Analysis

  • max time kernel
    150s
  • max time network
    159s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07-02-2024 12:53

General

  • Target

    8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe

  • Size

    897KB

  • MD5

    02b4865b6791f3a5131e55465cc00b41

  • SHA1

    c30e63e4caf20ffee8e3923c3b9b25233dc05a55

  • SHA256

    8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a

  • SHA512

    c164d3dce3d4673f96b62b6df2051e6ca16f310ef14f9ce6258dfd33db53086100a2eac1045ea8317c318def6e59b0d10fbe8bb93c36f16bb3e5b2605082d8c8

  • SSDEEP

    12288:FqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgaPT/:FqDEvCTbMWu7rQYlBQcBiT6rprG8ar/

Score
7/10

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Checks processor information in registry 2 TTPs 15 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 10 IoCs
  • Modifies registry class 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 22 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 60 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

Processes

  • C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe
    "C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe"
    1⤵
    • Checks computer location settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1212
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:4624
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x108,0x10c,0x110,0xd8,0x114,0x7ffc9eb446f8,0x7ffc9eb44708,0x7ffc9eb44718
        3⤵
          PID:1632
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,8543566514901075597,5140450504473668000,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
          3⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:5128
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,8543566514901075597,5140450504473668000,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2
          3⤵
            PID:3140
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login
          2⤵
          • Suspicious use of WriteProcessMemory
          PID:2644
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc9eb446f8,0x7ffc9eb44708,0x7ffc9eb44718
            3⤵
              PID:2180
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,6954818690839311005,16350726657526474513,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3
              3⤵
              • Suspicious behavior: EnumeratesProcesses
              PID:2320
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,6954818690839311005,16350726657526474513,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
              3⤵
                PID:1776
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
              2⤵
              • Enumerates system info in registry
              • Suspicious behavior: EnumeratesProcesses
              • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
              • Suspicious use of FindShellTrayWindow
              • Suspicious use of SendNotifyMessage
              • Suspicious use of WriteProcessMemory
              PID:3604
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc9eb446f8,0x7ffc9eb44708,0x7ffc9eb44718
                3⤵
                  PID:1560
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
                  3⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:4528
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2880 /prefetch:8
                  3⤵
                    PID:2400
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2
                    3⤵
                      PID:3872
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
                      3⤵
                        PID:5384
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
                        3⤵
                          PID:5368
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3944 /prefetch:1
                          3⤵
                            PID:6236
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1
                            3⤵
                              PID:6432
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4364 /prefetch:1
                              3⤵
                                PID:6600
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4532 /prefetch:1
                                3⤵
                                  PID:6736
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4236 /prefetch:1
                                  3⤵
                                    PID:6916
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
                                    3⤵
                                      PID:7092
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5716 /prefetch:1
                                      3⤵
                                        PID:7136
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1868 /prefetch:8
                                        3⤵
                                          PID:8972
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5624 /prefetch:2
                                          3⤵
                                          • Suspicious behavior: EnumeratesProcesses
                                          PID:6248
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com
                                        2⤵
                                        • Suspicious use of WriteProcessMemory
                                        PID:4496
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc9eb446f8,0x7ffc9eb44708,0x7ffc9eb44718
                                          3⤵
                                            PID:1552
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,15397474022004982523,3218888938503400529,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 /prefetch:3
                                            3⤵
                                            • Suspicious behavior: EnumeratesProcesses
                                            PID:5956
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/login
                                          2⤵
                                          • Suspicious use of WriteProcessMemory
                                          PID:3040
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc9eb446f8,0x7ffc9eb44708,0x7ffc9eb44718
                                            3⤵
                                              PID:4560
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,8287460050823215745,5803541822560167348,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
                                              3⤵
                                              • Suspicious behavior: EnumeratesProcesses
                                              PID:5392
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,8287460050823215745,5803541822560167348,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
                                              3⤵
                                                PID:5376
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com
                                              2⤵
                                              • Suspicious use of WriteProcessMemory
                                              PID:1264
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc9eb446f8,0x7ffc9eb44708,0x7ffc9eb44718
                                                3⤵
                                                  PID:4636
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,7267171954199502844,8215104652805931452,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3
                                                  3⤵
                                                  • Suspicious behavior: EnumeratesProcesses
                                                  PID:5968
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com
                                                2⤵
                                                • Enumerates system info in registry
                                                • Suspicious behavior: EnumeratesProcesses
                                                • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                • Suspicious use of AdjustPrivilegeToken
                                                • Suspicious use of FindShellTrayWindow
                                                • Suspicious use of SendNotifyMessage
                                                • Suspicious use of WriteProcessMemory
                                                PID:1872
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc8fb29758,0x7ffc8fb29768,0x7ffc8fb29778
                                                  3⤵
                                                    PID:3864
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1728 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:2
                                                    3⤵
                                                      PID:6608
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:8
                                                      3⤵
                                                        PID:7280
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2248 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:8
                                                        3⤵
                                                          PID:7440
                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3124 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:1
                                                          3⤵
                                                            PID:7732
                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3100 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:1
                                                            3⤵
                                                              PID:7716
                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3528 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:1
                                                              3⤵
                                                                PID:7892
                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3900 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:1
                                                                3⤵
                                                                  PID:7880
                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4924 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:1
                                                                  3⤵
                                                                    PID:7512
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1884 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:8
                                                                    3⤵
                                                                    • Modifies registry class
                                                                    PID:6600
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2576 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:8
                                                                    3⤵
                                                                      PID:5592
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5628 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:8
                                                                      3⤵
                                                                        PID:8832
                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5580 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:2
                                                                        3⤵
                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                        PID:7240
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/login
                                                                      2⤵
                                                                      • Enumerates system info in registry
                                                                      • Suspicious use of AdjustPrivilegeToken
                                                                      • Suspicious use of WriteProcessMemory
                                                                      PID:2792
                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc8fb29758,0x7ffc8fb29768,0x7ffc8fb29778
                                                                        3⤵
                                                                          PID:1432
                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1960 --field-trial-handle=2000,i,12662753662629791651,5682612168969130816,131072 /prefetch:8
                                                                          3⤵
                                                                            PID:7376
                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1660 --field-trial-handle=2000,i,12662753662629791651,5682612168969130816,131072 /prefetch:2
                                                                            3⤵
                                                                              PID:7368
                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com
                                                                            2⤵
                                                                            • Enumerates system info in registry
                                                                            • Suspicious use of AdjustPrivilegeToken
                                                                            • Suspicious use of WriteProcessMemory
                                                                            PID:3560
                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc8fb29758,0x7ffc8fb29768,0x7ffc8fb29778
                                                                              3⤵
                                                                                PID:2056
                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1760 --field-trial-handle=1968,i,17790365944123743968,5533232370222941783,131072 /prefetch:2
                                                                                3⤵
                                                                                  PID:5664
                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1968,i,17790365944123743968,5533232370222941783,131072 /prefetch:8
                                                                                  3⤵
                                                                                    PID:7304
                                                                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                  "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
                                                                                  2⤵
                                                                                  • Suspicious use of WriteProcessMemory
                                                                                  PID:3128
                                                                                  • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                    "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
                                                                                    3⤵
                                                                                    • Checks processor information in registry
                                                                                    • Modifies registry class
                                                                                    • Suspicious use of AdjustPrivilegeToken
                                                                                    • Suspicious use of FindShellTrayWindow
                                                                                    • Suspicious use of SendNotifyMessage
                                                                                    • Suspicious use of SetWindowsHookEx
                                                                                    PID:1724
                                                                                    • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.0.345661995\177682618" -parentBuildID 20221007134813 -prefsHandle 1836 -prefMapHandle 1828 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ef6ad4b9-a3e1-4077-89f8-5d74551c9b69} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 1936 1e07b007658 gpu
                                                                                      4⤵
                                                                                        PID:5980
                                                                                      • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.1.1686942917\1009093830" -parentBuildID 20221007134813 -prefsHandle 2364 -prefMapHandle 2360 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4fe5a5a0-564b-4f92-9bba-200d3bd03924} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 2400 1e06d471658 socket
                                                                                        4⤵
                                                                                          PID:6768
                                                                                        • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.2.1762735834\692366380" -childID 1 -isForBrowser -prefsHandle 3096 -prefMapHandle 3272 -prefsLen 21603 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {25e89fc2-fab1-44ca-9efc-0a6ace1c4476} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 3444 1e07cfd5b58 tab
                                                                                          4⤵
                                                                                            PID:7532
                                                                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.3.1057944048\664491357" -childID 2 -isForBrowser -prefsHandle 3380 -prefMapHandle 3416 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cc487adc-12cc-47aa-a0c8-e3e33791443b} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 1748 1e06d464458 tab
                                                                                            4⤵
                                                                                              PID:7432
                                                                                            • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.4.983487217\1225028296" -childID 3 -isForBrowser -prefsHandle 3884 -prefMapHandle 3896 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5cc6b533-f545-405d-aee7-c53bf8c082ab} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 3924 1e07cabb158 tab
                                                                                              4⤵
                                                                                                PID:7244
                                                                                              • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.5.1322491517\2116747414" -childID 4 -isForBrowser -prefsHandle 4588 -prefMapHandle 4672 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2425d9bf-e61e-4f43-9015-268998c96430} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 4128 1e06d462b58 tab
                                                                                                4⤵
                                                                                                  PID:8176
                                                                                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.6.478452868\225864628" -childID 5 -isForBrowser -prefsHandle 5116 -prefMapHandle 5112 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f695c62b-73ae-4ed6-be81-10dc9e0b4006} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 5132 1e080252858 tab
                                                                                                  4⤵
                                                                                                    PID:8336
                                                                                                  • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.7.1780636630\967362349" -parentBuildID 20221007134813 -prefsHandle 2988 -prefMapHandle 3108 -prefsLen 26381 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5ef21e10-a3e3-4329-9b0d-05834ade4883} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 1744 1e079f20b58 rdd
                                                                                                    4⤵
                                                                                                      PID:9012
                                                                                                    • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.8.139861896\2024103830" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 5756 -prefMapHandle 1744 -prefsLen 26381 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a8f3e8a1-5a7f-4b73-ad57-5527d06e8f64} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 5764 1e07db6b558 utility
                                                                                                      4⤵
                                                                                                        PID:9080
                                                                                                      • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.9.1432308405\1615456828" -childID 6 -isForBrowser -prefsHandle 5948 -prefMapHandle 5952 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {acab0253-9940-4fc0-b908-3164d8f01c10} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 5892 1e07f741558 tab
                                                                                                        4⤵
                                                                                                          PID:852
                                                                                                        • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.10.568270997\1310710477" -childID 7 -isForBrowser -prefsHandle 3200 -prefMapHandle 5920 -prefsLen 27337 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6a47b4b0-dea3-4db3-889a-6c1ac085497e} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 6004 1e079f22358 tab
                                                                                                          4⤵
                                                                                                            PID:3828
                                                                                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.12.620772080\948124085" -childID 9 -isForBrowser -prefsHandle 5704 -prefMapHandle 3116 -prefsLen 27337 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {61a2ba9a-1501-4bed-afdf-a88c8b639648} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 5636 1e07cabd858 tab
                                                                                                            4⤵
                                                                                                              PID:7236
                                                                                                            • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.11.989816383\52301805" -childID 8 -isForBrowser -prefsHandle 4112 -prefMapHandle 1640 -prefsLen 27337 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2eab274d-8c48-4657-88a6-0518660d1b85} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 6432 1e07b49a858 tab
                                                                                                              4⤵
                                                                                                                PID:4880
                                                                                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                            "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login
                                                                                                            2⤵
                                                                                                            • Suspicious use of WriteProcessMemory
                                                                                                            PID:3068
                                                                                                            • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                              "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login
                                                                                                              3⤵
                                                                                                              • Checks processor information in registry
                                                                                                              PID:3504
                                                                                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                            "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
                                                                                                            2⤵
                                                                                                              PID:3728
                                                                                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                            "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
                                                                                                            1⤵
                                                                                                            • Checks processor information in registry
                                                                                                            PID:5040
                                                                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                            1⤵
                                                                                                              PID:6056
                                                                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                              1⤵
                                                                                                                PID:6456
                                                                                                              • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                                                                                                "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                                                                                                1⤵
                                                                                                                  PID:7916
                                                                                                                • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                  1⤵
                                                                                                                    PID:1688

                                                                                                                  Network

                                                                                                                  MITRE ATT&CK Enterprise v15

                                                                                                                  Replay Monitor

                                                                                                                  Loading Replay Monitor...

                                                                                                                  Downloads

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

                                                                                                                    Filesize

                                                                                                                    40B

                                                                                                                    MD5

                                                                                                                    88979a1699fde16b4c698f9cd10ee87e

                                                                                                                    SHA1

                                                                                                                    8a61fb3cde8d379bb8a461a7be8dc2e93b5ad2f4

                                                                                                                    SHA256

                                                                                                                    d147732816cd1a5a493235680728ef3dd4fb9be1713d565f63d72c0cdbf1a898

                                                                                                                    SHA512

                                                                                                                    fe0de028e0285c3dd5c4e37be64c6a5985ead36423345de1eeb6d3f5d961a3a811e14878e9d3c42de87744be3b5ed32d07a78e78ce5b0eca4edcb6d84333e3bd

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

                                                                                                                    Filesize

                                                                                                                    18KB

                                                                                                                    MD5

                                                                                                                    85b2f70f7cca6ac183b1c48cb0198d98

                                                                                                                    SHA1

                                                                                                                    b9c226a60c83280f96ac76c3fcbfcb7547fbacf8

                                                                                                                    SHA256

                                                                                                                    c8cdeeebc42c8dd3140e12b64b94f1606d9960af22b6feaf834f4eadf8e1ea33

                                                                                                                    SHA512

                                                                                                                    79cb317cad7739b3f23988e3f430f8f9ebb4fb42a1fbb3c8672a835fd343c5588e6f912c2831909a1bf0729ddb2c820deed51d7dca050c303975230664570b48

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

                                                                                                                    Filesize

                                                                                                                    20KB

                                                                                                                    MD5

                                                                                                                    c1164ab65ff7e42adb16975e59216b06

                                                                                                                    SHA1

                                                                                                                    ac7204effb50d0b350b1e362778460515f113ecc

                                                                                                                    SHA256

                                                                                                                    d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb

                                                                                                                    SHA512

                                                                                                                    1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

                                                                                                                    Filesize

                                                                                                                    17KB

                                                                                                                    MD5

                                                                                                                    2ba277bbbcc8715291613160a997cebd

                                                                                                                    SHA1

                                                                                                                    e64ee67165bbadd3b8bde989c3e5b1d2540cf09b

                                                                                                                    SHA256

                                                                                                                    00ffe000f78ae3c8c8d5557e3ab0089e29730ed10b2a190bd2b7a569812afd96

                                                                                                                    SHA512

                                                                                                                    c0f7840f181ad991c45ed1be0fcc0d90be100f8bbf36c54418ebe66f46d776652447eb5b7eaffbd2eb07c04455841d8e5d74f404eddf3c22daa34269d842435e

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

                                                                                                                    Filesize

                                                                                                                    16KB

                                                                                                                    MD5

                                                                                                                    d8e56edd91e6a8e254c9df3c3619f493

                                                                                                                    SHA1

                                                                                                                    e5bb299b458c95e5575da0a42ff7b49969b880b4

                                                                                                                    SHA256

                                                                                                                    8b598d7196aef8cb9eacf393e5b2520f5387f125552e1fefb6f373be30f64e97

                                                                                                                    SHA512

                                                                                                                    46d3bb6eeba235ed9e2621cf6bf89c10c78fbbee1bec31d59347532d9d242de4bb533911d0981d3c1af85a1d51226ca694ccbcef178adda1fb71e9634820027b

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

                                                                                                                    Filesize

                                                                                                                    56KB

                                                                                                                    MD5

                                                                                                                    57ae6558fd495a4c05692113c7315b1e

                                                                                                                    SHA1

                                                                                                                    edcf35929545ae68664779e0254b67e720e1a0b3

                                                                                                                    SHA256

                                                                                                                    fc01d1f63650df9b53e5ed7f8ad20f8ca46a194533f72ab431ce862d1f310b63

                                                                                                                    SHA512

                                                                                                                    51fe9f8eee096ecaec21a1b1ccc72ddefa178627cf8809daf12713c70edc075bd1b03f277a505b2357076a278afd11a4f853132d8fbae53361a36438fd8951f4

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                    Filesize

                                                                                                                    1KB

                                                                                                                    MD5

                                                                                                                    38693aa2403f6ac24c67d672bd775dda

                                                                                                                    SHA1

                                                                                                                    cc172b71e4212485cc0a245b49b52b16b30ad3a1

                                                                                                                    SHA256

                                                                                                                    b22a7ea760f0516ccf49314f00daf809a04a8815630447a0193252b3e53362d3

                                                                                                                    SHA512

                                                                                                                    ba890e0f32df895166af3217fdb0d1d2914ec9b65282ae62a092a751330bd0b76714e774cd175461d7bb836aab3ce0b0868b6eea6c6d9b3872224dc4abad33f9

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                    Filesize

                                                                                                                    1KB

                                                                                                                    MD5

                                                                                                                    b89154b987ad871810e627dc26a16b12

                                                                                                                    SHA1

                                                                                                                    3472cf7069560c9649dd5c6ffa5086b52376c8be

                                                                                                                    SHA256

                                                                                                                    135e1bbf6b7070222f880112b62744c6134d685f4f0b9390797c41645c319b3a

                                                                                                                    SHA512

                                                                                                                    53afe6d02c828e51deb4493143503cf861d36250a038c51def2ef5e4f9a7c33ae84b15ce205438659f1368f5dd4d065fc827c0832563664b2fc71a676184d5de

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                    Filesize

                                                                                                                    1KB

                                                                                                                    MD5

                                                                                                                    5b414a3f80ac1b31b151838e704368b5

                                                                                                                    SHA1

                                                                                                                    63e52eb5cac500b2d53ba2c0ed00038dd5374a00

                                                                                                                    SHA256

                                                                                                                    49070a99e055750b8d3dd146cfbabb491475b93baa07c6951fb830ad7038f76c

                                                                                                                    SHA512

                                                                                                                    23c9be59aab1f1039fe80069f8c22b55faa8bed8b435f304b8e41146ce23ab15ea0ae879e8a92a4da5a7c7d3c7f56e00c6d1ab3f4da18faba2b6fff1bff96f90

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                                                    Filesize

                                                                                                                    3KB

                                                                                                                    MD5

                                                                                                                    0fa8406b1e49dad5548586d81e5754b3

                                                                                                                    SHA1

                                                                                                                    0519385ce00e847b398723992e9a3b4feb2697bd

                                                                                                                    SHA256

                                                                                                                    b06ab7c938be099f99a623277539f3d7d40ef1a78e075763e4c37944feca0fd6

                                                                                                                    SHA512

                                                                                                                    c5c090ca6c82ec6d43023ff2636f25700fa8b7ac3e0632a15d4eeb9fbf4a407bf0f93a5b6ef0e6ac7ca1e205a34bb48bc061e8b6c6582a0ae1cd47ea4187d0ad

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                    Filesize

                                                                                                                    1KB

                                                                                                                    MD5

                                                                                                                    64d97a1b7b59db315a234f6968efce00

                                                                                                                    SHA1

                                                                                                                    64ae3cb7710fd44d4b25d975279655a158c4c27a

                                                                                                                    SHA256

                                                                                                                    2a3ab32aad0d6d174d74b15e508589a17d0bee0d4efa891a4f177231acb3405b

                                                                                                                    SHA512

                                                                                                                    52dbd79da4d58f6369af8df5efac9c2f1ce7da118d3b88561c9aad28f2b62b0199d1dfa3c2ff9bd096a62d258f07da3afa7d1caec7f8a4ce79af243dae6135c4

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                    Filesize

                                                                                                                    539B

                                                                                                                    MD5

                                                                                                                    0b034ae08ccb96ff7073d83c8c5f1939

                                                                                                                    SHA1

                                                                                                                    fa2b29a23d762e7b5505a329798dd7de16f16c4d

                                                                                                                    SHA256

                                                                                                                    d31fdab8db7d5c0fca92a1163663611afcb495cb481d1a9d2b94edea3ec30ec4

                                                                                                                    SHA512

                                                                                                                    fe66a555863754aa05f621e598c2cea2ea4c33d95bcb8bb5d898e649f2ca1ad3d39da97654ef77b2d80425aba39e312f6c9dbccbf7e3c30913ae7b03ab0e0c29

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                    Filesize

                                                                                                                    874B

                                                                                                                    MD5

                                                                                                                    eeb8968e113de9c726dc40805e919792

                                                                                                                    SHA1

                                                                                                                    1d9f8471d87126f86c8920bc088e3bfc1842eb5c

                                                                                                                    SHA256

                                                                                                                    1e131e8f5c83b0397edd2722f5c3f214187dea7d55f8a53c9da48f16f758423d

                                                                                                                    SHA512

                                                                                                                    eabd0605b180a05ab5c827b8ddef06bf413c4a6fe3cac959e4d934d779d6f5d4ec14f8286e9e2cb3cf78106998f3c4549288dd3f082a336ebfa52f4700564031

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                    Filesize

                                                                                                                    874B

                                                                                                                    MD5

                                                                                                                    526d21f1e9933d6768d2e9b4632472ac

                                                                                                                    SHA1

                                                                                                                    ee87150303e80d176b09c4af98e2cb5418eb965d

                                                                                                                    SHA256

                                                                                                                    1edf654d726ff7754fba7b5686f223591dc188a0766c3250ec98598e6d6cb5bb

                                                                                                                    SHA512

                                                                                                                    bb7fcf6a59a35642879ccb677b69ad37c0af7de9ec861ae86ceb1d65ddc6281950615788dbfe9d48e15878a8fe211f2b9a932f1111e230dcb9b340e53ac0f0c7

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                    Filesize

                                                                                                                    1KB

                                                                                                                    MD5

                                                                                                                    408a335e160243d9545b045e32fa2d74

                                                                                                                    SHA1

                                                                                                                    d00dcce576acf0f4650bb763c4592d5d7c81e6b2

                                                                                                                    SHA256

                                                                                                                    bf3e287e514a8c7db5a39fd59fdbc1b2b1cc41b2fde1157911317a328c096d10

                                                                                                                    SHA512

                                                                                                                    30ea1440937a49bb3451b44f34b62c950e51390c8622f4bc66b817d385497a927b00853873425eafec34e26129c09fdaf5fd11881df3dd2626a823d330a979b8

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                    Filesize

                                                                                                                    1KB

                                                                                                                    MD5

                                                                                                                    70c3d082a67de0db66cfdb2323eabe25

                                                                                                                    SHA1

                                                                                                                    d405c5ec42a28786df9fbf8ebe39052a8fb1bf35

                                                                                                                    SHA256

                                                                                                                    b1b4cc26b7ad1e9bd5f252050e8cc458a57683042fa8d2b18814d4006058c87e

                                                                                                                    SHA512

                                                                                                                    e8c5125b354a19ad97a6e321bae046f9128e10c4cebfd2cc05b38006c5d851d66770416294b2d0776f344131ad27ab6f6fcd2e64e1eee300fec6b5401b538110

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                    Filesize

                                                                                                                    7KB

                                                                                                                    MD5

                                                                                                                    d718d9140edf608ae42ecf387c28ee69

                                                                                                                    SHA1

                                                                                                                    9198c2298368ba28c9fa9d62ed77f6f8c41bc4d0

                                                                                                                    SHA256

                                                                                                                    d40b134ab9400a985ac4a8994d070dd10c8ea734851fc7a6ef64cee54a0f0d2c

                                                                                                                    SHA512

                                                                                                                    ebfc2ba2e385215e45bf47f5f6d00e401d40461a001adc16b6a9d191073d60bbfb57b7ce40a9b23492d2706a66f809d1337e97a96a64416f801e216f10ca6afa

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                    Filesize

                                                                                                                    6KB

                                                                                                                    MD5

                                                                                                                    26ed5321739f59e42d11820a4e5802cf

                                                                                                                    SHA1

                                                                                                                    a3b67e85ab37068e04c2f7c45b3e9d4b25bb3622

                                                                                                                    SHA256

                                                                                                                    ca7701d0e8e227883e05d369d324e5ece85568afc652344f1c6a27e7f0310910

                                                                                                                    SHA512

                                                                                                                    ec1fe7539e3a57af56bc79e9399894f20c7f33aa3deb2a43009cfd1b5f0ae04069e90771973df509504c712c1fdd805b17c838598dcf7d72dc26d929e03379ab

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                    Filesize

                                                                                                                    112B

                                                                                                                    MD5

                                                                                                                    7b086e5650aaa7b6facbb65d5fcf8100

                                                                                                                    SHA1

                                                                                                                    738542561a120ec62346136337af266f8f99f436

                                                                                                                    SHA256

                                                                                                                    c7ded89066092ad017b439bdcacc92813ae5fa3bd35ea6e949724404f014bf8c

                                                                                                                    SHA512

                                                                                                                    0cf43532545dfd78579b0abce3071808885cb715b7d6d08afbd61ea2e370d70326672972eb7dc6c0728cf66d0a1323df1571b782bda0a36e3b73df4d90e820b5

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                    Filesize

                                                                                                                    176B

                                                                                                                    MD5

                                                                                                                    2bcf4abdcf98f48c9ddc4b022c9e6847

                                                                                                                    SHA1

                                                                                                                    a8171aa243b3f7df92a60ed801924b19060d27de

                                                                                                                    SHA256

                                                                                                                    6f8a8a6f454a642eb577e03b23be3941961ab29c755fc1fc9f3961b03e35c5c5

                                                                                                                    SHA512

                                                                                                                    70d75747f24846cd8041f873f853603581fa68e740a939ca46703969d228e16b988b6ddf170b4cac22819577cc8ca7e6b892eada9694e826aa4f9dabbc173825

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe588836.TMP

                                                                                                                    Filesize

                                                                                                                    119B

                                                                                                                    MD5

                                                                                                                    d6ee153e3f93c78fb19a47e755389e60

                                                                                                                    SHA1

                                                                                                                    34291803bf206c5adf7d2e1a58829575d40df65f

                                                                                                                    SHA256

                                                                                                                    4888cd703b82a0ae3ca59938f503eb7e490bcb0dc9f8477d26a677d588fbdc44

                                                                                                                    SHA512

                                                                                                                    ee342c66ce825f08807de8eedb0bce34823039acdd87a8971ea9c73460ab2d4231f6f5393adbbccb03cd506620143007d24cc8c86afbe6d2d8d4c720cf8f1aa8

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                                                                                                    Filesize

                                                                                                                    72B

                                                                                                                    MD5

                                                                                                                    6f80c863966de059ef5062627894d5dd

                                                                                                                    SHA1

                                                                                                                    7ca27dde1193847e7b697676680737efb1a1dcc2

                                                                                                                    SHA256

                                                                                                                    74432a2bc2fd94a625a1c7fa2d16b83f9c6b35f27c46ceddb1685cfa01137863

                                                                                                                    SHA512

                                                                                                                    5d4e7120df2cae5eb64805603d138243b8a6e4f13905ab13669362bf331d72d0ff6f99d5ce11b1b6491cbf064e35352864b374360be9413fe055bbd6eab49ca9

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58e25c.TMP

                                                                                                                    Filesize

                                                                                                                    48B

                                                                                                                    MD5

                                                                                                                    5e9e0f5de0ecf6c46ec0027208f2db94

                                                                                                                    SHA1

                                                                                                                    a53e21bfb7e5c6d8a328b8825354f828f19a6287

                                                                                                                    SHA256

                                                                                                                    a4c1efabfca6951a4f8e0c4d2d7a0713946f6562eedb89392db3153e9fc1d50b

                                                                                                                    SHA512

                                                                                                                    c5e61dd38bc7a536baa8ddb47c9e2a0aef9eb1b5ba902aea8d112549722751a76eb9ef43337995e5fe214f384030235fcb02e68f72f5bcf3f91779067a7b0965

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                    Filesize

                                                                                                                    114KB

                                                                                                                    MD5

                                                                                                                    3695a07877ee8e34794f4cb4ce2d79eb

                                                                                                                    SHA1

                                                                                                                    55c174dc6fd4915b7a168f00f98058a9cea03fb2

                                                                                                                    SHA256

                                                                                                                    a2aa37a03a908fa803ce0917e96b43e5f3176545a9df9feaa18e12203b9566fd

                                                                                                                    SHA512

                                                                                                                    478ff677ac3757cc85671c4fd1669a01ed9220cf2669ef7408b25f81d149e5753fa8250d1add20057ac1d0df4de6e07a2f9c725330c45f9dd6a4533cdc0dd483

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                    Filesize

                                                                                                                    114KB

                                                                                                                    MD5

                                                                                                                    bacad82e47dd719d67e6e54e1b7c8ca1

                                                                                                                    SHA1

                                                                                                                    5b689d6bcb8059db724a34c6974a11c1975fbc6d

                                                                                                                    SHA256

                                                                                                                    cd30bd5fea9aedb9d140c9ee42f853fef32180e72ff5a5e9c9cfb54e6c9369de

                                                                                                                    SHA512

                                                                                                                    f577ccd23314253156b780987c7c40b3e23d8c3c80ae312040f979494ccb9a48a8e60581353e2da6cbb79677bb34db3b52cb1d0b4bed0e78bb6156ed7304460d

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                    Filesize

                                                                                                                    37KB

                                                                                                                    MD5

                                                                                                                    7b6631133fb84d714a38aae70973f670

                                                                                                                    SHA1

                                                                                                                    228b01e1a7732b525ef4e3dc427cbc858e6371bd

                                                                                                                    SHA256

                                                                                                                    91d2ddb532c07c25883115a8ab96102bbed1074b08d268f5b1201a96ee6c30d4

                                                                                                                    SHA512

                                                                                                                    0d5d302dabe6c3ab3ca4d9c37cc9cbd21f4d935b9a4b64b84ff86dae5171311b576e2a56a310ce006f174ed1c068ed7e99f88b6c7d5c30b450524f6f40ee3eee

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                                                    Filesize

                                                                                                                    85B

                                                                                                                    MD5

                                                                                                                    265db1c9337422f9af69ef2b4e1c7205

                                                                                                                    SHA1

                                                                                                                    3e38976bb5cf035c75c9bc185f72a80e70f41c2e

                                                                                                                    SHA256

                                                                                                                    7ca5a3ccc077698ca62ac8157676814b3d8e93586364d0318987e37b4f8590bc

                                                                                                                    SHA512

                                                                                                                    3cc9b76d8d4b6edb4c41677be3483ac37785f3bbfea4489f3855433ebf84ea25fc48efee9b74cab268dc9cb7fb4789a81c94e75c7bf723721de28aef53d8b529

                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                                                    Filesize

                                                                                                                    86B

                                                                                                                    MD5

                                                                                                                    16b7586b9eba5296ea04b791fc3d675e

                                                                                                                    SHA1

                                                                                                                    8890767dd7eb4d1beab829324ba8b9599051f0b0

                                                                                                                    SHA256

                                                                                                                    474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680

                                                                                                                    SHA512

                                                                                                                    58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                    Filesize

                                                                                                                    152B

                                                                                                                    MD5

                                                                                                                    576c26ee6b9afa995256adb0bf1921c9

                                                                                                                    SHA1

                                                                                                                    5409d75623f25059fe79a8e86139c854c834c6a0

                                                                                                                    SHA256

                                                                                                                    188d83fc73f8001fc0eac076d6859074000c57e1e33a65c83c73b4dab185f81e

                                                                                                                    SHA512

                                                                                                                    b9dbadb0f522eedb2bf28385f3ff41476caeedc048bc02988356b336e5cf526394a04b3bca5b3397af5dde4482e2851c18eca8aeaaf417a7536e7ea7718f9043

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                    Filesize

                                                                                                                    152B

                                                                                                                    MD5

                                                                                                                    011193d03a2492ca44f9a78bdfb8caa5

                                                                                                                    SHA1

                                                                                                                    71c9ead344657b55b635898851385b5de45c7604

                                                                                                                    SHA256

                                                                                                                    d21f642fdbc0f194081ffdd6a3d51b2781daef229ae6ba54c336156825b247a0

                                                                                                                    SHA512

                                                                                                                    239c7d603721c694b7902996ba576c9d56acddca4e2e7bbe500039d26d0c6edafbbdc2d9f326f01d71e162872d6ff3247366481828e0659703507878ed3dd210

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\2fb27d77-0e09-405f-96f1-6ac5e0c15487.tmp

                                                                                                                    Filesize

                                                                                                                    1KB

                                                                                                                    MD5

                                                                                                                    052e17074c4f44aeaa00b8185179f147

                                                                                                                    SHA1

                                                                                                                    620db7610fbd27c13b8efdd42808e3fb2d24deeb

                                                                                                                    SHA256

                                                                                                                    9e2403d0c97afef1b777c4bd7c734772c0870ff0eb1670e7ff809780c00b6130

                                                                                                                    SHA512

                                                                                                                    dc170269cdc878f5b440c72a6b9c0919b30b6e37cfb76b5c74cbc5b3ed999626066e57f1412489d46f860cf3b19b018dc550dea739c1973eca7eb463fd48525f

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

                                                                                                                    Filesize

                                                                                                                    22KB

                                                                                                                    MD5

                                                                                                                    7a204d478c8dfe822bf86f9103bbd9b3

                                                                                                                    SHA1

                                                                                                                    7114b36ea1588d9372d730b2ee5dec7a3aee36d1

                                                                                                                    SHA256

                                                                                                                    d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb

                                                                                                                    SHA512

                                                                                                                    f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

                                                                                                                    Filesize

                                                                                                                    74KB

                                                                                                                    MD5

                                                                                                                    e404d7406b6b25ff193fc7269b92fd52

                                                                                                                    SHA1

                                                                                                                    6a02136cb3de07b970e1ba64df0b148f0df31dd6

                                                                                                                    SHA256

                                                                                                                    b40c483b6cdc7f83f646ebbf9ac45699285f8b68096f6451b99a9ea0a51ae59b

                                                                                                                    SHA512

                                                                                                                    046c1b06607619a7354391d9152d8a9b5ce990ee0b5e0587c088ea611856836d187ead6ff1289bbe663df191702e34bd7954194ce5950a6126b6f808bfd42bdd

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

                                                                                                                    Filesize

                                                                                                                    21KB

                                                                                                                    MD5

                                                                                                                    3669e98b2ae9734d101d572190d0c90d

                                                                                                                    SHA1

                                                                                                                    5e36898bebc6b11d8e985173fd8b401dc1820852

                                                                                                                    SHA256

                                                                                                                    7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a

                                                                                                                    SHA512

                                                                                                                    0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

                                                                                                                    Filesize

                                                                                                                    20KB

                                                                                                                    MD5

                                                                                                                    923a543cc619ea568f91b723d9fb1ef0

                                                                                                                    SHA1

                                                                                                                    6f4ade25559645c741d7327c6e16521e43d7e1f9

                                                                                                                    SHA256

                                                                                                                    bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

                                                                                                                    SHA512

                                                                                                                    a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

                                                                                                                    Filesize

                                                                                                                    21KB

                                                                                                                    MD5

                                                                                                                    7d75a9eb3b38b5dd04b8a7ce4f1b87cc

                                                                                                                    SHA1

                                                                                                                    68f598c84936c9720c5ffd6685294f5c94000dff

                                                                                                                    SHA256

                                                                                                                    6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7

                                                                                                                    SHA512

                                                                                                                    cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

                                                                                                                    Filesize

                                                                                                                    1.5MB

                                                                                                                    MD5

                                                                                                                    7b1ad3d54c67e01e1e67ab115ac2ba8a

                                                                                                                    SHA1

                                                                                                                    a99aeb37989363f93506cf635c41362225e39220

                                                                                                                    SHA256

                                                                                                                    9506fa898390c42cf736f96ffbd65b26842545e6063b325ff56fdadd5ed1e039

                                                                                                                    SHA512

                                                                                                                    3b719894431d1805716de619b5afb4ce74bfa151b84ef9d2d4eafa2510593f966dd49058812fdb1c3e3090de665b0802f508affa90f3e31ed46fd43becd45ad1

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

                                                                                                                    Filesize

                                                                                                                    34KB

                                                                                                                    MD5

                                                                                                                    d1a0d8504b6a46215e2a4cf521ddb7b5

                                                                                                                    SHA1

                                                                                                                    3d6e16808a1e17ccdaca99f37ed30468391c62e0

                                                                                                                    SHA256

                                                                                                                    cb357178d5e09917800b0669d958b5517c4f8b322c01f2adeca3ea7fa4e707c1

                                                                                                                    SHA512

                                                                                                                    2ee68d71b04a78e1bc353f66daaeac1ab9f2e1119d7b6974571f8ef1a7a20fc1ea3903f3d90f3feffe7d820339abed4a26cabb230ddba3baa415309daad2d570

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

                                                                                                                    Filesize

                                                                                                                    34KB

                                                                                                                    MD5

                                                                                                                    b63bcace3731e74f6c45002db72b2683

                                                                                                                    SHA1

                                                                                                                    99898168473775a18170adad4d313082da090976

                                                                                                                    SHA256

                                                                                                                    ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085

                                                                                                                    SHA512

                                                                                                                    d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

                                                                                                                    Filesize

                                                                                                                    16KB

                                                                                                                    MD5

                                                                                                                    9978db669e49523b7adb3af80d561b1b

                                                                                                                    SHA1

                                                                                                                    7eb15d01e2afd057188741fad9ea1719bccc01ea

                                                                                                                    SHA256

                                                                                                                    4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c

                                                                                                                    SHA512

                                                                                                                    04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

                                                                                                                    Filesize

                                                                                                                    49KB

                                                                                                                    MD5

                                                                                                                    55abcc758ea44e30cc6bf29a8e961169

                                                                                                                    SHA1

                                                                                                                    3b3717aeebb58d07f553c1813635eadb11fda264

                                                                                                                    SHA256

                                                                                                                    dada70d2614b10f6666b149d2864fdcf8f944bf748dcf79b2fe6dad73e4ef7b6

                                                                                                                    SHA512

                                                                                                                    12e2405f5412c427bee4edd9543f4ea40502eaace30b24fe1ae629895b787ea5a959903a2e32abe341cd8136033a61b802b57fe862efba5f5a1b167176dd2454

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

                                                                                                                    Filesize

                                                                                                                    37KB

                                                                                                                    MD5

                                                                                                                    01ef159c14690afd71c42942a75d5b2d

                                                                                                                    SHA1

                                                                                                                    a38b58196f3e8c111065deb17420a06b8ff8e70f

                                                                                                                    SHA256

                                                                                                                    118d6f295fd05bc547835ba1c4360250e97677c0419c03928fd611f4f3e3104b

                                                                                                                    SHA512

                                                                                                                    12292194bb089f50bb73507d4324ea691cc853a6e7b8d637c231fadb4f465246b97fd3684162467989b1c3c46eabb3595adb0350c6cf41921213620d0cff455b

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

                                                                                                                    Filesize

                                                                                                                    46KB

                                                                                                                    MD5

                                                                                                                    621714e5257f6d356c5926b13b8c2018

                                                                                                                    SHA1

                                                                                                                    95fbe9dcf1ae01e969d3178e2efd6df377f5f455

                                                                                                                    SHA256

                                                                                                                    b6c5da3bf2ae9801a3c1c61328d54f9d3889dcea4049851b4ed4a2ff9ba16800

                                                                                                                    SHA512

                                                                                                                    b39ea7c8b6bb14a5a86d121c9afc4e2fc1b46a8f8c8a8ddacfa53996c0c94f39d436479d923bf3da45f04431d93d8b0908c50d586181326f68e7675c530218ed

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

                                                                                                                    Filesize

                                                                                                                    46KB

                                                                                                                    MD5

                                                                                                                    beafc7738da2d4d503d2b7bdb5b5ee9b

                                                                                                                    SHA1

                                                                                                                    a4fd5eb4624236bc1a482d1b2e25b0f65e1cc0e0

                                                                                                                    SHA256

                                                                                                                    bb77e10b27807cbec9a9f7a4aeefaa41d66a4360ed33e55450aaf7a47f0da4b4

                                                                                                                    SHA512

                                                                                                                    a0b7cf6df6e8cc2b11e05099253c07042ac474638cc9e7fb0a6816e70f43e400e356d41bde995dce7ff11da65f75e7dc7a7f8593c6b031a0aa17b7181f51312f

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

                                                                                                                    Filesize

                                                                                                                    31KB

                                                                                                                    MD5

                                                                                                                    81ac05c6d01d84d913a56c11909cdc7d

                                                                                                                    SHA1

                                                                                                                    55f6bd5429c5a35ed53caae2cd50d856edcb7883

                                                                                                                    SHA256

                                                                                                                    b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5

                                                                                                                    SHA512

                                                                                                                    0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

                                                                                                                    Filesize

                                                                                                                    46KB

                                                                                                                    MD5

                                                                                                                    3ba7e6919bc260bb6ab523197f2be3e1

                                                                                                                    SHA1

                                                                                                                    ce2d7fe3aa42d99d733266d023f6aef3766e7785

                                                                                                                    SHA256

                                                                                                                    1032fd6f298c16aaae3f1ae2059591f2f5d40e839de4f22a5bb6d41c38a39818

                                                                                                                    SHA512

                                                                                                                    2806c96ff57678813e20abc51ffbcb8ebe8986b3775df5d42812be6b50c905840503486d1b963d1fcc6c3de572da4bf9ee175b802032753785d3de69fb0768fc

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

                                                                                                                    Filesize

                                                                                                                    771KB

                                                                                                                    MD5

                                                                                                                    3b2df667a176193cba046f74787e731d

                                                                                                                    SHA1

                                                                                                                    0525109b7a249a66df8c8eb7d24b49852cd076cc

                                                                                                                    SHA256

                                                                                                                    f38e1d77aa0173d1c110ebbc24f55704f74d28b33c70302f1170c1f4213f611e

                                                                                                                    SHA512

                                                                                                                    f6a90da9852126be776f2b7b488e04d8ff3cc6e0f4b222e1d9fb7aa2c938d586d4c88150dae1fecc24606c5a80270eb7c70ca4286a0efd2c2478aa2701056ebf

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

                                                                                                                    Filesize

                                                                                                                    30KB

                                                                                                                    MD5

                                                                                                                    aaba5e872ba07d60f556b78df854279e

                                                                                                                    SHA1

                                                                                                                    93d1494959f4027195f527db143e5aa89d60925b

                                                                                                                    SHA256

                                                                                                                    0d950d310c06f5df42df4c095f087e9e04f1df621baed053ad73b6c526cdb75c

                                                                                                                    SHA512

                                                                                                                    fb9f3fe53d97caf3624a5cfc952daa6fc486e153f9fb33a3456c7f86c655214b520432d150286dbe383bb30fee251f1f63e89e6bb5b45618a541ec03f8a94346

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

                                                                                                                    Filesize

                                                                                                                    32KB

                                                                                                                    MD5

                                                                                                                    bbac7bb99faedea9a0cb17dfcad195af

                                                                                                                    SHA1

                                                                                                                    409312e9c3a5eaa03f2c8227a3693e8a6dc850ff

                                                                                                                    SHA256

                                                                                                                    b286f84ee8d1ad423d6c6d681d44ec338a542abff016773fd133db9eecbcb3a3

                                                                                                                    SHA512

                                                                                                                    727cc47adb0225730fa4dc9b2a791fc9b88660082bc9ab4e2bb65633a666772a75bac12cede3feab5609fcbb3c4807fad4a3b499d5633ab273e625b3650e2e5e

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                    Filesize

                                                                                                                    1KB

                                                                                                                    MD5

                                                                                                                    936228ed4522a225a614c489b65e16c1

                                                                                                                    SHA1

                                                                                                                    f56250112cd984084ce8d5c5bdb0dc274e798526

                                                                                                                    SHA256

                                                                                                                    bac55e01cde5f3d92c52c64e1e2943acb0fa1533154d8f58f4b33a7c32c2ea59

                                                                                                                    SHA512

                                                                                                                    541b0e789ec482097f961adb524383a03c5e7b402f016591cc1c82693931ac598d222c5a39e3018bdb0dd9dc63f0cb259fc92f403dd59b3f3310ed0c820d4ec0

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                    Filesize

                                                                                                                    1KB

                                                                                                                    MD5

                                                                                                                    a12c646200fadbc890b5eb6bbaa1bed4

                                                                                                                    SHA1

                                                                                                                    e05a7972de7b2cab7f2b923cb8b86b7a6f38d4f4

                                                                                                                    SHA256

                                                                                                                    c2e997c08d12eac5ae0ce49054f8f3e72bc6eb06c8fb74d6d193ca0aaff4a9c3

                                                                                                                    SHA512

                                                                                                                    fdf54ef3b2fe58ea7abe58597b8da82b3cfe69df37c988af5550e3196851382dc56848ea50c89dad3d9d69292c82e5a6282ef3ed7a7d3efeb12506529d9b926f

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

                                                                                                                    Filesize

                                                                                                                    16B

                                                                                                                    MD5

                                                                                                                    46295cac801e5d4857d09837238a6394

                                                                                                                    SHA1

                                                                                                                    44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                                                    SHA256

                                                                                                                    0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                                                    SHA512

                                                                                                                    8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                                    Filesize

                                                                                                                    111B

                                                                                                                    MD5

                                                                                                                    285252a2f6327d41eab203dc2f402c67

                                                                                                                    SHA1

                                                                                                                    acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                                                                                                    SHA256

                                                                                                                    5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                                                                                                    SHA512

                                                                                                                    11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                                    Filesize

                                                                                                                    2KB

                                                                                                                    MD5

                                                                                                                    b870a495811eb65ea724f1df910bd05f

                                                                                                                    SHA1

                                                                                                                    0000a6e529110104f6a9c90b18773e12b1152ba7

                                                                                                                    SHA256

                                                                                                                    424ecfbc019b5e4187e4e826606af19ddbdd0843b8ad794fe9ef0f1d3256a28c

                                                                                                                    SHA512

                                                                                                                    9274b52b3c29c6d4216be013d6ed61543b763493f0f56f35e31a0fcebc14966bd6667fdbf370f048edca0520e126dd68b3de2285ecc5ac147aff99a154a6ee75

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                    Filesize

                                                                                                                    5KB

                                                                                                                    MD5

                                                                                                                    bdf59769dc988889c5f9b0e3d93be4b2

                                                                                                                    SHA1

                                                                                                                    465366ede75c23364283eb25a12073b3acf0e245

                                                                                                                    SHA256

                                                                                                                    f53156bdfbade338c2a1e069289706fef4d7e525fc0086085b5dcbbf7ae2601e

                                                                                                                    SHA512

                                                                                                                    259b8baf48b1042b23103710297bfdea0969e836b422e0b1bb879fb60b2b3cf23a6b20b6d6779eb6a4e71cec44fd530d3788c5f3f42f64f7f4b4239ddb476750

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                    Filesize

                                                                                                                    6KB

                                                                                                                    MD5

                                                                                                                    4dbad8ad538f561a51a6534e08473b54

                                                                                                                    SHA1

                                                                                                                    d75b2150534c9fa5656f4fd060ee98c9ae02b726

                                                                                                                    SHA256

                                                                                                                    817de353cfa1b59cd98ab6a6f80759e2de8ab8169ae30d3937739aba5ffcb573

                                                                                                                    SHA512

                                                                                                                    12eeac969a7794478183b86328677ffa6119c91630a1ee071ea3c4077d8fb32ed861ac836ad800216126ddbc30cb35613287865ccb9f0044a8a89311d76c5b54

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                    Filesize

                                                                                                                    6KB

                                                                                                                    MD5

                                                                                                                    eb04f9554f563d2f6f44eeebda3ea925

                                                                                                                    SHA1

                                                                                                                    97c9c07d03ad6e0b4b8afdb515efc8f97a26d508

                                                                                                                    SHA256

                                                                                                                    8fb05ea6b5e56e8ecf1290d7386c2041a11e7b8b654f752d6d4116fe38fcefaf

                                                                                                                    SHA512

                                                                                                                    23559b0c4ebf72f99b3d80b70a66d2f20af1e10e4d7b68f37aa4b6de39158f0b33fb68c3c9db05f199a2d54bcfdc7ae88d81ad30a569e1448ce1b3b89cc752bc

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                    Filesize

                                                                                                                    7KB

                                                                                                                    MD5

                                                                                                                    71c4ed23aa93a7297d93a899d816d595

                                                                                                                    SHA1

                                                                                                                    abaedebd2a397f1f615d1b3e109a3960a6780b5f

                                                                                                                    SHA256

                                                                                                                    d8c91051582ffac6fad00820de8e7daecea131ed369bd522c90cadc005472cf8

                                                                                                                    SHA512

                                                                                                                    c15b6577a8e612251445b26a4f437c2e6c816ab716d07acefb690967fa9575e7eb75daaf1eb8a982634140fe81f8bfa4297f9877c4c952dbaa586a8b490782eb

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                    Filesize

                                                                                                                    7KB

                                                                                                                    MD5

                                                                                                                    1edd50574c7174ec187e6c529367fa8d

                                                                                                                    SHA1

                                                                                                                    a04661b6a0b9fb0e638ac321bafcccdd2b67fbbf

                                                                                                                    SHA256

                                                                                                                    47a91b0f282ba86dda972c6458c33dde767e0a217f58d982e600e4cc07a87913

                                                                                                                    SHA512

                                                                                                                    eb02c456fe4fb8856e27d7c403fca519fb9934101d1a9b2603f3bb0d9ca9136424fc08f5eca5d520e9b09e88b549c43bc5c874bf3e8d226f76bc3975bee1bdbc

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                    Filesize

                                                                                                                    7KB

                                                                                                                    MD5

                                                                                                                    5f7debf3ace1c981fee61e68cb9994a6

                                                                                                                    SHA1

                                                                                                                    d1ec732ce52108203d01c74befc128d80dfe3a58

                                                                                                                    SHA256

                                                                                                                    7eb00255d96cb3bab3f5193a75eef1eda96a5f9e268449d06d64d256e4a72156

                                                                                                                    SHA512

                                                                                                                    c2c86879214c3a684c756a2b9a3715963587bde9dfe7d7d3ae125e6c0b3c47aed860b8ed701fe4499ac5814eb5654b0d62c123914cefbfc157a3565b6d4c2908

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

                                                                                                                    Filesize

                                                                                                                    24KB

                                                                                                                    MD5

                                                                                                                    f5b764fa779a5880b1fbe26496fe2448

                                                                                                                    SHA1

                                                                                                                    aa46339e9208e7218fb66b15e62324eb1c0722e8

                                                                                                                    SHA256

                                                                                                                    97de05bd79a3fd624c0d06f4cb63c244b20a035308ab249a5ef3e503a9338f3d

                                                                                                                    SHA512

                                                                                                                    5bfc27e6164bcd0e42cd9aec04ba6bf3a82113ba4ad85aa5d34a550266e20ea6a6e55550ae669af4c2091319e505e1309d27b7c50269c157da0f004d246fe745

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\3ffc6e5e-aa70-4a9a-a4d9-16d1654e77fa\index

                                                                                                                    Filesize

                                                                                                                    24B

                                                                                                                    MD5

                                                                                                                    54cb446f628b2ea4a5bce5769910512e

                                                                                                                    SHA1

                                                                                                                    c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

                                                                                                                    SHA256

                                                                                                                    fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

                                                                                                                    SHA512

                                                                                                                    8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                    Filesize

                                                                                                                    89B

                                                                                                                    MD5

                                                                                                                    2606202794c1878e61ba661f94ea1a63

                                                                                                                    SHA1

                                                                                                                    d327628185d63858030bccabcaee84edef92ffc2

                                                                                                                    SHA256

                                                                                                                    055d52dc71060b8207d067e74c9fea57c6f4260adc109b0f240bf6dcdd7b0f3d

                                                                                                                    SHA512

                                                                                                                    a48d6d1fad810d6cc858906f27382ad8f6ff1f2b70dddae99cfb8de083cf1695886059f77c307c097789622bc972ef60ad67d435da1a81c3c608ca258d8f1fc5

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                    Filesize

                                                                                                                    146B

                                                                                                                    MD5

                                                                                                                    671f91c0c97845f2a2eb233933eef850

                                                                                                                    SHA1

                                                                                                                    8427baa97a43f12e49150c725b2a8b3eb756ba65

                                                                                                                    SHA256

                                                                                                                    a61cf89c7b59d49b077d41a45491e37da420e5476c16278191bc165bd407ad5f

                                                                                                                    SHA512

                                                                                                                    6d8af99190d42fe0422de397f6d6a220d5e0ebb5bfdf9e3e7b018a8b3add372a3a9faa0045f378ed94976dcd900fe3823307c0c405fe6fb9975f048e3f7ce36a

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                    Filesize

                                                                                                                    146B

                                                                                                                    MD5

                                                                                                                    68133925415d6ceda0e08438a1edddd2

                                                                                                                    SHA1

                                                                                                                    d6587a21b968f9b4f7676b8819a60f9da986e69d

                                                                                                                    SHA256

                                                                                                                    c6be8620b41bfa67597ba29fe8acbc676889f9c60931b7583aa36db90ff9e972

                                                                                                                    SHA512

                                                                                                                    5cf5685f0238b66b2f6f46615be7fe660231c2bdc58ccdd1f7539d5267039bd0a6f9eba9452fbf0531e60514027037ca360bffb0bf0d5e11e57d4524b3b50b45

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                    Filesize

                                                                                                                    82B

                                                                                                                    MD5

                                                                                                                    f9154dd51d1febb9306f06cfb5e2c31a

                                                                                                                    SHA1

                                                                                                                    8e4f491419c3e808c73acfcd9f12b2c8d5c80e91

                                                                                                                    SHA256

                                                                                                                    0e25aac346d6257504089bb90bbb3183a673976ba421056513d04f5b3974e711

                                                                                                                    SHA512

                                                                                                                    7ec48595b8cac6f019d0e1508a480b6b8ca999725ce325ea802e900d009f60a5a683a67adcd366df7dd67d8d66473fe79409cff50c2ba17b9b52b00a61397ef3

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

                                                                                                                    Filesize

                                                                                                                    41B

                                                                                                                    MD5

                                                                                                                    5af87dfd673ba2115e2fcf5cfdb727ab

                                                                                                                    SHA1

                                                                                                                    d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                                                                    SHA256

                                                                                                                    f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                                                                    SHA512

                                                                                                                    de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                                                                                                    Filesize

                                                                                                                    72B

                                                                                                                    MD5

                                                                                                                    53569a426f68472a2c273ff01ed3caee

                                                                                                                    SHA1

                                                                                                                    d908ecb84fdae53a6b4f6c9acf9e30f74b3a300c

                                                                                                                    SHA256

                                                                                                                    2f7daf103c2aa71a8891eea0dc9e4f2c7f973904931653ea95fcee55df66e01f

                                                                                                                    SHA512

                                                                                                                    e5d1756e212a2febed00c8acf7814e1d3b84d98d3b96e9e668b57d6117e0d2290420ef01c5c112942aa3b7f7952ab1daba010b466976f75c69e97751dc2c7108

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58fe31.TMP

                                                                                                                    Filesize

                                                                                                                    48B

                                                                                                                    MD5

                                                                                                                    c24ac10bc8a62f6f14b506defa808579

                                                                                                                    SHA1

                                                                                                                    6e756b3ab4c0ffaad014916c0e09094686ab0faa

                                                                                                                    SHA256

                                                                                                                    184b3353adb0715f42aa51d1bad84763ded907d15d88025e8f9b7f46d70e626d

                                                                                                                    SHA512

                                                                                                                    4c2505f08d07da0f577ccb80baccacfd8aa600aa5be0e6f80d88aaaa3f48f7508137a25cdc81a8e20e23da5d7b159ea55a55b59800c430ff70636a7a545a2fee

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                    Filesize

                                                                                                                    1KB

                                                                                                                    MD5

                                                                                                                    4ac99e9b6229aed212659936ccd41be3

                                                                                                                    SHA1

                                                                                                                    3913db1965792039708592e540f3ca33b173828c

                                                                                                                    SHA256

                                                                                                                    ccc9a473b6a4fa6a4b999ca6a8a4124b303ba7d5be52042e4ae680707719aab4

                                                                                                                    SHA512

                                                                                                                    02803b6f1b202a1dbe414525bf6c4e51989abbb78ed8466e42314ba25b5b49fb9ddd4edacfa4bce5014d29a4429708b1b69014bd0be4cf64b693615c01b46cb8

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                    Filesize

                                                                                                                    1KB

                                                                                                                    MD5

                                                                                                                    115e3fad949be94c06b6b09224217422

                                                                                                                    SHA1

                                                                                                                    ff1e4f56699f5cc792987c68edcf86c6d6fa704c

                                                                                                                    SHA256

                                                                                                                    e6c12966d10b4df63d26f86506be669c4bc5b6a1ca8f2af4eac9b2417c1c081d

                                                                                                                    SHA512

                                                                                                                    ef555d71d827087d854fe8f41fa69669bc809592def751e7fdc20c1cac8a5b19af1b8b40182438b5961ea127e381a4d242c5facb7f850b773ec0fd0f2539e6c4

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                    Filesize

                                                                                                                    1KB

                                                                                                                    MD5

                                                                                                                    194b5a64fbe2c17e88a64dc3054db00f

                                                                                                                    SHA1

                                                                                                                    2ba2d72c6921c329772020fc37ed74a5b0bbd6ce

                                                                                                                    SHA256

                                                                                                                    7fdb037fd4303001914286a021fd30460974f3eae3d3b685329486a83e7326ec

                                                                                                                    SHA512

                                                                                                                    4588fcc0acc1eb71403aa52ced9701cec4a21bb7207302beb845ffeb823903e5faa137fd231445d05d9508c48788d67f2481e96b2ab21ea72e6648fb6201befe

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                    Filesize

                                                                                                                    1KB

                                                                                                                    MD5

                                                                                                                    d80d09a05b762b042b35da52ae3a0593

                                                                                                                    SHA1

                                                                                                                    e486f9529c6c8b956be95edba3717fa8205bcae3

                                                                                                                    SHA256

                                                                                                                    250639884cf2c2e36e8319a90c6c72efc17baae94c7417866f31b84ae69fa7ad

                                                                                                                    SHA512

                                                                                                                    3ae68a0cccbe9088033994449a48a61fcd0bb47876dca248d3e9b4b733a52b2a41ab2ec01ea8064731fbf9356481e66c800aff098888c254aab301590a878c4f

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                    Filesize

                                                                                                                    1KB

                                                                                                                    MD5

                                                                                                                    fafefd7f72f8c0fab81a750c059773e1

                                                                                                                    SHA1

                                                                                                                    c470941a3a96f4562171b506f81b6212a61eef1a

                                                                                                                    SHA256

                                                                                                                    7ba3bf86b233243d085a2b3577955f553140080fc276afc80559c367c12e636b

                                                                                                                    SHA512

                                                                                                                    c7922f401b576474c0718fb8251f5c5a47d9ad8a7376ac7365eed420e0f2fa38b47d78ea34ef94fb1b32cc4ae919e05e037298992dbbfbf94b037b0903b30abe

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                    Filesize

                                                                                                                    699B

                                                                                                                    MD5

                                                                                                                    bec409739af6cee0325d955c5d86f149

                                                                                                                    SHA1

                                                                                                                    5d86ad7ad1e6867e93c19a81eac0b98dd777c348

                                                                                                                    SHA256

                                                                                                                    0f415fcfaab8fc7a0f15a4a80af9b29628bb86c8cd24ac8d68e480071ef0945d

                                                                                                                    SHA512

                                                                                                                    cace44d7635613895fb4d27bca02bd54731594653023df03c14d50f27ae3446ef6028dcdd74b3cf973e712b5b9de8c820ff732065a5aac21aca7eafe049cdf57

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581ae6.TMP

                                                                                                                    Filesize

                                                                                                                    533B

                                                                                                                    MD5

                                                                                                                    956b6ad7049aff6c413133b3ec4fd49e

                                                                                                                    SHA1

                                                                                                                    d1d31839716fb70c21f3b725de39ad6498f376c8

                                                                                                                    SHA256

                                                                                                                    2e70971ddb3667ea16df55ea86776b64e3e5bd9551741e84ae4bddfc9f0e7c89

                                                                                                                    SHA512

                                                                                                                    1d28525286a7f4bf4e56a75320a2146f100c9a1584b638193b98778059016053b071c47a69693231f28f5af927ad5ce0bff92106b9f33a26ab86fe8ed2e7d8e8

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                    Filesize

                                                                                                                    2KB

                                                                                                                    MD5

                                                                                                                    66b453372faaf83632f90997ecb942a8

                                                                                                                    SHA1

                                                                                                                    57a5f6b118c6f1ed591dd1870e14c13539e4700d

                                                                                                                    SHA256

                                                                                                                    25cbebcdbb3a68e18fe1c46f0f52d14adc04f5bdaa2d87284377a71a35b0eaca

                                                                                                                    SHA512

                                                                                                                    d87c6b6b88dde139d374ced5d4231e00fbfcc002fd3726ddde378ca6613bbafad0bfbb12cb25f6da552c3a8a5b3319760d8932d02c2cea6ea4a74d8bc05a7943

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                    Filesize

                                                                                                                    2KB

                                                                                                                    MD5

                                                                                                                    75b1acabebe20366a70ed3ed34b8dc65

                                                                                                                    SHA1

                                                                                                                    974cfffbe825f16cd6d88050e33e854735abda23

                                                                                                                    SHA256

                                                                                                                    af169711025a187808e6263234e972f4c76e7d6243e4105230331a4b476241b4

                                                                                                                    SHA512

                                                                                                                    85f16d9c78bc0073e56d5511b655a1a80285cbaa733926dba2bd5f55095c61196a285e5497f6ac225e68b4406877508d0fd8b67bc6c7b783cf06e57556cdf473

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                    Filesize

                                                                                                                    2KB

                                                                                                                    MD5

                                                                                                                    3e7fe32a590902ceb5cca2943d9a553e

                                                                                                                    SHA1

                                                                                                                    044d92f3a99cedf34226cd111057019df2712495

                                                                                                                    SHA256

                                                                                                                    7b2e45405029f97add015a6cedd20cf449f80e9284a369f31c05d337ddaca534

                                                                                                                    SHA512

                                                                                                                    7693b6546d3b0ec5282813e93f66e6a242f536daab14446be60f9c2037376d8ae830e4a1f23968434f68c10eee13b616ac0412a0ddc1c881aee57e97ca98ba3e

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                    Filesize

                                                                                                                    2KB

                                                                                                                    MD5

                                                                                                                    817e24f95504a53a8236e58a57a77245

                                                                                                                    SHA1

                                                                                                                    a712722394c2665e7ed22766f36a7a30d787cc1f

                                                                                                                    SHA256

                                                                                                                    7f14852c5a2b241759b736b0e3d2f4aa9a4fd9cd75fa077bc9934d43736539c3

                                                                                                                    SHA512

                                                                                                                    c9f91c0f334971d6e2fc634003549b758f53471eed2c766e9ca07745b733b5d28da9557a308d8657cc190dd9bcaae68c7717d81e94a08883a2d444c7cc40bc07

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                    Filesize

                                                                                                                    2KB

                                                                                                                    MD5

                                                                                                                    3520683a96687c3becf960b0b3ef087a

                                                                                                                    SHA1

                                                                                                                    e1abb116a61c7a355b642d795739ad71144c1d0e

                                                                                                                    SHA256

                                                                                                                    956776a43d86ba90ba2de7f612fa10f2dd1c327f21d649a832715c41a945d7dd

                                                                                                                    SHA512

                                                                                                                    6cfc1117aa75e04dbb70c3ded582e3c947266fb97d709d656f26ff7f8663dea1a91bfb164996a001af5480a8f9cc5ab58a5b597f55a0db2c7ec02701751a63d3

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                    Filesize

                                                                                                                    10KB

                                                                                                                    MD5

                                                                                                                    9f4f933a8674d04be749ca4ae3ed74cc

                                                                                                                    SHA1

                                                                                                                    b0cf2a5bc7b36b38641f5def53636098c4c3c648

                                                                                                                    SHA256

                                                                                                                    0daddf73d05740c721a07a5f098febea8e2a1a790efde154a580bcc656b26bfb

                                                                                                                    SHA512

                                                                                                                    da417b0dfb104745c1f7a4802ec1371d24590be24fd047278a147ad1f36850d4fca8405bc821e042ef15905635ffd026d5677e80f9f3662a3a3aa94218a86b2d

                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                    Filesize

                                                                                                                    10KB

                                                                                                                    MD5

                                                                                                                    e9279805edb7942a427349028c4273fe

                                                                                                                    SHA1

                                                                                                                    c2764b84f53f2a11d3f2dc6b88c1a6620a783f05

                                                                                                                    SHA256

                                                                                                                    c327b1efea812acf68f93ecf2f3fe9518c52bc23b975e9da87c6aedd06f0118d

                                                                                                                    SHA512

                                                                                                                    bd4167ca733bd85d119af497c0b6d44e5a2f9809209b8500f962d8aa586a97d03b1b6ee7d514fc71945e250f1463a693bc16f155b33f48352408772820a126fb

                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\tmpaddon

                                                                                                                    Filesize

                                                                                                                    442KB

                                                                                                                    MD5

                                                                                                                    85430baed3398695717b0263807cf97c

                                                                                                                    SHA1

                                                                                                                    fffbee923cea216f50fce5d54219a188a5100f41

                                                                                                                    SHA256

                                                                                                                    a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

                                                                                                                    SHA512

                                                                                                                    06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

                                                                                                                    Filesize

                                                                                                                    384KB

                                                                                                                    MD5

                                                                                                                    4638b5d074209d70dbdb82a3f25e1cf6

                                                                                                                    SHA1

                                                                                                                    dabe87a5fa9e6f57390b189d916557118500bb2b

                                                                                                                    SHA256

                                                                                                                    469a0746b649db600ec717d58d7ca697d9c5e5ee6556f6e0da956abaa2042765

                                                                                                                    SHA512

                                                                                                                    bb73c4f58fde63e14e4d1192c1ef40e0338f1c42c1ac9e16a1c8217688555ae30bbfd9a34007e3e316c5913a1783c596277f23214bca1aa7336800f19cc4a3be

                                                                                                                  • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\datareporting\glean\db\data.safe.bin

                                                                                                                    Filesize

                                                                                                                    2KB

                                                                                                                    MD5

                                                                                                                    d56d1e686b435f96ef2039586e20828f

                                                                                                                    SHA1

                                                                                                                    603dcc00eaaa58c35102f442fa7f50fb03c532ea

                                                                                                                    SHA256

                                                                                                                    4a47735f8c793f1913606f6980074d0840457e39e842411b25e0ac696c35976f

                                                                                                                    SHA512

                                                                                                                    9c086b201843c3b735d99424d4509a03cbe440c7f6779cbcbc64cce999e8f1b2072e3f582376a825b01b5eb74aabf5dff6809b3ed5b4c59ce0ddb91af36f75bc

                                                                                                                  • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\datareporting\glean\pending_pings\255d73b8-76e0-490f-b437-58c27b38b5de

                                                                                                                    Filesize

                                                                                                                    10KB

                                                                                                                    MD5

                                                                                                                    a19690f36d7dbc0251a541d361e0f869

                                                                                                                    SHA1

                                                                                                                    08a9b1e933b7072650981c42f082b9a32748717d

                                                                                                                    SHA256

                                                                                                                    a4cb76614cbb69eb45a2d6206be26b0d7e41c121b7553a8f105132d949eef89e

                                                                                                                    SHA512

                                                                                                                    a153db09a9dab4f22a87f1aeb3938187ec9f9b50a80908c6e0bb2d493f4959b2b3952e976444c342bf46309dbf551952b04a040270945f73240f7fc52f2e8144

                                                                                                                  • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\datareporting\glean\pending_pings\fc1766ba-47b9-4230-b7b8-8759d3c8e169

                                                                                                                    Filesize

                                                                                                                    746B

                                                                                                                    MD5

                                                                                                                    e2a36447a13941f7046f6d6100ce7140

                                                                                                                    SHA1

                                                                                                                    6cf9e406c724bd6500c79c8701824ae4a18ac1ab

                                                                                                                    SHA256

                                                                                                                    3ecc71eb345203bc92299640f189b4bb231c716fe099010ccdc603a9ff9732f4

                                                                                                                    SHA512

                                                                                                                    328e7dc676e24041ad6d657243140edb6a0a4118c25e319831e5534a3719380319d0517645ca85de50f6772f9a5ddd856568ccd57fec7f91e068498ca91b35b7

                                                                                                                  • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

                                                                                                                    Filesize

                                                                                                                    997KB

                                                                                                                    MD5

                                                                                                                    fe3355639648c417e8307c6d051e3e37

                                                                                                                    SHA1

                                                                                                                    f54602d4b4778da21bc97c7238fc66aa68c8ee34

                                                                                                                    SHA256

                                                                                                                    1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

                                                                                                                    SHA512

                                                                                                                    8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

                                                                                                                  • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

                                                                                                                    Filesize

                                                                                                                    116B

                                                                                                                    MD5

                                                                                                                    3d33cdc0b3d281e67dd52e14435dd04f

                                                                                                                    SHA1

                                                                                                                    4db88689282fd4f9e9e6ab95fcbb23df6e6485db

                                                                                                                    SHA256

                                                                                                                    f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

                                                                                                                    SHA512

                                                                                                                    a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

                                                                                                                  • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

                                                                                                                    Filesize

                                                                                                                    479B

                                                                                                                    MD5

                                                                                                                    49ddb419d96dceb9069018535fb2e2fc

                                                                                                                    SHA1

                                                                                                                    62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

                                                                                                                    SHA256

                                                                                                                    2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

                                                                                                                    SHA512

                                                                                                                    48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

                                                                                                                  • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

                                                                                                                    Filesize

                                                                                                                    372B

                                                                                                                    MD5

                                                                                                                    8be33af717bb1b67fbd61c3f4b807e9e

                                                                                                                    SHA1

                                                                                                                    7cf17656d174d951957ff36810e874a134dd49e0

                                                                                                                    SHA256

                                                                                                                    e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

                                                                                                                    SHA512

                                                                                                                    6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

                                                                                                                  • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

                                                                                                                    Filesize

                                                                                                                    11.8MB

                                                                                                                    MD5

                                                                                                                    33bf7b0439480effb9fb212efce87b13

                                                                                                                    SHA1

                                                                                                                    cee50f2745edc6dc291887b6075ca64d716f495a

                                                                                                                    SHA256

                                                                                                                    8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e

                                                                                                                    SHA512

                                                                                                                    d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

                                                                                                                  • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

                                                                                                                    Filesize

                                                                                                                    1KB

                                                                                                                    MD5

                                                                                                                    688bed3676d2104e7f17ae1cd2c59404

                                                                                                                    SHA1

                                                                                                                    952b2cdf783ac72fcb98338723e9afd38d47ad8e

                                                                                                                    SHA256

                                                                                                                    33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

                                                                                                                    SHA512

                                                                                                                    7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

                                                                                                                  • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\prefs-1.js

                                                                                                                    Filesize

                                                                                                                    6KB

                                                                                                                    MD5

                                                                                                                    086eb6f522a50bd871e1fe058b37d60e

                                                                                                                    SHA1

                                                                                                                    fec12758c755a298dd546198b4f6d8d329416f03

                                                                                                                    SHA256

                                                                                                                    9373a281cc7a98ceb02c65e79565297dff10ba0b2d4916548aa0eca7335e873f

                                                                                                                    SHA512

                                                                                                                    fbf9ccf75ac5f37ff444f595444d7c877ac44deba13598b93256fc1b782967921a9bfda56b21e5138fee1a7d3d0225b9dae82285403d26b55f520a4700f2b722

                                                                                                                  • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\prefs-1.js

                                                                                                                    Filesize

                                                                                                                    6KB

                                                                                                                    MD5

                                                                                                                    a495ad6399c1473e387c5df200434188

                                                                                                                    SHA1

                                                                                                                    93ea27bec2d7d794e257a97a59448ceaf392373e

                                                                                                                    SHA256

                                                                                                                    725760a29b733cf8c76abc17179a2931d6cf3170794e7469de8980c948144eb0

                                                                                                                    SHA512

                                                                                                                    cb34685e201ff232d9614cf34d68b013a0bd74c346f950b793bb1f2c39844e1d21c5c55bb0a86197588e9565fd68de9aa79d28efcae2cb1ec66afe4e5bae3a24

                                                                                                                  • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\prefs-1.js

                                                                                                                    Filesize

                                                                                                                    7KB

                                                                                                                    MD5

                                                                                                                    2b93511beb49be3904711c49b6f85263

                                                                                                                    SHA1

                                                                                                                    9ef627c485f5ee0c42d2af04eff85912fd8148eb

                                                                                                                    SHA256

                                                                                                                    51c4d1e3d00e4611a8994f1c7f5888bcf242cf79854e2172f74668c5d9f73f47

                                                                                                                    SHA512

                                                                                                                    bc92ccd6f9549ebbd0c70867fdc3b24bf111acb01daa47ab74884a7a43a39d83117d06871565428d364a6537a71b42cdaca19c4b019b471164f5f599b1dd3b44

                                                                                                                  • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\prefs-1.js

                                                                                                                    Filesize

                                                                                                                    6KB

                                                                                                                    MD5

                                                                                                                    e22851521e41ace2be711ee310c90385

                                                                                                                    SHA1

                                                                                                                    292951c6cd4062b03a14a683f12ddb6310da0632

                                                                                                                    SHA256

                                                                                                                    186d9a57e38442f3e4e04b2bed8b99853758a35903b4cdf52a488f4094f47307

                                                                                                                    SHA512

                                                                                                                    660beb30d3174dd9cb16e7c8501755d0bad00d6b295831be10db296193f088cdff3e7068a6a0f3e600bb6b6b06fe43cfa77a267bbed337a1b352d308ad4d0d15

                                                                                                                  • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\prefs.js

                                                                                                                    Filesize

                                                                                                                    6KB

                                                                                                                    MD5

                                                                                                                    7cddac9ea6c9a7aad70169b31de14786

                                                                                                                    SHA1

                                                                                                                    07d1d790a365cbeae4d0c3996cda952c0d8b5235

                                                                                                                    SHA256

                                                                                                                    30a4812035a715fdfcaeae7f13be5814b85812b403f408e4c0002713a5c92ca0

                                                                                                                    SHA512

                                                                                                                    58c331ffb20b02702d9c90fed5394fe30e1941396c4331b6f24a912db710517f1e4218ef4783810fc375ba257b8d0e0ce8b57e48bf7328b59d7b8d30bc5ccd20

                                                                                                                  • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\sessionstore-backups\recovery.jsonlz4

                                                                                                                    Filesize

                                                                                                                    6KB

                                                                                                                    MD5

                                                                                                                    15c8c0bb88a45db0863c9713a0617f00

                                                                                                                    SHA1

                                                                                                                    318bf093cc558664fa7d54ea2caa1153d718d45d

                                                                                                                    SHA256

                                                                                                                    7432ad404f168a3f1a43298c02e356cc7a3ee45a8aa9a38c390fea6e1b552067

                                                                                                                    SHA512

                                                                                                                    bd9032adf0d15659481dafd562a6e146d4fe3960eb310edae007b11b42614a4e9f4dd55ec365a2781c48be9b5e097b9ecc20ff3ea26d5fd865067868e3ef60c1

                                                                                                                  • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\sessionstore-backups\recovery.jsonlz4

                                                                                                                    Filesize

                                                                                                                    6KB

                                                                                                                    MD5

                                                                                                                    59e8a02bf42bb6882cede07fcf28c1ea

                                                                                                                    SHA1

                                                                                                                    25efb4cecb17d963135b0d1be757a0c89975c826

                                                                                                                    SHA256

                                                                                                                    ced73de498af4118672c369e80a79b64e1d9ddabadb7056e6f20f42b2436c6f7

                                                                                                                    SHA512

                                                                                                                    e236906350634a2482a5eac0289fb7b8789fb2cba2050b7ca0856482d930fe96f54754c9bd357bf832b507806c1381111bf240b30e687bb29c678196ecf868f0

                                                                                                                  • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\sessionstore-backups\recovery.jsonlz4

                                                                                                                    Filesize

                                                                                                                    1KB

                                                                                                                    MD5

                                                                                                                    af915452aa46c2a5d62bc431e3b7b035

                                                                                                                    SHA1

                                                                                                                    17f0752ce7668d3d10ae263ee322f2e6868830d3

                                                                                                                    SHA256

                                                                                                                    29d3d8ed95b6627a78700c3a288c8260a8b762c06da4f07f0655e60fe2977914

                                                                                                                    SHA512

                                                                                                                    38e4bfb2a8d39d5afdf6189552b0572eeb6eff8419a8ed78312fb7acec7e88398df2ad3c27e59a86337fd6f0a0c4a76a2ef9d12d647147e1e8bad5e07d978ca7

                                                                                                                  • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\storage\default\https+++www.youtube.com\cache\morgue\82\{45493533-4b6f-44ba-8b78-dee215e25e52}.final

                                                                                                                    Filesize

                                                                                                                    192B

                                                                                                                    MD5

                                                                                                                    2a252393b98be6348c4ba18003cc3471

                                                                                                                    SHA1

                                                                                                                    40f75302fcbe4a8ac2e33a8d9daf801abc2a9598

                                                                                                                    SHA256

                                                                                                                    04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee

                                                                                                                    SHA512

                                                                                                                    07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

                                                                                                                  • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\storage\default\https+++www.youtube.com\idb\1015702105yCt7-%iCt7-%r1edsfpco.sqlite

                                                                                                                    Filesize

                                                                                                                    48KB

                                                                                                                    MD5

                                                                                                                    a3a90dadd0a5bd8d83c1ef60b480f391

                                                                                                                    SHA1

                                                                                                                    7dd63543942ee7171fa0ec611c58a974d602d695

                                                                                                                    SHA256

                                                                                                                    913b14f33f914ba24e0b129b4a71247f1cf973da8668e047c96eb497c81bdf18

                                                                                                                    SHA512

                                                                                                                    cadab8a9354408f7f9397f45fc5144e8c06f0e198b4c4845327f226cb18f1ead12f8e83b545c201fd87e1e9675324551b7096087c37cd8cf82813e6bd1425c28

                                                                                                                  • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

                                                                                                                    Filesize

                                                                                                                    184KB

                                                                                                                    MD5

                                                                                                                    1bd251010f40d2f9a5248de5ec953dab

                                                                                                                    SHA1

                                                                                                                    2dff8cfcfdf1f8e14436d997340b1616740f0550

                                                                                                                    SHA256

                                                                                                                    7f51459d68c89983c9b5327a3cb9e45fc003f403f9696eb8d0e0eba62114f3af

                                                                                                                    SHA512

                                                                                                                    9cabef3298a8c9226534025a2be52fa935e69d5320deb0b1a9f8ed509b19ecbe2272f32e0ec539fc50f8bf7f6d40ae5daf6c37a2cf38ce6bdf46cf5bfb94c28d

                                                                                                                  • \??\pipe\LOCAL\crashpad_3604_XEVMWNHIOQHECCLR

                                                                                                                    MD5

                                                                                                                    d41d8cd98f00b204e9800998ecf8427e

                                                                                                                    SHA1

                                                                                                                    da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                                                                    SHA256

                                                                                                                    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                                                                    SHA512

                                                                                                                    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e