2ca695fe9d21d65e4a070b
SHA512 f034f5722016b069014cfbaf3b4d0f240c157dbcaf00c719039d4899ef9ffc518f4bad1bdc8cc5daba1c4c5231536f74ba3b2ba3c374093364eb99c7dd316301

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4601ee3ac275d9ccece533a42dd867d1
SHA1 6c0a97c8f0301c968771995311edb2bd3a0c4a79
SHA256 8d5e342d6682c661a8264091a46efb5916b90a4c7225ec49f294dbed906b71bc
SHA512 be33fe05ae4fc6025ffde16f0bac90358739cf0f1d58fe9bae82751af6440c44b5b0506651199bfc6e5c0447d4b018b7f30bf7ffdb71a7ae427959071a3c9f73

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 faa259c75827047a18919d985d1f3844
SHA1 f993dc257640ecc9104d2ba74756655b25260734
SHA256 bad5169eed069fc9be3fea54b8995383a1cd66be2ac2aca01fbdc0310f56198a
SHA512 0805a5d2d81f5bb3e8e2b47b32a57b6800c977a46f1309361a9751a2bb1884ab1bb1f0a9cad402d9a894c1d8dab59104ac64841ec5ffa3a287b7e7c03258a306

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 1a7144180e25f1320794bdf11013ff3f
SHA1 74891ae9ff5fc63d49f136b5e4347624470b2a3e
SHA256 5359f4984ff95233e64952136c84420403243e164d1941523e4373bd9b37b4b0
SHA512 18044b64d1515f5b361584d00cda15c600690176d3271e526a4601ae6fc68fe7828c03ac85c39c17800711bd6e49abfc97c16172a01025c5fc9f8373b3c57b5d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 26d35fc85a632c65c3eda8f9e7206d7c
SHA1 70623662e2f3901779a4b51cbc7c7fda199cbf8c
SHA256 8ab78d2c171737a4a82eea0ce84e83284cf31572d2f59f1ca6a658eca751f696
SHA512 40b3f7e25b4074210a525610f7a09e72efba93db524946b4e1eef3f49cea468c5db2efe0d2253d852eb84de5846b72faf9fd84d7ad8d5a8ec90d03c797c909cf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c109723626cb142c98e9fd86c3127a4d
SHA1 2c6500a600098fef02390109b64fe3889ba169bd
SHA256 8e84a63eb810fe2869edd39ff081a5a22a55f7398563741b4313106cebb7d2b1
SHA512 ebd44fe56c6f4c307c43977a4ad07ba0cb33750c381dde43576c31efb6a6f8f9a0b79ce985489124db0752e7d81b5cb3a10801410e3cdf32aa18a0d6c725bbe0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1f718f3c4ec39b804f374159409b3d8a
SHA1 956b0f3e0d252e9b6de1b94f1f8d2a0279461bab
SHA256 60df44ad88925a8c495dae3abbf8d1aafbccf830aa51d5e791ba9f8a731b7052
SHA512 0eb817678608d067c44673dc722dbaa17168e6ef092e1f1b86719d118ef4e4281900e0f13beb84605f09d7140c3aa5ac97e095e2d5d331c77a5ecd6d43d1afe9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 bc28bec451640b416de12b14b9cc30ed
SHA1 1b9462b9e12ae0fbab6e59001eb3717bc76c90c6
SHA256 db9450755429146d211bca94b1112962f04e75888cbf8e47366f596da653fd9c
SHA512 f0e2c6d3d6f6f33cf5e1e4c7bc88623bcd11c30bb6f560da8c0e60cdb45ec40b82d773ec4ad0a57c86818ef37169569a93f987b7d5844e3a0304191695701fba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 89cd3197ddfd0f524801f605d2185c18
SHA1 2a1c3b2169ef6871588f63201a7d12298368571e
SHA256 5a8e47522333e19d58f0985238a58f7a0e244c8a08d69e5e8385f2c3e8641774
SHA512 666ce5254324d77a6d2842db0b0f5669dac202aa4f76e936ecb72635673f96cc9ffb6f80e3766cf466790350b1e4f7d0e1830212a1b80ad7c0d2c3830de44645

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG

MD5 e54b5b5ae504e585bd4deea2c22c85e0
SHA1 e6adc4997a6131930df5a1c02d1f04abb4c972e2
SHA256 714441df3326a8f7a4e88bcc4a896c9132b1b1b7c3c1b70636b3c0ca70ed1bc1
SHA512 2ef1c76606d9ad9b9698dcbc291f9846769de8a67bf2c034972c248cca4bf57848401af00ac25dad1c230f8a5ac1d4d1f1b72c3c8bb3c26800829e93c3ae5509

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 084968a96144505eeaea19f10fafff62
SHA1 75a3628cf2accd0a271252ede921375674fcd829
SHA256 46530bb3f36ef720a841ab9b422cd6457f2386339c3cb249f63273abbb9c11aa
SHA512 44f4300914bc329087b4de225ffb05c32b9eb0995d2eba8bef448cad8978e54180a9a3d03781b8a375021f7caaf65411d085f2079231ecc1478fb05dd78540f8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 5d688b91cb0900eafbe7bd91730d3120
SHA1 6e3894f6269e7f6263292e4815e30619d2b243fc
SHA256 5b20ca02074b2b3c09f4e677a584b751fe9c59c13e97498b6d0e9e892b28b2ce
SHA512 f135b97e9dfffbef50d72af03238e5d75f87f0d537eeac8a58ce8dc11f77f906a789806bbfb0ec61a4bf6565b005e41707cfc08722223c27c2c799b28ee5980b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 584cab1f1736f16f79c6334ec92bcf03
SHA1 c988514fa2c1e807c97b57f4e01ecc605dc71958
SHA256 76d79af1009385a2c85d3896c70101fe99e02f1585e84d588b2a7665090f0c36
SHA512 8625ab08c7d9eb49d6af600080c646f016817746004948392702a7d4209cf000634ed5a02d2f083f31697f7c00b76431d4536e6de36e3f110f39cfeb311c9b16

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 7e708e3f413d9242ce259bbe1c9593c9
SHA1 d45a396887ea63d0fadd8a19e9c84b4b95b3ac26
SHA256 c3dbf7685f5b302861e62f54bca25a5b9c4d5544234d91887b140c08ae87e749
SHA512 2b40e54028629de74fae2c578afe24464ca6ac61bf448c0c2ea23710cac5e01c677948f1c8712a2c0821b3cdec6724f7ace9e270caa459c12156a46b1caad844

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 14f944af1e6582b0b30f3e6f18b3b122
SHA1 bbd67e7395ceaee41f8884146aef1ecd98df23ac
SHA256 bf6c43a428b7672354d4e336f21906afbdf1ef1fa0bbb0fe849259f75352d671
SHA512 a813730b9acf20571daf4218a0a8272e2c1ea35373cdead3b78ecc0acf9d99f926328ae30d5c339f20d1144d962b9bb91e0bfee479cd1f13e06a6b6aece84594

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b9c2fcc4baf02349b394df188cd304b6
SHA1 eed24e01969106e8a201095793c5bf22159ed2be
SHA256 91187f0de48454497a393cfdc442ecf159c78cac9d05e60d0f6fcb9f41ef9079
SHA512 2318d69ec17fceeec47b4d3f55c68643ed091d2d9fda307006994bceb149d844e4f0a4f6d5b2869353abcf64d0864ebed3b9318dd810077224846bca3b0fe6ad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 d41af9f7038c8a2ff4587d7a3781b671
SHA1 81b15cdae942cddf8ecec70403e3924d304dc8f6
SHA256 600772fbef17d5554eca7bc22abf01fac03f1ca1a63879c95d48f8e6b8624e78
SHA512 c4087ab0cee6854f75ffdd40c5f632c4c251b184ce6e4a6b7d7414e9b59883783d5452811a3af867152873ce1430102ea2d32a4c7035e44808b3e83f628c0723