Malware Analysis Report

2024-11-16 15:52

Sample ID 240207-p437saggd3
Target 8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a
SHA256 8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a
Tags
google phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a

Threat Level: Known bad

The file 8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a was found to be: Known bad.

Malicious Activity Summary

google phishing

Detected google phishing page

Checks computer location settings

AutoIT Executable

Enumerates physical storage devices

Unsigned PE

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of WriteProcessMemory

Modifies Internet Explorer settings

Suspicious use of SendNotifyMessage

Modifies registry class

Suspicious use of AdjustPrivilegeToken

Suspicious use of SetWindowsHookEx

Uses Task Scheduler COM API

Suspicious use of FindShellTrayWindow

Suspicious behavior: EnumeratesProcesses

Checks processor information in registry

Enumerates system info in registry

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-07 12:53

Signatures

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-07 12:53

Reported

2024-02-07 13:02

Platform

win7-20231215-en

Max time kernel

38s

Max time network

154s

Command Line

"C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe"

Signatures

Detected google phishing page

phishing google

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{CFEC43F1-C5B8-11EE-8495-CEEF1DCBEAFA} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d80bef292bee784c8e3c940d61fdfeb800000000020000000000106600000001000020000000e1e2682046bb9292fb5d078a753409773ffee9f1b71d8624d050d7edbdb04900000000000e800000000200002000000027079cd580c6e26ba008e74172ec1ede1a3688c0d088abaead744570801513d72000000044d87abb102ddbc851cf53e48206414299baeaac36a7e324a6bbe399429d9bca40000000df2f595e9b437e6741de37fde5496800834e80450588288c4e4ded40262cc4243c094373a41ed7f57047df874e4a2fc418e6eb7c1c40f00ece83be8234241d09 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d80bef292bee784c8e3c940d61fdfeb800000000020000000000106600000001000020000000b7896db4ee4e1eceda60898e6ec89a73e175036398cb989b5ae7acb70ba99d1a000000000e8000000002000020000000d51a9649e534a62863fd89b9d7005da36b442f6b8ab40e3e8e7d71e2306775d0900000003d209865c1eb4504b62bcfd1c4075ec9b6d4036b6079e316aecba392578ce44e6bddc25e6823beebec55f7ef18b5f22cf8904c41e62bbbd9bbc1c9ea18e2c83033f8a52363b9420b19f65337d36f85af4a2cb104b8e4c87f7c3e30c95a52581ab42dace34bd7dfcbb318287d4bf718b06b66d5190716fb7914c68b50822d1fe8bb67af9c37de6c1b0fe061fc5179f69c40000000df78c50a8eebaaa9861f39804518f81092de65b08ac943c0b8389f012486561de77480bc08556842440da13ddccd9b5391997bc7fa2adadd6c3d67a2d986283c C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2040 wrote to memory of 2356 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2040 wrote to memory of 2356 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2040 wrote to memory of 2356 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2040 wrote to memory of 2356 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2040 wrote to memory of 2664 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2040 wrote to memory of 2664 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2040 wrote to memory of 2664 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2040 wrote to memory of 2664 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2040 wrote to memory of 2376 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2040 wrote to memory of 2376 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2040 wrote to memory of 2376 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2040 wrote to memory of 2376 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2664 wrote to memory of 2840 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2664 wrote to memory of 2840 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2664 wrote to memory of 2840 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2664 wrote to memory of 2840 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2376 wrote to memory of 2596 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2376 wrote to memory of 2596 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2376 wrote to memory of 2596 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2376 wrote to memory of 2596 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2356 wrote to memory of 2492 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2356 wrote to memory of 2492 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2356 wrote to memory of 2492 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2356 wrote to memory of 2492 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2040 wrote to memory of 2032 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2040 wrote to memory of 2032 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2040 wrote to memory of 2032 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2040 wrote to memory of 2032 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2032 wrote to memory of 1688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2032 wrote to memory of 1688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2032 wrote to memory of 1688 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2040 wrote to memory of 1824 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2040 wrote to memory of 1824 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2040 wrote to memory of 1824 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2040 wrote to memory of 1824 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2040 wrote to memory of 1504 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2040 wrote to memory of 1504 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2040 wrote to memory of 1504 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2040 wrote to memory of 1504 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1824 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1824 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1824 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2040 wrote to memory of 2300 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2040 wrote to memory of 2300 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2040 wrote to memory of 2300 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2040 wrote to memory of 2300 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2300 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2300 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2300 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2300 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2300 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2300 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2300 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2300 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2300 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2300 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2300 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2300 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2040 wrote to memory of 2452 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2040 wrote to memory of 2452 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2040 wrote to memory of 2452 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2040 wrote to memory of 2452 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2452 wrote to memory of 1168 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2452 wrote to memory of 1168 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe

"C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/login

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2664 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2376 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2356 CREDAT:275457 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef69f9758,0x7fef69f9768,0x7fef69f9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/login

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef69f9758,0x7fef69f9768,0x7fef69f9778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef69f9758,0x7fef69f9768,0x7fef69f9778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.0.1170774876\643298580" -parentBuildID 20221007134813 -prefsHandle 1264 -prefMapHandle 1128 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f8031878-be5d-4c12-8308-560a948bab79} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 1356 fcd8158 gpu

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1172 --field-trial-handle=1384,i,9634299340106775250,9102473847727183176,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1528 --field-trial-handle=1384,i,9634299340106775250,9102473847727183176,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1088 --field-trial-handle=1172,i,8537147973433413168,16761944098341694163,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1608 --field-trial-handle=1384,i,9634299340106775250,9102473847727183176,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1064 --field-trial-handle=1312,i,4648784381696904592,11246140971152032433,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1464 --field-trial-handle=1172,i,8537147973433413168,16761944098341694163,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1512 --field-trial-handle=1312,i,4648784381696904592,11246140971152032433,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2264 --field-trial-handle=1384,i,9634299340106775250,9102473847727183176,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2276 --field-trial-handle=1384,i,9634299340106775250,9102473847727183176,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.1.1054600689\1868135392" -parentBuildID 20221007134813 -prefsHandle 1556 -prefMapHandle 1552 -prefsLen 21610 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a3c13a28-5633-4234-b1f5-bc46a11f7624} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 1568 fc05f58 socket

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2672 --field-trial-handle=1384,i,9634299340106775250,9102473847727183176,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2720 --field-trial-handle=1384,i,9634299340106775250,9102473847727183176,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.2.501067752\981539102" -childID 1 -isForBrowser -prefsHandle 2024 -prefMapHandle 1756 -prefsLen 21648 -prefMapSize 233444 -jsInitHandle 808 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {dc1649ad-5cd2-4398-85fa-e10628fba5b0} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 864 fc5c358 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1480 --field-trial-handle=1384,i,9634299340106775250,9102473847727183176,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.3.1096934016\186895082" -childID 2 -isForBrowser -prefsHandle 2736 -prefMapHandle 2732 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 808 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {996121ab-5afc-43a1-a090-dc9b933bd378} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 2748 d60d58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=1344 --field-trial-handle=1384,i,9634299340106775250,9102473847727183176,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.4.1762674220\1849613558" -childID 3 -isForBrowser -prefsHandle 3688 -prefMapHandle 3684 -prefsLen 26170 -prefMapSize 233444 -jsInitHandle 808 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {92f137d9-8ead-424e-97f4-c630b43d2790} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 3700 1e00b258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.5.1548858358\326506497" -childID 4 -isForBrowser -prefsHandle 3808 -prefMapHandle 3812 -prefsLen 26170 -prefMapSize 233444 -jsInitHandle 808 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ec6bba5a-bfc0-40a1-a506-c85f63db104b} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 3796 1e00be58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.6.1698830337\1356574767" -parentBuildID 20221007134813 -prefsHandle 4252 -prefMapHandle 4260 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {279e095e-969b-4696-972d-7a8ceaa6976d} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 4276 d69958 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.7.607397053\1098952638" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 4396 -prefMapHandle 4392 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {abf8bd90-dc67-41f9-b4f2-f9ae3caaabcd} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 4408 1bc9dd58 utility

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3976 --field-trial-handle=1384,i,9634299340106775250,9102473847727183176,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.10.1742066807\1460471748" -childID 7 -isForBrowser -prefsHandle 4752 -prefMapHandle 4756 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 808 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b5d6e88a-e758-4805-a3ba-448ee0a6ecad} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 4740 1e706658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.9.882838520\594797611" -childID 6 -isForBrowser -prefsHandle 4572 -prefMapHandle 4576 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 808 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {43a2c50d-9f74-4d06-b30f-71fc20f2a584} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 4560 1e706058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.8.2144162395\568404105" -childID 5 -isForBrowser -prefsHandle 1136 -prefMapHandle 1144 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 808 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e0011583-124d-4351-9e81-bee533579e6c} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 4396 1e4e7658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2344.11.1689521173\1755327287" -childID 8 -isForBrowser -prefsHandle 4720 -prefMapHandle 4888 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 808 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3428af2c-f98b-4214-933a-d86e092e9498} 2344 "\\.\pipe\gecko-crash-server-pipe.2344" 4912 20639a58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4416 --field-trial-handle=1384,i,9634299340106775250,9102473847727183176,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.204.78:443 www.youtube.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
FR 157.240.202.35:443 www.facebook.com tcp
FR 157.240.202.35:443 www.facebook.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 facebook.com udp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
FR 157.240.202.35:443 facebook.com tcp
FR 157.240.202.35:443 facebook.com tcp
US 8.8.8.8:53 fbcdn.net udp
FR 157.240.202.35:443 fbcdn.net tcp
FR 157.240.202.35:443 fbcdn.net tcp
FR 157.240.202.35:443 fbcdn.net tcp
FR 157.240.202.35:443 fbcdn.net tcp
FR 157.240.202.35:443 fbcdn.net tcp
FR 157.240.202.35:443 fbcdn.net tcp
US 8.8.8.8:53 fbsbx.com udp
FR 157.240.202.35:443 fbsbx.com tcp
FR 157.240.202.35:443 fbsbx.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com tcp
DE 157.240.251.35:443 www.facebook.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com udp
FR 157.240.202.35:443 fbsbx.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
GB 216.58.204.78:443 www.youtube.com tcp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 52.10.159.154:443 shavar.prod.mozaws.net tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
GB 216.58.204.78:443 youtube-ui.l.google.com udp
FR 157.240.202.35:443 fbsbx.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 216.58.204.78:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
GB 172.217.169.54:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.169.54:443 i.ytimg.com tcp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 i.ytimg.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.54:443 i.ytimg.com udp
FR 157.240.202.35:443 star-mini.c10r.facebook.com udp
GB 172.217.16.238:443 youtube-ui.l.google.com tcp
GB 172.217.16.238:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
N/A 127.0.0.1:50116 tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 172.217.16.234:443 content-autofill.googleapis.com tcp
GB 172.217.16.234:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 facebook.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 facebook.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
FR 157.240.202.1:443 scontent.xx.fbcdn.net udp
FR 157.240.202.1:443 scontent.xx.fbcdn.net tcp
FR 157.240.202.35:443 facebook.com tcp
FR 157.240.202.1:443 scontent.xx.fbcdn.net udp
FR 157.240.202.35:443 facebook.com udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com udp
FR 157.240.202.1:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
FR 157.240.202.35:443 facebook.com tcp
DE 157.240.251.35:443 www.facebook.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.16.234:443 jnn-pa.googleapis.com tcp
GB 172.217.16.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.16.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.179.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.178.10:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.46:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.46:443 redirector.gvt1.com udp
US 8.8.8.8:53 r4---sn-1gi7znek.gvt1.com udp
CH 74.125.108.201:443 r4---sn-1gi7znek.gvt1.com tcp
US 8.8.8.8:53 r4.sn-1gi7znek.gvt1.com udp
US 8.8.8.8:53 r4.sn-1gi7znek.gvt1.com udp
CH 74.125.108.201:443 r4.sn-1gi7znek.gvt1.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
N/A 127.0.0.1:50200 tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.35:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 beacons2.gvt2.com udp
GB 142.250.200.14:443 clients2.google.com tcp
US 216.239.38.117:443 beacons2.gvt2.com tcp
GB 172.217.169.35:443 beacons.gcp.gvt2.com udp
US 216.239.38.117:443 beacons2.gvt2.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.204.78:443 www.youtube.com udp
GB 216.58.204.78:443 www.youtube.com tcp
GB 216.58.204.78:443 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
FR 157.240.202.35:443 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp

Files

memory/2040-0-0x0000000000B50000-0x0000000000B51000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{CFF106B1-C5B8-11EE-8495-CEEF1DCBEAFA}.dat

MD5 48fbcf95634c8d8d0593256772cdeec8
SHA1 45c94c2d64996254bb2802f39029404af23ef0b7
SHA256 1d6b2b7fb65b7c91630e1426ca3276e928c603a26c4639dc9e7121cfa1320e6f
SHA512 6b87be689a647d33babb3771d31b1f97ac722067747c3c904f1a70c576f673e566cc0735f7006e9c5c74b9a7852025f76f865c3ad69665da0da964f64b6633e6

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{CFEC43F1-C5B8-11EE-8495-CEEF1DCBEAFA}.dat

MD5 7b8c768e78d3f6f6295ba5a7daa4f8ca
SHA1 4e010336d5524e8516513e1075de22396785d227
SHA256 d70f89365788686d1d4de5ea2e7bad3c44d4fa7bcc1c54790a79ec97f16e3385
SHA512 0855fab17750d54532b9dad48137fcc0794d82bcc6435d7603e9f282b14058c7b61fa00f1c7fdbad2f353c48261088471fc2aad352cedba603641e67f5592a49

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{CFF106B1-C5B8-11EE-8495-CEEF1DCBEAFA}.dat

MD5 a64d34c228fbbe0d77710d137bfed07a
SHA1 501534a7d98c3a49a5d3cc025ac2dce3d3d6ac6e
SHA256 466d1c4fa2836b85b9e86b27645a098ef25513a0d3a24f0432c5baa1526b0fd9
SHA512 6b9432a8d86e181c35898f866e70515c813e632f729041d4e2885a8db59569c7f4d28891ca0eb60bcaaeced792305fc06a7cb8dfb108cd0dc688c32424847357

C:\Users\Admin\AppData\Local\Temp\Cab70DD.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 3c07ff2ed22c59cc74b22f2afee002ac
SHA1 1c1175e4685e9f22987dd4fbac9b210c3c472ae9
SHA256 6631f9ce02015294dc5280ea42012430e04d2f07dc9c672793ea181c53e7d2c2
SHA512 06a8b29e128229309ce0a43bba4577aa30c265718b640e8525e7e49ad3f62b9e6cbb98917891f3ec2ca682be53174344f47ef52d963f63375ff11e98cdb14ab1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 f1a213f0bdd21935473fcdfe09ccfe35
SHA1 c7040fcc38be3ca27a90bc1397f92c2d7d1e946b
SHA256 7d83bb678a5a4bdaf69b68660b3b2b7252bd186ef09e8b0bba98ef88cbce14ca
SHA512 b8c5ffd024aceb8531d50e8b984d26209d835a931c9d700e67905ee832c1010a5e9170a99591ac216fb16b910e27c3d59823de8a3883cc3ea8ed6595e63de6ea

C:\Users\Admin\AppData\Local\Temp\Tar71AD.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 547d38b17f9506021c529eb75b1e611f
SHA1 0cf1a888eeaa2469f4cfaebdd56c952b150d09da
SHA256 f68685056507705db70882a9c98f62abd962e692cca76392bbe3f61c250165f8
SHA512 296f2569dca233a0c1a9e1d89db0f45f02826de317222d5abb54232c340550fc690e1f35b1e4b38085faad4181eb38a3ad81ba348e1af7b0281aad412b6e6e2e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 61bd05aa0166473f2be945613785ecd4
SHA1 c018210fa3c320a75ea70b2fcd14979a908ed3db
SHA256 58733e45379850c3b94c718e734bc9889d5be6571b55a254efa937d9e7cc0b18
SHA512 265662cd47bf982faf417c6be7985692c242bacd46b5681c1fd453f1fd2edd95469ceddc87e898da240fbc6c2175fb64814661fd69ebfaa70954101ca96d5295

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 10dfbce2f180c2295c397f942a4c1062
SHA1 6f743c699998d5d2c12a54ebeea9a721be505a5c
SHA256 b83c4d758c784f5263f04a671743dcf6b4f2d8b1c03d854e3cc9332cec7fea76
SHA512 80405088f7afc30bc496d8b387a006a5730c09fbd200e667423b4572c7d3574b73ced624f9d98e774d8f6f5191d621b9d900ddd45d32cb891075052306bbe234

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 eb02ab8f88ed25a2bd6b8dc80a3ed271
SHA1 e3111b3017e6b8a81fc0f3104766c34971bc2e1e
SHA256 8a40597591b21c3c2f4013a739e2259daeffc4a5ef5925bc1f5d2af65d0df57d
SHA512 9360bbaad752b286403ff647adb65c61e29f7e579978aa8cea4a21dd00259cd9b57adf220f23059e4c6bf45001bafbf616000f6d7e4ec94a79d1f799be305a1a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1a6c62af3c0446eb28c9cadd42efd6a1
SHA1 68a699c351bcabaec3d993bdddf3a3023014919f
SHA256 0ff633fae30ec6c7543469cb4b42186b0c5990fcb34c8924b7c2cd794cdfd1fb
SHA512 72a82e59db010dec9e617216d740337182646d33a18cc389053a1e43a62161c4c9c70d3e4e977bc8fcd1c71d266493123efd038b4c8794bde42026371e755bb6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1450c0d222cd4b93f01dccd5842e7bc2
SHA1 332d2c2ac53965f68df485ba560ea05130189442
SHA256 c15c832127a1de1c35080f29091339d13b060d89a0df563926db2586e39181c0
SHA512 76e8c559b1937bbf0d8dac973cd4d0c4f360cafd77f12e2e6204cd3f0c66db1cec0b0b0f13fb70f2c007b18714d16a91fbac7d82dad14f7fa3ec3e692dd173e4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 b6753fda20e9de0a7b2f3984b971a90c
SHA1 946f36e71f78c93046bca67c5b935ee2d8dc77e6
SHA256 a40a75477380ecae64d669fef7690f11db8dcbcf1cc72b9db2f8768b52da0034
SHA512 4b1a16893470b2fd7dc444062d1b62aefd90a908b6a357cb5a82914333a6e7d9de27025bdf9930d42dd6fca2634dcb8534daf817d69fb48b99d9c8f1f14183bd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 a2a4d4115f197a39fa1f8fb7b45ca3a9
SHA1 6c2ae448e5b0db9e97240186b9521959c01f8ebf
SHA256 af2ed48dcf4d5792a88cd6c0db0a5b98c12fe5d987e7a5a76c241dd02ca57ee0
SHA512 99e70c3e0e9580e811b36d469498f2f99a04ecab3cbb88ea7a7c53f77133e8ee4a3197f071cf4493e25d03c51cc54b4919870ee56c07d3c61f182adfc97164a4

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\4A6WQF2H.txt

MD5 abef39f7148a7b5cf37e6e85e655c646
SHA1 fc585d410837d947a40019d9cbe3a08967a57fd1
SHA256 6b8fd858dfc8ad7b624057aaf5fe85ff60ebb5bb23c11876e15f01cba2c7d88e
SHA512 cd12b662900a4e4a5d3cc01dc1a98092be760a2a3c0a66f6358b3fb9080b4070a2902434748bf5854417686c460cdcaa4570a29c288ecd27d1321597926d98b0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 34258f3123056f95128f383c6c9370ea
SHA1 d613b117bf34473f85a0d6e15ede648197c83421
SHA256 7889e954c62f48509cc7cffbfa46a46fdac2f334a3bc1f556f50d4c995857d99
SHA512 5a679192af56816bfe4b8f128ec1aa56a748627f448e9cd71a959b8e73c9427c1f081ea54563c8f73f4385ddb9cf7d184d22c4dfc14254e046f1205014f9af8b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 e7632ffc136c2c9a3e20819ab325d8a7
SHA1 3deeaca414d6ac0a9e3825d391dfb6e3d4525393
SHA256 1225eac2e767f642b0b23909bfca6073f08cc3e7ddbaaab2797382153d7da852
SHA512 d63b606a7ea02670cdede526768929b80fe2eb580ff1d43acd09a3c7bb1b5ff9d06ccdc31a6a61ea218aeccb8bb8d78fc8d0211b1e1e182c2055acd245496cee

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 2d32905e50c0eff580840dff889cb375
SHA1 fe44424f78251198b910eddf75cbdba01c387ba0
SHA256 1bb91882c23061c4f4f28abca38c31cc47a94c24399052019e412a6d45f25820
SHA512 c8117f83f5a3ab9b93b65a900287e2a761d11fb0235acaeb081211e5ad1d0f01191d13b2306f74841a2fd6c7a00b639d6d4b48605e6d4a8636bcb71ecf2e107e

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ0GGVIM\favicon[1].ico

MD5 f2a495d85735b9a0ac65deb19c129985
SHA1 f2e22853e5da3e1017d5e1e319eeefe4f622e8c8
SHA256 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
SHA512 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0ptx2pp\imagestore.dat

MD5 b06617f87eafbd9ea44f959729f74ceb
SHA1 98469fba6c93a0824af6379f1512ee9a60c115e7
SHA256 aa05028ecbc417619ff99fdc70eb71f21707563ad99766d95ed9dab62dda8ecb
SHA512 1dbe4c3d7de9fa6b5ef6803c66bb7693abfcdbcb836547288450501a2e77b9304bfed5d111626e880fb786ca6730c5a2526fc220cd2a64debd60c99b2cd9d22e

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M2VO416U\hLRJ1GG_y0J[1].ico

MD5 8cddca427dae9b925e73432f8733e05a
SHA1 1999a6f624a25cfd938eef6492d34fdc4f55dedc
SHA256 89676a3fb8639d6531c525e5800ff4cc44d06d27ff5607922d27e390eb5b6e62
SHA512 20fbee2886995c253e762f2bb814ad16890b0989deab4d92394363ef0060b96a634d87c380c7ba1b787a8ab312be968fed9329a729b4e0d64235a09e397db740

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0ptx2pp\imagestore.dat

MD5 729ae988d57aca4e4c605c0be8272776
SHA1 4d2fa542c5514e552ea98a102b6e2fca5641ac3e
SHA256 2e118e091dd7d36409acba96b42c08a756c3d2037af099f7e8cedf1935a4f43c
SHA512 9402c0507837bd06958c1768415f809b1d5b8645cf163604e1fa3262d3f81c96e96d4d1d717a46a18f11b33691ce4ac41d428d8fbbd26bbf0aa1ad55881d6c04

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W79VKSP8\favicon[1].ico

MD5 f3418a443e7d841097c714d69ec4bcb8
SHA1 49263695f6b0cdd72f45cf1b775e660fdc36c606
SHA256 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
SHA512 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0ptx2pp\imagestore.dat

MD5 23057403e3bfbf6d86b102742ff1766f
SHA1 a7704aec1ce18e6043630da79357212c09e072f4
SHA256 23f2d2a0f6303a6c6db5103c61d9fd3c3c4ad65c4a61955fe679855ba8b1954b
SHA512 8d08e1d7cf210892b916985536a268222b3a16cd6e488d71dbe936979dbc9a385c72a00aed0d2c23147f2c62c8d24d8145b563549becad9f19f06cfa9f764098

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7f1d6ccc1efd9a6d06826e8a22bd1aaf
SHA1 ab53b2f9430231bcb27c1206c9fbddb14297020f
SHA256 f3eb48ba3924fce1a57053156a5de80e21159c6d5ed9676cfc6fe46cdfd58de9
SHA512 a8f1c72ba7df3cbb86ef1393539064c2a35dc3077f9d2edbb08fa452ed75d7ac52d1f6f324127937663fa5b3f390a8b4b290c28835eb833ed02844e138b7b195

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d30e175c8c485b82a8daa05ee1a72964
SHA1 ceb73e6041ce6adc66ec970eef79a076b10ce94e
SHA256 073ca5530b9d7a04707a0daa104277b33c2afcdde3941a8a76966bcdaae43df0
SHA512 7fa82259a6458e4aada38789fe80df9034442144ee70e1547b5c7f0c03228557ccefda9ed1d36e59b850466f3228ca51395c3e9677f1f1d9cc00dbc1ff291c3c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9d4381fdc0b90015a75397d440d77a75
SHA1 d8b531be9be3f1e857d85d88411ceeaf21b702ad
SHA256 486fc889e28b0d09a4be0c0df558c5d07314b09f3579fe14508719464246164e
SHA512 9af807c4b657d9b51f661f8ee8baa8c742d3093115bbcf3cdba5f62f50e47e441f66f7a51f280647a85dc0c76cf2c9b1bbaca481c56d4973896712556f7fa080

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d68c03bed77e2b93b020e86b7189118d
SHA1 62acb1250d2244d1746049dbede9ff148bdece83
SHA256 d727ab8e95a9deabfc712bad692b91ebc23b9b32bd6de82a745a030a9fb5a219
SHA512 1ab51bcbb126d0a4f9838fdb435fbb40f8510b65fd290950e9fcb053a47b1a8de60594478b8e28debcfa71fe636783c4b5a5ed55f83b6967a80d89a7d22480d4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d82622221c28fe375069c41486e5f0bf
SHA1 3fd98aff16031471ac51ec683d386701de7ee161
SHA256 c4459449b5e78aef06389f2123d2f5ad8e8dbde91a4893fb210836e58d8f98b6
SHA512 ba55e9f6b48d9fc6fd84719e9df1b8e6dcaa18fe9796b34c42c85a82ae8bf7c4862947b8f9c88eb7033f3d14069d8b4235b8e7a5b9eab528382a85e0dae63bc3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 40b154d3e8b3aa709c275efa91994886
SHA1 67d5ed6220166a42bc3fbbd9550105a2ae50ed3a
SHA256 1610fc68fc5481c7e1082177f45d0211733ff7548bd8b45bb0f5120a72aa0836
SHA512 68eee2e9c29ecb99ce3a977bb6e35de6d6c8250e591bc16206ad98d5e129606f82b678f1369ec2b7d72593a2a2365a4ea0107902cceb3e09d4002ae4e0412afb

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2bb905cb54fdffcdc5ed0a6b7b6e08b1
SHA1 1d504fa7f63a2e779cf069263c209dc6fe56147b
SHA256 749a4807ed474c4a18551ed4b33e23a474a79b1c5c572cf6cb99a0101826849e
SHA512 4d808337d1906f6af3ba0f5e0a00de27b878d9d61bf9e754d32d349b0dfe89e01e95fc6e0c1be8ed0bfaffde338fbbf160425db2c75601c0d60d7f3788671c9c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e05b5b3a4b8f1db2408dc137785ee6b6
SHA1 ae16dac6a4cbdee811a4cbd7be6ad3f39f7c8cb1
SHA256 71078ea05cf2199057abc8849a10563d0dc6d313ed0835292fa9300d00b4978c
SHA512 074e30135d969624bb85da65618c301cbe345cbe3caafb5b8af27efb52be69b027c998f98c43dbc4729e3aeda5f003b93f2abf81e4a2ae70a19268733c92f874

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a9873603c4254c1c06f9f94876067c6c
SHA1 a2292a07235c037758712407125b8f0697b6dbaf
SHA256 d869e41a5b5bddb3e2b733f78c3f7d84a760c1591cda25df9b5bcc1136809068
SHA512 aa30c389133b9f45026a1d7dd459bfa8003e80955eed1fdd4fca5e86f0c257530d808b1f96853aeca80c13a581bf46022a13a17de29fc55dec8a7548281fd44a

memory/2040-843-0x0000000000B50000-0x0000000000B51000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 6ceed0c88ffab51ae4b831f53ba82b6a
SHA1 3f6500fa70a8f4fa4506551868ba008b23e3d6e4
SHA256 6efbe2390fb6d125e1d4d26f2c4ac6f9130a3dfbff7da0e60f31a9e11d697ef9
SHA512 0bd942ee8e7ca33fff6611e6658001480b707137cac3932ef73de61912caa26eea6479aeb64f9b87eaf306c3dbcabd07d1528b16e11524dec4b3dba7e3c2b2ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

\??\pipe\crashpad_2032_HUDOTOFYQAYYVUGP

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0fa8108ef39ccc6ddcf83f0dc7465bcb
SHA1 be1a3a819af920cb578df31d95b27bcfebb6e309
SHA256 55fe7be3aba62d0081f8e4db1eba16b929203521fdad822973094ab4fc2ce4b3
SHA512 7ff74f45d6d08fa4ddc23fe36b427386560d25dac62e5a3ca34bb3ec52d2e44d93326c962fc6e0af24337203d04fe5a1a5999259374a8392c06aafc02c3d99fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\0ea44d44-04ed-4bb4-82f0-1fd578afd17c.tmp

MD5 7afe6bd43cc640c5e7c0a2097789b223
SHA1 41d5763aabf221dd06bb55d4592b27f3d3a869ad
SHA256 ab5b62d325587b68cd77c1b1b2a848551d1a6327675bf7e133faa53d07794b92
SHA512 d889f95c2c3894ceca985e8e0e9134417621c206103cf94966710912b67107e3cbdb6314bdc9265f85ea948ce19af4fe8d8957138e8e6967108fbf465d121a5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 8549c255650427d618ef18b14dfd2b56
SHA1 8272585186777b344db3960df62b00f570d247f6
SHA256 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512 e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_DEFE6B99A4F3DB39CF646AFC270A09C7

MD5 55e01414d80ecf6eece51ab44b12328f
SHA1 6355b24f1391674d2e5b7b661c90d43e15347c89
SHA256 8c0cd130e449c049237473eacc451fbb6f094ec6b4e9184ca5abfe3e7917b99c
SHA512 f7c4dd32c12699e5b1b67c1190e459fc2d8a90adfca7928e7f3fccf6d2f8c795cce74ca0cafd7cdc6ca316004d4a6dab84d0108124a4e308cd66d9ee3243e165

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_DEFE6B99A4F3DB39CF646AFC270A09C7

MD5 f9741345bc1316ff84162c6d097e33b8
SHA1 0fbcbc8ef189f1bfa49a4abbfcbc5ff38646e114
SHA256 ffa6ad2c80eb4ae824b4d220206e85e062550e98ab81df19995efbd87292fe0f
SHA512 33ac18317665c5d73a24ff064102d933248843fb34bcb0ed8eb36e5082e51c1975bca1abcfb4f4c351fcecc6ac96784b29acaf6142f588b2ac58903ad1ed7351

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 5252066f674ab70eaa9fd575b45d69bd
SHA1 942d0137d5882feced7f8059fbba819a2defc9fd
SHA256 38d0f640decb673e79f7d2a16d3dc058d990fd2b102d36d7c3e57f0adbb4fcd0
SHA512 6448c139383b7572b881d1fa1c6dfccd11906ee9638c577a9efde4050b8977cd037599d9ab59ca625a4991336c9b7a80925138f37eac06aab0a5a18773e854c9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 7f818f433f9c7a2568b86d58e7c7260c
SHA1 94f26629cd39cf2f75e921662654cf2da30c08fc
SHA256 c7661a159d5d7a1e69f0c9df2083ca52c9103f1125569c2300d03827e9c99448
SHA512 6580a5c256b699e496b994723eedb1b97b17e81e6348406d5f3ec98d3e29b5c332e1f75dcbc2279941927ab2b373e3e3ce9bf01bece9a2159b1dab9b422033ce

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486

MD5 a89819593d326e7891db3102487f18ba
SHA1 e8972c883c57976a6a6e676a08b488abae9c82a7
SHA256 07f033948e887c74df5ee50ae72c287706f58e17a5b9e62635c2d3bac3f02558
SHA512 642c680c0813b4760442e504a8ffcc4bbec65c9ec22608f608992c6393fae3525c00709e83de135511f14709ee51ac82c662cd1b26a5f45f9f2b14ba2590fcd3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486

MD5 d0ea9f8cf4e988a7338f8b6c442224ad
SHA1 7417024a3a21335d9afef02cdabae3de2d53d8e3
SHA256 870defe151ca491445360d16b6f6776636ba1e7adb2c5658b09f92cb816c0578
SHA512 7b335ad10b84a9cb9c311e584418a00966eb39d5c6b4c1c7ce31d3bc03729652e98c39c004efe3941fdac805e7939d095f4ed477240081a245dae54a197c89ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C

MD5 0113178bc5ae00735f18dfa81ec6645f
SHA1 b4935e7ac9c639ac709262d69a15d0a1233f126f
SHA256 faddd603379eecd69ae7fc7acb713447afd75fd4f46bdf1b32c73c43bd3435c7
SHA512 64948388eed7d1631f2b110593c2be7d78eba94bb03972e68bdb1091329cc6334be4baf4dbfb44c4a0c63a3704e7e5fad5008f0693abd2d57e920efc8b609a8b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C

MD5 84b5ae65988332e879853d7b1d12ad31
SHA1 f24cdd0163ea66978952d2b8dc8713c8dd719936
SHA256 3a22c4f3662219f45bfb82933d2377d669a2479bca1f2015fa64b7a06ad82ac1
SHA512 1ed610cd891e727d5864734da94f0cc920b909e752fe4ea7a4eb324e348d290060d4f9f05dba775a5413be95d2a16d4302dbbfef4862ab4463fd5b72e51cd85a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\datareporting\glean\db\data.safe.bin

MD5 d42001764fa1e3d57204bc400d15795a
SHA1 9bb3a7efac6de5f1a8b0742312fb0f3a59b87f7f
SHA256 7aeeb5615f02f0650c82ed1986c4eac4d9a2d73bc5fe9cad25fa1b0569f4f2e7
SHA512 8bd5be35d5734c7dae4937ec8996e4de5c17924981eeba9609c6b563118c3d35b16aea6883e663dfb9457064514f9568829faffc61f9650d1e2c3b4377ab16da

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\datareporting\glean\pending_pings\f596cee7-5b15-4d7e-9804-46390ce5937e

MD5 dac4656662c6a76fd8ab7737a481431f
SHA1 294ee0634387a5931a798b308bfde0fd0524c86a
SHA256 be8d48ce3f71318c05b49369335f558ace24fb2145c7020aadea75b1256e42a1
SHA512 183d60edfeec90bf7a6551583336fda0560e4549d3998bd06c00df23f71aff693d0a7fedcff2ad43f398c09dd8dec4ca85b24b3cbae27c5e710755b22daf595f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\datareporting\glean\pending_pings\b91e96e0-dba3-404d-b3be-60acf630652c

MD5 15e69a18ab850a750f1c7af588475571
SHA1 9dcaf6ebd960e93a7e6d7644ffd02e20fe47e8d6
SHA256 b31e5ca57a9cb26b5cde7517a75dbee4a1ca5c732b307cad3d0659afc3d07f18
SHA512 554d5e2ed210525d5b7ded541e0b72ba4bb25706bc77362605f97faf7be684232cb98726321f3a9172c1ef32696a7b5c495c3c14f242c36be69f6680a08c878a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 19be8fda4eb91b2b3fd5175a0ac55679
SHA1 b6948b0497a2e6e5231b2cb2d87c91e0a7d21804
SHA256 d07b6f4e6a032b7ffdfee443424903627547707d4efd9d7ccf459e07288281de
SHA512 c79a662e79a0b8532a180f31925d09b85833d4da69f5f6614f0dabf8174579da12c63dc6774b32b8d858b450311f1fa3bf7b33936d52b44a354587f7cb63a210

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\sessionstore-backups\recovery.jsonlz4

MD5 e27d66e587011de907a14a31343276a9
SHA1 9d74422c74138352bbe1d488ce811ade81aef139
SHA256 bf01f63706b8b5e9fa6d132762db43ddbda9e2c1e36c92dbc5fbfaf2ca1f3bd1
SHA512 85c81b9b9408012bd562cfadc4ff475ff14f8bc05fa63ff86c37c8706b7684347a5471065baa5277811cbb14a6876dbaa3f619cb008406af9ff9e9ef889d7c88

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\prefs-1.js

MD5 15667c40b91a8a960566b269b2971c97
SHA1 ee0f8e4eb2d806b25fbba21c392c363f6b30fd1b
SHA256 dc1ea2ebf0f1b47ddca524737b0d730f84b256aaec93e84d30230db1f24792e5
SHA512 303731ee9e914e21544a6315c6fe44fae1a4d809c72f68238a4fa016596ce1da5cb52115bd49971b6baa38ee28f3eed7c53e6cee3819a27daf223bee698bef00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf7702af.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 d256987fe218f1273bb6325012778737
SHA1 7827e3b2e92570747c7e37adb7c226e34487447a
SHA256 f9ed874468461f0cc171bd64c0334b56e93e8296417d4e7f8def5e75244da771
SHA512 1d3d1f4c0d7ebfbfb9e9a65ed39ca05e5391a7f0ce8fb3bfcbd942964722889c992d7777228189940b5b7a04b83feb5705bb4acfdf827da895dbed41a9fd1c08

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\cache\morgue\150\{a116f1b8-b8e7-44a6-87f7-87d92ed8bb96}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\idb\476796039yCt7-%iCt7-%r0edsdpao.sqlite

MD5 a2fcbb18f677c3fd0740ae77e568567a
SHA1 3aa8659a2e612d304742cd33e10975406e635e48
SHA256 35251c7a4915397aff72dd24790bf67d7e29d4295559ea12b40237e155159208
SHA512 007db810f8e8254cf60bce0826d81683d406961e4dec2a7979bc055a837e367eec4b1a69dddaa02400d11e0059f12646e8e7e46963f6e58faa2b070866198ea5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\sessionstore-backups\recovery.jsonlz4

MD5 473d8585b71dc2a2e5c812465339c514
SHA1 1696b6e05b1b8c93b7009e921375dfb830977a22
SHA256 a0300d5bac08196102bd46bbca4e8347b9d2d5d85d004cd52b1978f6654b9684
SHA512 e6b60938d80d9a8c19c1c2403b4a675dad2efc51f49ec60ecfa789e0a76dbeaf46ec04c8e7dc2a2659795e91a0fe8ad442fdb68d3ca85fe88375fe696db758e1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f2e31323ef7b438ebd4b64db71fa1b57
SHA1 7d71cf5f592b2b695d1b044b547a402d15a1a4b7
SHA256 63699e6ee5cfed9ccfa68314cdd737efb9fe73a91b92c33222b5c61a1f3b543f
SHA512 b7ef86a200b83bb55b6edc22e097d86b291cef678417ffbb0b413d90ae919dfba72010b686d33cfb700a7f9a14e830ba612a21b7dac6b85cee7ad8250ce45a2b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\cache\morgue\76\{acb271dc-2ce2-49dc-adbb-28b726b6634c}.final

MD5 51bb0fe00991a2ae6707b3aefc583918
SHA1 21ec201ebf41ad57faaab02f7961ce5a746e6dbb
SHA256 97dc140355b2b45b54c3dab1ac66b951afae0bc742402cbc342be117f4424e0a
SHA512 41863cc0f1252366a5514dd62a06f4bba493029b8c7a35e19173b6d7f9114e7098fa35d284623b6641d28f7d7bee1ce99064987afc985dbf0354368f71f9a39b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\cache\morgue\39\{27be7fc0-c87c-4696-8ed8-543736fa5e27}.final

MD5 45e25bb134343fe4a559478cd56f0971
SHA1 79f18ad0b7e3935c3231ced0edd8ea3c7997ca93
SHA256 dae4dd8e56ccc952312b3b238a1db294d4d7ad4f532c31cd1c2e5f9dee881678
SHA512 9b32b125c4183fe992630bc6ce9a511157959556fdce53f8264aba2aa8fb7b0e53b408b505da2cc96cdec771470927e74cba3bbd6eb71a5077e9f933cdc85292

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\cache\morgue\73\{c312c750-d237-4718-8e73-e4624981c349}.final

MD5 5b0f165bbdb71faa1bb5b26c4f022e96
SHA1 704bbe81e0d8370e675246e1cbb347bf8599aa45
SHA256 b95a445bd9d295276e8423f1ad3fc50c740512a634f2115364217544bc87d44f
SHA512 6c521b2c55135ec98f79193bf9c62b73cfb1801cdeed03a9871878f677aacea46cae165a4290682768ca1c1192dff2e87b63c39228164d72d2c7abbe732f8d20

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\prefs-1.js

MD5 2051e4c61a9fcb2e03c82aea0fd097ca
SHA1 e7a8e6b8b43d532797babf938db2cdb5e1bc6020
SHA256 909638eb59d59ae25be295ef452a25cefc4351b09d6b7808ec8eee78237e802a
SHA512 7c05a4e856adf92cd4895bbfdbc1445b8d253cb0120e50b396c6a7655153b35c887786811de40b49746f9f74b4ba674932eca6f78f0efcb5bb3dbc611e2fa550

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\sessionstore-backups\recovery.jsonlz4

MD5 38faf341fbe2081804ee9453d340138a
SHA1 84253c033be0d51b9f6dbc698b1b5fdf5233ba02
SHA256 b93d47352f3cb7ff9e3e18b06c2772cda321ba1f81c756ffbda53d4beea98be7
SHA512 4d6c8ba188c827becb87b43af54709d3f2e9ae555d45a41047894fd909a6aa816f37304e2bc0bf076bfba4e24d0aeacd0f350a8167f728ecdca58ac527c75ab4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2f7162fb44e6c4f30e179979f84136bf
SHA1 5fba91c819daf2c79d06a85ec7bb01c635d0cb57
SHA256 0be9fdb7322b5b8a68f090295bb85eb2e5645a3f97afdaf41b55d2d521da7aa3
SHA512 73cd10653ef1a85bf03af5c82189b4962abe00e51831657709e72bc21ba0d93959c2ddfc03c28cdfd4d22b9650aed586045fd880f4fb51b9585e5bf0f7e6ca81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 84d1b00e644bdb98a592a88723750fc2
SHA1 a5f905f2eb5ad0502140df70e5de3442e2a7e68c
SHA256 9c019a173715291c12b5185d5f5381e8664e14fa5e1cfdc6783b54e9856b1f4f
SHA512 f7fd3ca9c3ea9bf675c842dfa34fc96a0f2df4dbb6165c1586650df8806d10ca2b44e4e05b04b92af3b381d03af1ce42a4e85d83df20c0e02bdbe38355d083f3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 940809c21cbd6ce1aef4f819c186daed
SHA1 839a3114b245b43c520ada023ace86521e5d2cc9
SHA256 d84d027cf6fdeb75f14bef2b77efd56968995feaa61a27a3312f6ce72d7cd65d
SHA512 5db43f09c691dfa68df295c8cabc4c2482d937877adbedf916b2e2033746b5dffe0b48c07906d4d1b43a901d32b52dbe3edbcc18afdd4ee1b84da6f4dd28af17

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2f6059597735f54727af1b90de07bdb4
SHA1 827b1a66cd6f1bc7f5ba7ca0e946222d3947093a
SHA256 1bd35d2d41fc9c4603a3fc6db16b6b8e204331f24f6c1bdf0505ca7255e09352
SHA512 77e488213aaca45100882c5a2ead55fc754e34df8435bab8260317c8854304810e46d8480b13bdd2d9649b8f15a7c6cc340abfd363cacd9e5737700532215dfe

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9d7e74016e50d9a5f98544c34629a12b
SHA1 06aa7f3556aca3d56b39db747f3c0e4bab2efef5
SHA256 d9a7bda544cd34eabb91a07d5611ef01d2a612d5c027c1e4edce17ef8766821c
SHA512 93309a3ec752c6f62474e6df4c578913afe2d39f26ccc8b4a64f3fed6ed9e03d1954988e03c2593bbd8c81467057dde8dafbd7f510b14b9795562d959c43ee6c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a74cbbb32df2f203c84f1cda2d453bd9
SHA1 7ad48dbf4a3497bc3aad7ccc0207a25a7c19b2dd
SHA256 421e5bb74cd5331dafc3abe0c26e6d4e2cd26a11db7d8064602e77b4cedfb564
SHA512 330220a2a099df7a6461200bb4ddd82b7820d614c834f983b5d7b08e0906f2c2e45458bbd32ae8e4c721823d389a221cb0ca600a4f7da10578eec2598417fef4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b8ae031c9e7fc206c168ac0e2d527ff4
SHA1 9fe3e1e3fbc4ec0b4dd421c0ae1d7a60de8da005
SHA256 2e820961fa9e1d00d71e1b50a9255f3fa42a82c23b57d75618d96445a8babb58
SHA512 7fdb3d6440ac64c09805f0e554f5c35658316462e1eaee4130cdd0af3c8b01c8b026a322f37bb1efa7d7e81cb75313b369bd435fb6f17858860547efef57109d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 69eb044e6fc9fcdb1fa6023fbc02dd42
SHA1 38baede1843d40424ab955a13ae5b41847305698
SHA256 26d8d1eece884c3f12ed3dd9e5c0627b0a9d1be295d0decf600ae82e6a17406d
SHA512 a7be095ce5fc29d60f54936ca1cc69c7b3c7ac3e60ebbfdb1d234a6dbf6665591db1b4ddf1b826a4b839b91cb6b710159881dc1f497dc9deee17ec972b73547c

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 629031fd9562d4586a9c4ebfe43e60cd
SHA1 e973836dc447edafe82b856027d6987785a8bb6e
SHA256 7b411c61b48ebbb40c886b5193304a477f4eef0cc2579c49db3cb5b40e568759
SHA512 e691f4fc14929f352726646300143c3b88f26addf9c09fbd79db2544e57a487180a2a6929416c304233046894e6ed556c78bf46839f335eaee51f44b87a712bb

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\prefs-1.js

MD5 d355587e85ce926345a1d6fa5aaca99b
SHA1 aabb0371e07d813ee91db0ce55db26720e064cb1
SHA256 05a941332455faee74c7f72b15a5475d3c38be7e0ede9356b48d2942e4d7681e
SHA512 77d52213a8f59a6880e20fd16e555d4d495054efab75fe84523cafc11f5e917ebe726e26a4e2fced259adc99acb085ec66612cea6c75e3f656e0de23f8fdabff

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 4e972980229492ee62dc9a11bb1df1f2
SHA1 2639b25fadf4a5adac6f0e9b9a7efdc95ebd9d06
SHA256 a9fbfd51ed6d66d7a8a7dfefa9578fe14f4a8be814a56179d6cebd4c700afb3d
SHA512 2df129314ee08b100304e14b1e8afe5e1f324e1d607a4e174bdf4c4a291fffeb98f79589e9dcf176a9ddeecad5e39c2b527c00e504e82d5c1e62d98b9f5655bd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0ff8d7b687cbf9402d5f9ab2e4e7f8bd
SHA1 102517c4dd477494a8294ce18da67a5545160205
SHA256 0f981048c6b4318ebf7d7226e8522ec98cd55497502882c13720312c9a8e0aa6
SHA512 3bbb9140be9eac95c2a9b805899400df08ef3080152edda2f241d6162f56d5783414d3e6c87bf4cd1f143c7ec87ac3af4bde23ca90000ff902a5dc2bb2100e88

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 22536c16ce0ac3522944d1ef45cfe86c
SHA1 b8229710ae702d39e7d68fb8c8fb0a66d4dbd8d9
SHA256 fc86c29da80b2842bee175074361be734c29f54d2fa956161ddaada5156d98dc
SHA512 49f4497a92be71a39ca0b4eacf2a0ad9816d1377b2968dc9ed8155a040d90e498d214d8cc8b03ba002c11a92b19532f8ce334a0fdaeecf8e689faca513d26490

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c084cfd721cb773b43779079a8cf6c44
SHA1 b1b4f240e50abe486d7d6463075ad8ee1f053616
SHA256 4f07332902b1e2416208e155e2f3e136e4e7eb9ad4bf45dbd5f81fb47590dee4
SHA512 d56f99eff43b0912579bf388531ed32006c94557d173c8c35f0a4a0265b23716e892f04400a1802a7676f5c3d53bdb5954de4db6eff1ff31d082f91db1a80eac

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 f1bf6900710e8d9a9181b139b060cb31
SHA1 a7573afe3b61268d2ce3606b39bd4f8035c3ff96
SHA256 db1a512830b0814d6b90505c74df48a2305fcb311168590b9f41d341d96fd5d0
SHA512 f96ba4f3b2748f865fe0de5ab95076afc37c2bccec3fe4c5284a37cf9c70055492b5e622c548278d31b25bca7f99990463dd6df8d7309de216652088d4b843fd

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 d3056a61629f678614486629894a17df
SHA1 24dae492bf7c27825de5d7dcf800171f67c787ae
SHA256 bbd588f1a94cc5bce53ab7d1d01ee3c5501d5ec5eaa0112fe6f7d75ea076aedc
SHA512 a641535b9260a3044eae17a96d7f0d001714389eb5d7afea392ee08aff0724725687a13eda16dfc16190947c00ff8abfc8453cee38a1741887222b5de739dd08

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\cache\morgue\3\{2c33cee1-ae6a-4610-b7a0-1e00cabc1e03}.final

MD5 d0d1672cc7d147f9f802ebefdb01e914
SHA1 22ed7eb147f695ec1df8ae6f43cb7787dd0ea652
SHA256 62efa98b135e5ef8779b99489ab8200b60026a5b1000ff3c997f3be230febe2f
SHA512 7f8ef8af3f57a6aab90ccda6ab1079e43630de11d14a780786a1b0f1ab057d7cfd5ab512b53ecd8ddd1bcc669fa56a0c260b2df421db64e3855dee7d63251a68

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\cache\morgue\122\{014521aa-7973-4518-bf1a-ebc1da11d57a}.final

MD5 7981f433590b9d8b8a3ddcbd9d4a83ed
SHA1 58944a6101a8cd3e37574d26f2d03638c0fe2b2b
SHA256 097ca92e3fe122231764cb6d23deca18894c83cbd4128b39e925c88c061096b1
SHA512 67e541767b07de4f4a1b88b13c5ae2f0b0df41c09b22648d8681cd7e7cb2cc7d0c15f685f8d6165317fa5956687f46731867892d3e811b78a9b6df2eb3565d4f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\sessionstore-backups\recovery.jsonlz4

MD5 617ce1b730a464ce8f2795e9174d5cfe
SHA1 fb88490769c776752eca26caf0967b74eec03678
SHA256 5be742ca9abd3fe53fd5c78cc700ea401ab82569d0a5f38cfcb403235efc6472
SHA512 09e1de877f93fad262df30754d543d987e52c4e8061b08d975f81221e1d41f15877f788705b503889ef03757af02c86b5f0857a92c8634fba6e195bcef74edb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f116ec14fb0f96db3276d6681bbdd489
SHA1 0ec38d4649fd7d37c256000a07fb3f3c3e2ba797
SHA256 e93a8d6ae02b16678ddb8045bd9bbd23c04c1aca89ca7f3b01bfd8fada13e870
SHA512 49b24bc2e26a2eae4d26d1aa4b814e2b76fbf4229820982ddaffa4f03eec61cc4ff787d2f1229b20d93818adf7f7149edd86cf5272b63914ef63f76a5a77a352

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\d2e4fcf3-912f-4982-bfce-f478cdd6c0aa.tmp

MD5 2413aff8f143e96bde0f4f95d0f8e5b7
SHA1 ad6608d231919890f23843539bbfcf7c599bd90a
SHA256 309397ed9fdae0c119c05b87da97905de66147cd5007121886601a2953283a85
SHA512 5b708a03a523d246d7d18abd61e70d3be5df5a85624a479d902f299f3e171fb1520182ada81b680ac0de2530fcf59af78ede521002aa838e40a92e83a4ef3aba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0168fd1ee991341c0a2f6ce5cd92d2a0
SHA1 a2b0350271f8d57863f5ff3924b1076d78b50cd2
SHA256 a19e3229d2585a7e731b0fd6c2d0676823b86ba61faac4f64c96986a431185e0
SHA512 54dafb4d3a90982501cd962bd05c8befc33ddb69ac8e9c7f26c8592e65072f0bf7beea4376d640b28080a3e0455541d79eb86a2de67ebee90cf2448be0cd016a

Analysis: behavioral2

Detonation Overview

Submitted

2024-02-07 12:53

Reported

2024-02-07 13:02

Platform

win10v2004-20231215-en

Max time kernel

150s

Max time network

159s

Command Line

"C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-983843758-932321429-1636175382-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-983843758-932321429-1636175382-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-983843758-932321429-1636175382-1000\{2DE51349-89C5-4204-9C10-0E1A98E87E67} C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1212 wrote to memory of 4624 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1212 wrote to memory of 4624 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1632 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1632 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1212 wrote to memory of 2644 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1212 wrote to memory of 2644 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2644 wrote to memory of 2180 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2644 wrote to memory of 2180 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1212 wrote to memory of 3604 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1212 wrote to memory of 3604 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1560 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1560 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1212 wrote to memory of 4496 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1212 wrote to memory of 4496 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1212 wrote to memory of 3040 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1212 wrote to memory of 3040 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1212 wrote to memory of 1264 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1212 wrote to memory of 1264 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1264 wrote to memory of 4636 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1264 wrote to memory of 4636 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1212 wrote to memory of 1872 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1212 wrote to memory of 1872 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4496 wrote to memory of 1552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4496 wrote to memory of 1552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3040 wrote to memory of 4560 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3040 wrote to memory of 4560 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1872 wrote to memory of 3864 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1872 wrote to memory of 3864 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1212 wrote to memory of 2792 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1212 wrote to memory of 2792 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2792 wrote to memory of 1432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2792 wrote to memory of 1432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1212 wrote to memory of 3560 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1212 wrote to memory of 3560 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3560 wrote to memory of 2056 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3560 wrote to memory of 2056 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1212 wrote to memory of 3128 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1212 wrote to memory of 3128 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3128 wrote to memory of 1724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3128 wrote to memory of 1724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3128 wrote to memory of 1724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3128 wrote to memory of 1724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3128 wrote to memory of 1724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3128 wrote to memory of 1724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3128 wrote to memory of 1724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3128 wrote to memory of 1724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3128 wrote to memory of 1724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3128 wrote to memory of 1724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3128 wrote to memory of 1724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1212 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1212 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3068 wrote to memory of 3504 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3068 wrote to memory of 3504 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3068 wrote to memory of 3504 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3068 wrote to memory of 3504 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3068 wrote to memory of 3504 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3068 wrote to memory of 3504 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3068 wrote to memory of 3504 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3068 wrote to memory of 3504 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3068 wrote to memory of 3504 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3068 wrote to memory of 3504 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3068 wrote to memory of 3504 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1212 wrote to memory of 3728 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1212 wrote to memory of 3728 N/A C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe

"C:\Users\Admin\AppData\Local\Temp\8dad1b9270c6e3b23f1aa722ddbe0b0af782f2bd7a53fafe0f203397285e907a.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x108,0x10c,0x110,0xd8,0x114,0x7ffc9eb446f8,0x7ffc9eb44708,0x7ffc9eb44718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc9eb446f8,0x7ffc9eb44708,0x7ffc9eb44718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc9eb446f8,0x7ffc9eb44708,0x7ffc9eb44718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc9eb446f8,0x7ffc9eb44708,0x7ffc9eb44718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc8fb29758,0x7ffc8fb29768,0x7ffc8fb29778

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc9eb446f8,0x7ffc9eb44708,0x7ffc9eb44718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc9eb446f8,0x7ffc9eb44708,0x7ffc9eb44718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/login

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc8fb29758,0x7ffc8fb29768,0x7ffc8fb29778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc8fb29758,0x7ffc8fb29768,0x7ffc8fb29778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2880 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,6954818690839311005,16350726657526474513,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,6954818690839311005,16350726657526474513,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,8543566514901075597,5140450504473668000,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,8287460050823215745,5803541822560167348,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,8287460050823215745,5803541822560167348,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.0.345661995\177682618" -parentBuildID 20221007134813 -prefsHandle 1836 -prefMapHandle 1828 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ef6ad4b9-a3e1-4077-89f8-5d74551c9b69} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 1936 1e07b007658 gpu

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,7267171954199502844,8215104652805931452,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,15397474022004982523,3218888938503400529,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,8543566514901075597,5140450504473668000,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3944 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4364 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4532 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.1.1686942917\1009093830" -parentBuildID 20221007134813 -prefsHandle 2364 -prefMapHandle 2360 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4fe5a5a0-564b-4f92-9bba-200d3bd03924} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 2400 1e06d471658 socket

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4236 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5716 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1728 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1760 --field-trial-handle=1968,i,17790365944123743968,5533232370222941783,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1968,i,17790365944123743968,5533232370222941783,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2248 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.2.1762735834\692366380" -childID 1 -isForBrowser -prefsHandle 3096 -prefMapHandle 3272 -prefsLen 21603 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {25e89fc2-fab1-44ca-9efc-0a6ace1c4476} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 3444 1e07cfd5b58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1960 --field-trial-handle=2000,i,12662753662629791651,5682612168969130816,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1660 --field-trial-handle=2000,i,12662753662629791651,5682612168969130816,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3124 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3100 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3528 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3900 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4924 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.3.1057944048\664491357" -childID 2 -isForBrowser -prefsHandle 3380 -prefMapHandle 3416 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cc487adc-12cc-47aa-a0c8-e3e33791443b} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 1748 1e06d464458 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.4.983487217\1225028296" -childID 3 -isForBrowser -prefsHandle 3884 -prefMapHandle 3896 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5cc6b533-f545-405d-aee7-c53bf8c082ab} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 3924 1e07cabb158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.5.1322491517\2116747414" -childID 4 -isForBrowser -prefsHandle 4588 -prefMapHandle 4672 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2425d9bf-e61e-4f43-9015-268998c96430} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 4128 1e06d462b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.6.478452868\225864628" -childID 5 -isForBrowser -prefsHandle 5116 -prefMapHandle 5112 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f695c62b-73ae-4ed6-be81-10dc9e0b4006} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 5132 1e080252858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.7.1780636630\967362349" -parentBuildID 20221007134813 -prefsHandle 2988 -prefMapHandle 3108 -prefsLen 26381 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5ef21e10-a3e3-4329-9b0d-05834ade4883} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 1744 1e079f20b58 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.8.139861896\2024103830" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 5756 -prefMapHandle 1744 -prefsLen 26381 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a8f3e8a1-5a7f-4b73-ad57-5527d06e8f64} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 5764 1e07db6b558 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.9.1432308405\1615456828" -childID 6 -isForBrowser -prefsHandle 5948 -prefMapHandle 5952 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {acab0253-9940-4fc0-b908-3164d8f01c10} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 5892 1e07f741558 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1884 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2576 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5628 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1868 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.10.568270997\1310710477" -childID 7 -isForBrowser -prefsHandle 3200 -prefMapHandle 5920 -prefsLen 27337 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6a47b4b0-dea3-4db3-889a-6c1ac085497e} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 6004 1e079f22358 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.12.620772080\948124085" -childID 9 -isForBrowser -prefsHandle 5704 -prefMapHandle 3116 -prefsLen 27337 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {61a2ba9a-1501-4bed-afdf-a88c8b639648} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 5636 1e07cabd858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1724.11.989816383\52301805" -childID 8 -isForBrowser -prefsHandle 4112 -prefMapHandle 1640 -prefsLen 27337 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2eab274d-8c48-4657-88a6-0518660d1b85} 1724 "\\.\pipe\gecko-crash-server-pipe.1724" 6432 1e07b49a858 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,2568381249685285761,16121923763551565943,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5624 /prefetch:2

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5580 --field-trial-handle=1896,i,16445751154683401821,1035061232255641366,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
US 8.8.8.8:53 204.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 16.234.44.23.in-addr.arpa udp
US 8.8.8.8:53 2.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 81.171.91.138.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 157.240.221.35:443 www.facebook.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 35.221.240.157.in-addr.arpa udp
GB 216.58.204.78:443 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 78.204.58.216.in-addr.arpa udp
GB 216.58.204.78:443 www.youtube.com tcp
US 8.8.8.8:53 www.facebook.com udp
NL 142.250.27.84:443 accounts.google.com tcp
DE 157.240.251.35:443 www.facebook.com tcp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
FR 157.240.195.35:443 www.facebook.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 35.251.240.157.in-addr.arpa udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
NL 142.250.27.84:443 accounts.google.com udp
FR 157.240.195.35:443 www.facebook.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.204.78:443 www.youtube.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
N/A 224.0.0.251:5353 udp
GB 216.58.204.78:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 35.195.240.157.in-addr.arpa udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 52.24.144.241:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 241.144.24.52.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.169.54:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.169.54:443 i.ytimg.com udp
US 8.8.8.8:53 54.169.217.172.in-addr.arpa udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 227.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 1.202.240.157.in-addr.arpa udp
GB 172.217.169.54:443 i.ytimg.com tcp
GB 172.217.169.54:443 i.ytimg.com udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.202:443 jnn-pa.googleapis.com tcp
GB 142.250.187.202:443 jnn-pa.googleapis.com tcp
GB 216.58.201.110:443 play.google.com tcp
GB 142.250.187.202:443 jnn-pa.googleapis.com udp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.202:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.46:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 209.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
GB 172.217.169.46:443 redirector.gvt1.com udp
US 8.8.8.8:53 r4---sn-1gi7znek.gvt1.com udp
CH 74.125.108.201:443 r4---sn-1gi7znek.gvt1.com tcp
US 8.8.8.8:53 r4.sn-1gi7znek.gvt1.com udp
US 8.8.8.8:53 r4.sn-1gi7znek.gvt1.com udp
CH 74.125.108.201:443 r4.sn-1gi7znek.gvt1.com udp
GB 172.217.169.54:443 i.ytimg.com tcp
GB 216.58.204.78:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 201.108.125.74.in-addr.arpa udp
US 8.8.8.8:53 18.134.221.88.in-addr.arpa udp
GB 216.58.212.227:80 www.gstatic.com tcp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
FR 157.240.202.1:443 static.xx.fbcdn.net tcp
FR 157.240.202.1:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 facebook.com udp
FR 157.240.202.35:443 facebook.com tcp
DE 157.240.251.35:443 www.facebook.com udp
GB 157.240.221.35:443 www.facebook.com tcp
FR 157.240.202.1:443 static.xx.fbcdn.net udp
FR 157.240.202.35:443 facebook.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.201.106:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 35.202.240.157.in-addr.arpa udp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 fbcdn.net udp
FR 157.240.202.35:443 fbcdn.net tcp
US 8.8.8.8:53 fbsbx.com udp
GB 216.58.201.106:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
N/A 127.0.0.1:56065 tcp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 182.178.17.96.in-addr.arpa udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
N/A 127.0.0.1:52428 tcp
US 8.8.8.8:53 rr4---sn-q4fzen7y.googlevideo.com udp
US 173.194.141.105:443 rr4---sn-q4fzen7y.googlevideo.com tcp
US 173.194.141.105:443 rr4---sn-q4fzen7y.googlevideo.com tcp
US 173.194.141.105:443 rr4---sn-q4fzen7y.googlevideo.com tcp
US 173.194.141.105:443 rr4---sn-q4fzen7y.googlevideo.com tcp
US 8.8.8.8:53 105.141.194.173.in-addr.arpa udp
US 173.194.141.105:443 rr4---sn-q4fzen7y.googlevideo.com tcp
US 173.194.141.105:443 rr4---sn-q4fzen7y.googlevideo.com tcp
US 173.194.141.105:443 rr4---sn-q4fzen7y.googlevideo.com tcp
US 173.194.141.105:443 rr4---sn-q4fzen7y.googlevideo.com tcp
US 173.194.141.105:443 rr4---sn-q4fzen7y.googlevideo.com tcp
US 173.194.141.105:443 rr4---sn-q4fzen7y.googlevideo.com tcp
US 173.194.141.105:443 rr4---sn-q4fzen7y.googlevideo.com tcp
US 173.194.141.105:443 rr4---sn-q4fzen7y.googlevideo.com tcp
US 8.8.8.8:53 rr4---sn-q4flrn7r.googlevideo.com udp
US 209.85.165.105:443 rr4---sn-q4flrn7r.googlevideo.com tcp
US 209.85.165.105:443 rr4---sn-q4flrn7r.googlevideo.com tcp
US 209.85.165.105:443 rr4---sn-q4flrn7r.googlevideo.com tcp
US 209.85.165.105:443 rr4---sn-q4flrn7r.googlevideo.com tcp
US 209.85.165.105:443 rr4---sn-q4flrn7r.googlevideo.com tcp
US 209.85.165.105:443 rr4---sn-q4flrn7r.googlevideo.com tcp
US 8.8.8.8:53 105.165.85.209.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.35:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 35.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 178.223.142.52.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
GB 216.58.204.78:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
GB 172.217.169.67:443 beacons3.gvt2.com tcp
GB 172.217.169.67:443 beacons3.gvt2.com udp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 google.com udp
GB 216.58.204.78:443 google.com tcp
GB 216.58.204.78:443 google.com udp
GB 142.250.187.238:443 youtube.com tcp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.35:443 beacons.gcp.gvt2.com udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 168.117.168.52.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 576c26ee6b9afa995256adb0bf1921c9
SHA1 5409d75623f25059fe79a8e86139c854c834c6a0
SHA256 188d83fc73f8001fc0eac076d6859074000c57e1e33a65c83c73b4dab185f81e
SHA512 b9dbadb0f522eedb2bf28385f3ff41476caeedc048bc02988356b336e5cf526394a04b3bca5b3397af5dde4482e2851c18eca8aeaaf417a7536e7ea7718f9043

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 011193d03a2492ca44f9a78bdfb8caa5
SHA1 71c9ead344657b55b635898851385b5de45c7604
SHA256 d21f642fdbc0f194081ffdd6a3d51b2781daef229ae6ba54c336156825b247a0
SHA512 239c7d603721c694b7902996ba576c9d56acddca4e2e7bbe500039d26d0c6edafbbdc2d9f326f01d71e162872d6ff3247366481828e0659703507878ed3dd210

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 88979a1699fde16b4c698f9cd10ee87e
SHA1 8a61fb3cde8d379bb8a461a7be8dc2e93b5ad2f4
SHA256 d147732816cd1a5a493235680728ef3dd4fb9be1713d565f63d72c0cdbf1a898
SHA512 fe0de028e0285c3dd5c4e37be64c6a5985ead36423345de1eeb6d3f5d961a3a811e14878e9d3c42de87744be3b5ed32d07a78e78ce5b0eca4edcb6d84333e3bd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

\??\pipe\LOCAL\crashpad_3604_XEVMWNHIOQHECCLR

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 817e24f95504a53a8236e58a57a77245
SHA1 a712722394c2665e7ed22766f36a7a30d787cc1f
SHA256 7f14852c5a2b241759b736b0e3d2f4aa9a4fd9cd75fa077bc9934d43736539c3
SHA512 c9f91c0f334971d6e2fc634003549b758f53471eed2c766e9ca07745b733b5d28da9557a308d8657cc190dd9bcaae68c7717d81e94a08883a2d444c7cc40bc07

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3e7fe32a590902ceb5cca2943d9a553e
SHA1 044d92f3a99cedf34226cd111057019df2712495
SHA256 7b2e45405029f97add015a6cedd20cf449f80e9284a369f31c05d337ddaca534
SHA512 7693b6546d3b0ec5282813e93f66e6a242f536daab14446be60f9c2037376d8ae830e4a1f23968434f68c10eee13b616ac0412a0ddc1c881aee57e97ca98ba3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 66b453372faaf83632f90997ecb942a8
SHA1 57a5f6b118c6f1ed591dd1870e14c13539e4700d
SHA256 25cbebcdbb3a68e18fe1c46f0f52d14adc04f5bdaa2d87284377a71a35b0eaca
SHA512 d87c6b6b88dde139d374ced5d4231e00fbfcc002fd3726ddde378ca6613bbafad0bfbb12cb25f6da552c3a8a5b3319760d8932d02c2cea6ea4a74d8bc05a7943

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3520683a96687c3becf960b0b3ef087a
SHA1 e1abb116a61c7a355b642d795739ad71144c1d0e
SHA256 956776a43d86ba90ba2de7f612fa10f2dd1c327f21d649a832715c41a945d7dd
SHA512 6cfc1117aa75e04dbb70c3ded582e3c947266fb97d709d656f26ff7f8663dea1a91bfb164996a001af5480a8f9cc5ab58a5b597f55a0db2c7ec02701751a63d3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 75b1acabebe20366a70ed3ed34b8dc65
SHA1 974cfffbe825f16cd6d88050e33e854735abda23
SHA256 af169711025a187808e6263234e972f4c76e7d6243e4105230331a4b476241b4
SHA512 85f16d9c78bc0073e56d5511b655a1a80285cbaa733926dba2bd5f55095c61196a285e5497f6ac225e68b4406877508d0fd8b67bc6c7b783cf06e57556cdf473

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bdf59769dc988889c5f9b0e3d93be4b2
SHA1 465366ede75c23364283eb25a12073b3acf0e245
SHA256 f53156bdfbade338c2a1e069289706fef4d7e525fc0086085b5dcbbf7ae2601e
SHA512 259b8baf48b1042b23103710297bfdea0969e836b422e0b1bb879fb60b2b3cf23a6b20b6d6779eb6a4e71cec44fd530d3788c5f3f42f64f7f4b4239ddb476750

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 265db1c9337422f9af69ef2b4e1c7205
SHA1 3e38976bb5cf035c75c9bc185f72a80e70f41c2e
SHA256 7ca5a3ccc077698ca62ac8157676814b3d8e93586364d0318987e37b4f8590bc
SHA512 3cc9b76d8d4b6edb4c41677be3483ac37785f3bbfea4489f3855433ebf84ea25fc48efee9b74cab268dc9cb7fb4789a81c94e75c7bf723721de28aef53d8b529

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 bacad82e47dd719d67e6e54e1b7c8ca1
SHA1 5b689d6bcb8059db724a34c6974a11c1975fbc6d
SHA256 cd30bd5fea9aedb9d140c9ee42f853fef32180e72ff5a5e9c9cfb54e6c9369de
SHA512 f577ccd23314253156b780987c7c40b3e23d8c3c80ae312040f979494ccb9a48a8e60581353e2da6cbb79677bb34db3b52cb1d0b4bed0e78bb6156ed7304460d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 3695a07877ee8e34794f4cb4ce2d79eb
SHA1 55c174dc6fd4915b7a168f00f98058a9cea03fb2
SHA256 a2aa37a03a908fa803ce0917e96b43e5f3176545a9df9feaa18e12203b9566fd
SHA512 478ff677ac3757cc85671c4fd1669a01ed9220cf2669ef7408b25f81d149e5753fa8250d1add20057ac1d0df4de6e07a2f9c725330c45f9dd6a4533cdc0dd483

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\datareporting\glean\pending_pings\fc1766ba-47b9-4230-b7b8-8759d3c8e169

MD5 e2a36447a13941f7046f6d6100ce7140
SHA1 6cf9e406c724bd6500c79c8701824ae4a18ac1ab
SHA256 3ecc71eb345203bc92299640f189b4bb231c716fe099010ccdc603a9ff9732f4
SHA512 328e7dc676e24041ad6d657243140edb6a0a4118c25e319831e5534a3719380319d0517645ca85de50f6772f9a5ddd856568ccd57fec7f91e068498ca91b35b7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\datareporting\glean\pending_pings\255d73b8-76e0-490f-b437-58c27b38b5de

MD5 a19690f36d7dbc0251a541d361e0f869
SHA1 08a9b1e933b7072650981c42f082b9a32748717d
SHA256 a4cb76614cbb69eb45a2d6206be26b0d7e41c121b7553a8f105132d949eef89e
SHA512 a153db09a9dab4f22a87f1aeb3938187ec9f9b50a80908c6e0bb2d493f4959b2b3952e976444c342bf46309dbf551952b04a040270945f73240f7fc52f2e8144

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\datareporting\glean\db\data.safe.bin

MD5 d56d1e686b435f96ef2039586e20828f
SHA1 603dcc00eaaa58c35102f442fa7f50fb03c532ea
SHA256 4a47735f8c793f1913606f6980074d0840457e39e842411b25e0ac696c35976f
SHA512 9c086b201843c3b735d99424d4509a03cbe440c7f6779cbcbc64cce999e8f1b2072e3f582376a825b01b5eb74aabf5dff6809b3ed5b4c59ce0ddb91af36f75bc

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\prefs.js

MD5 7cddac9ea6c9a7aad70169b31de14786
SHA1 07d1d790a365cbeae4d0c3996cda952c0d8b5235
SHA256 30a4812035a715fdfcaeae7f13be5814b85812b403f408e4c0002713a5c92ca0
SHA512 58c331ffb20b02702d9c90fed5394fe30e1941396c4331b6f24a912db710517f1e4218ef4783810fc375ba257b8d0e0ce8b57e48bf7328b59d7b8d30bc5ccd20

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 1bd251010f40d2f9a5248de5ec953dab
SHA1 2dff8cfcfdf1f8e14436d997340b1616740f0550
SHA256 7f51459d68c89983c9b5327a3cb9e45fc003f403f9696eb8d0e0eba62114f3af
SHA512 9cabef3298a8c9226534025a2be52fa935e69d5320deb0b1a9f8ed509b19ecbe2272f32e0ec539fc50f8bf7f6d40ae5daf6c37a2cf38ce6bdf46cf5bfb94c28d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\sessionstore-backups\recovery.jsonlz4

MD5 af915452aa46c2a5d62bc431e3b7b035
SHA1 17f0752ce7668d3d10ae263ee322f2e6868830d3
SHA256 29d3d8ed95b6627a78700c3a288c8260a8b762c06da4f07f0655e60fe2977914
SHA512 38e4bfb2a8d39d5afdf6189552b0572eeb6eff8419a8ed78312fb7acec7e88398df2ad3c27e59a86337fd6f0a0c4a76a2ef9d12d647147e1e8bad5e07d978ca7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\prefs-1.js

MD5 e22851521e41ace2be711ee310c90385
SHA1 292951c6cd4062b03a14a683f12ddb6310da0632
SHA256 186d9a57e38442f3e4e04b2bed8b99853758a35903b4cdf52a488f4094f47307
SHA512 660beb30d3174dd9cb16e7c8501755d0bad00d6b295831be10db296193f088cdff3e7068a6a0f3e600bb6b6b06fe43cfa77a267bbed337a1b352d308ad4d0d15

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 9f4f933a8674d04be749ca4ae3ed74cc
SHA1 b0cf2a5bc7b36b38641f5def53636098c4c3c648
SHA256 0daddf73d05740c721a07a5f098febea8e2a1a790efde154a580bcc656b26bfb
SHA512 da417b0dfb104745c1f7a4802ec1371d24590be24fd047278a147ad1f36850d4fca8405bc821e042ef15905635ffd026d5677e80f9f3662a3a3aa94218a86b2d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\prefs-1.js

MD5 086eb6f522a50bd871e1fe058b37d60e
SHA1 fec12758c755a298dd546198b4f6d8d329416f03
SHA256 9373a281cc7a98ceb02c65e79565297dff10ba0b2d4916548aa0eca7335e873f
SHA512 fbf9ccf75ac5f37ff444f595444d7c877ac44deba13598b93256fc1b782967921a9bfda56b21e5138fee1a7d3d0225b9dae82285403d26b55f520a4700f2b722

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7b6631133fb84d714a38aae70973f670
SHA1 228b01e1a7732b525ef4e3dc427cbc858e6371bd
SHA256 91d2ddb532c07c25883115a8ab96102bbed1074b08d268f5b1201a96ee6c30d4
SHA512 0d5d302dabe6c3ab3ca4d9c37cc9cbd21f4d935b9a4b64b84ff86dae5171311b576e2a56a310ce006f174ed1c068ed7e99f88b6c7d5c30b450524f6f40ee3eee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4dbad8ad538f561a51a6534e08473b54
SHA1 d75b2150534c9fa5656f4fd060ee98c9ae02b726
SHA256 817de353cfa1b59cd98ab6a6f80759e2de8ab8169ae30d3937739aba5ffcb573
SHA512 12eeac969a7794478183b86328677ffa6119c91630a1ee071ea3c4077d8fb32ed861ac836ad800216126ddbc30cb35613287865ccb9f0044a8a89311d76c5b54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 f5b764fa779a5880b1fbe26496fe2448
SHA1 aa46339e9208e7218fb66b15e62324eb1c0722e8
SHA256 97de05bd79a3fd624c0d06f4cb63c244b20a035308ab249a5ef3e503a9338f3d
SHA512 5bfc27e6164bcd0e42cd9aec04ba6bf3a82113ba4ad85aa5d34a550266e20ea6a6e55550ae669af4c2091319e505e1309d27b7c50269c157da0f004d246fe745

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 26ed5321739f59e42d11820a4e5802cf
SHA1 a3b67e85ab37068e04c2f7c45b3e9d4b25bb3622
SHA256 ca7701d0e8e227883e05d369d324e5ece85568afc652344f1c6a27e7f0310910
SHA512 ec1fe7539e3a57af56bc79e9399894f20c7f33aa3deb2a43009cfd1b5f0ae04069e90771973df509504c712c1fdd805b17c838598dcf7d72dc26d929e03379ab

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\storage\default\https+++www.youtube.com\cache\morgue\82\{45493533-4b6f-44ba-8b78-dee215e25e52}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e9279805edb7942a427349028c4273fe
SHA1 c2764b84f53f2a11d3f2dc6b88c1a6620a783f05
SHA256 c327b1efea812acf68f93ecf2f3fe9518c52bc23b975e9da87c6aedd06f0118d
SHA512 bd4167ca733bd85d119af497c0b6d44e5a2f9809209b8500f962d8aa586a97d03b1b6ee7d514fc71945e250f1463a693bc16f155b33f48352408772820a126fb

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\storage\default\https+++www.youtube.com\idb\1015702105yCt7-%iCt7-%r1edsfpco.sqlite

MD5 a3a90dadd0a5bd8d83c1ef60b480f391
SHA1 7dd63543942ee7171fa0ec611c58a974d602d695
SHA256 913b14f33f914ba24e0b129b4a71247f1cf973da8668e047c96eb497c81bdf18
SHA512 cadab8a9354408f7f9397f45fc5144e8c06f0e198b4c4845327f226cb18f1ead12f8e83b545c201fd87e1e9675324551b7096087c37cd8cf82813e6bd1425c28

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0b034ae08ccb96ff7073d83c8c5f1939
SHA1 fa2b29a23d762e7b5505a329798dd7de16f16c4d
SHA256 d31fdab8db7d5c0fca92a1163663611afcb495cb481d1a9d2b94edea3ec30ec4
SHA512 fe66a555863754aa05f621e598c2cea2ea4c33d95bcb8bb5d898e649f2ca1ad3d39da97654ef77b2d80425aba39e312f6c9dbccbf7e3c30913ae7b03ab0e0c29

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\sessionstore-backups\recovery.jsonlz4

MD5 59e8a02bf42bb6882cede07fcf28c1ea
SHA1 25efb4cecb17d963135b0d1be757a0c89975c826
SHA256 ced73de498af4118672c369e80a79b64e1d9ddabadb7056e6f20f42b2436c6f7
SHA512 e236906350634a2482a5eac0289fb7b8789fb2cba2050b7ca0856482d930fe96f54754c9bd357bf832b507806c1381111bf240b30e687bb29c678196ecf868f0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 eb04f9554f563d2f6f44eeebda3ea925
SHA1 97c9c07d03ad6e0b4b8afdb515efc8f97a26d508
SHA256 8fb05ea6b5e56e8ecf1290d7386c2041a11e7b8b654f752d6d4116fe38fcefaf
SHA512 23559b0c4ebf72f99b3d80b70a66d2f20af1e10e4d7b68f37aa4b6de39158f0b33fb68c3c9db05f199a2d54bcfdc7ae88d81ad30a569e1448ce1b3b89cc752bc

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\prefs-1.js

MD5 a495ad6399c1473e387c5df200434188
SHA1 93ea27bec2d7d794e257a97a59448ceaf392373e
SHA256 725760a29b733cf8c76abc17179a2931d6cf3170794e7469de8980c948144eb0
SHA512 cb34685e201ff232d9614cf34d68b013a0bd74c346f950b793bb1f2c39844e1d21c5c55bb0a86197588e9565fd68de9aa79d28efcae2cb1ec66afe4e5bae3a24

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 4638b5d074209d70dbdb82a3f25e1cf6
SHA1 dabe87a5fa9e6f57390b189d916557118500bb2b
SHA256 469a0746b649db600ec717d58d7ca697d9c5e5ee6556f6e0da956abaa2042765
SHA512 bb73c4f58fde63e14e4d1192c1ef40e0338f1c42c1ac9e16a1c8217688555ae30bbfd9a34007e3e316c5913a1783c596277f23214bca1aa7336800f19cc4a3be

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bec409739af6cee0325d955c5d86f149
SHA1 5d86ad7ad1e6867e93c19a81eac0b98dd777c348
SHA256 0f415fcfaab8fc7a0f15a4a80af9b29628bb86c8cd24ac8d68e480071ef0945d
SHA512 cace44d7635613895fb4d27bca02bd54731594653023df03c14d50f27ae3446ef6028dcdd74b3cf973e712b5b9de8c820ff732065a5aac21aca7eafe049cdf57

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581ae6.TMP

MD5 956b6ad7049aff6c413133b3ec4fd49e
SHA1 d1d31839716fb70c21f3b725de39ad6498f376c8
SHA256 2e70971ddb3667ea16df55ea86776b64e3e5bd9551741e84ae4bddfc9f0e7c89
SHA512 1d28525286a7f4bf4e56a75320a2146f100c9a1584b638193b98778059016053b071c47a69693231f28f5af927ad5ce0bff92106b9f33a26ab86fe8ed2e7d8e8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 7a204d478c8dfe822bf86f9103bbd9b3
SHA1 7114b36ea1588d9372d730b2ee5dec7a3aee36d1
SHA256 d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb
SHA512 f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 85b2f70f7cca6ac183b1c48cb0198d98
SHA1 b9c226a60c83280f96ac76c3fcbfcb7547fbacf8
SHA256 c8cdeeebc42c8dd3140e12b64b94f1606d9960af22b6feaf834f4eadf8e1ea33
SHA512 79cb317cad7739b3f23988e3f430f8f9ebb4fb42a1fbb3c8672a835fd343c5588e6f912c2831909a1bf0729ddb2c820deed51d7dca050c303975230664570b48

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

MD5 e404d7406b6b25ff193fc7269b92fd52
SHA1 6a02136cb3de07b970e1ba64df0b148f0df31dd6
SHA256 b40c483b6cdc7f83f646ebbf9ac45699285f8b68096f6451b99a9ea0a51ae59b
SHA512 046c1b06607619a7354391d9152d8a9b5ce990ee0b5e0587c088ea611856836d187ead6ff1289bbe663df191702e34bd7954194ce5950a6126b6f808bfd42bdd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\prefs-1.js

MD5 2b93511beb49be3904711c49b6f85263
SHA1 9ef627c485f5ee0c42d2af04eff85912fd8148eb
SHA256 51c4d1e3d00e4611a8994f1c7f5888bcf242cf79854e2172f74668c5d9f73f47
SHA512 bc92ccd6f9549ebbd0c70867fdc3b24bf111acb01daa47ab74884a7a43a39d83117d06871565428d364a6537a71b42cdaca19c4b019b471164f5f599b1dd3b44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5f7debf3ace1c981fee61e68cb9994a6
SHA1 d1ec732ce52108203d01c74befc128d80dfe3a58
SHA256 7eb00255d96cb3bab3f5193a75eef1eda96a5f9e268449d06d64d256e4a72156
SHA512 c2c86879214c3a684c756a2b9a3715963587bde9dfe7d7d3ae125e6c0b3c47aed860b8ed701fe4499ac5814eb5654b0d62c123914cefbfc157a3565b6d4c2908

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

MD5 d1a0d8504b6a46215e2a4cf521ddb7b5
SHA1 3d6e16808a1e17ccdaca99f37ed30468391c62e0
SHA256 cb357178d5e09917800b0669d958b5517c4f8b322c01f2adeca3ea7fa4e707c1
SHA512 2ee68d71b04a78e1bc353f66daaeac1ab9f2e1119d7b6974571f8ef1a7a20fc1ea3903f3d90f3feffe7d820339abed4a26cabb230ddba3baa415309daad2d570

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 eeb8968e113de9c726dc40805e919792
SHA1 1d9f8471d87126f86c8920bc088e3bfc1842eb5c
SHA256 1e131e8f5c83b0397edd2722f5c3f214187dea7d55f8a53c9da48f16f758423d
SHA512 eabd0605b180a05ab5c827b8ddef06bf413c4a6fe3cac959e4d934d779d6f5d4ec14f8286e9e2cb3cf78106998f3c4549288dd3f082a336ebfa52f4700564031

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

MD5 2ba277bbbcc8715291613160a997cebd
SHA1 e64ee67165bbadd3b8bde989c3e5b1d2540cf09b
SHA256 00ffe000f78ae3c8c8d5557e3ab0089e29730ed10b2a190bd2b7a569812afd96
SHA512 c0f7840f181ad991c45ed1be0fcc0d90be100f8bbf36c54418ebe66f46d776652447eb5b7eaffbd2eb07c04455841d8e5d74f404eddf3c22daa34269d842435e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 7b1ad3d54c67e01e1e67ab115ac2ba8a
SHA1 a99aeb37989363f93506cf635c41362225e39220
SHA256 9506fa898390c42cf736f96ffbd65b26842545e6063b325ff56fdadd5ed1e039
SHA512 3b719894431d1805716de619b5afb4ce74bfa151b84ef9d2d4eafa2510593f966dd49058812fdb1c3e3090de665b0802f508affa90f3e31ed46fd43becd45ad1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 d8e56edd91e6a8e254c9df3c3619f493
SHA1 e5bb299b458c95e5575da0a42ff7b49969b880b4
SHA256 8b598d7196aef8cb9eacf393e5b2520f5387f125552e1fefb6f373be30f64e97
SHA512 46d3bb6eeba235ed9e2621cf6bf89c10c78fbbee1bec31d59347532d9d242de4bb533911d0981d3c1af85a1d51226ca694ccbcef178adda1fb71e9634820027b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d718d9140edf608ae42ecf387c28ee69
SHA1 9198c2298368ba28c9fa9d62ed77f6f8c41bc4d0
SHA256 d40b134ab9400a985ac4a8994d070dd10c8ea734851fc7a6ef64cee54a0f0d2c
SHA512 ebfc2ba2e385215e45bf47f5f6d00e401d40461a001adc16b6a9d191073d60bbfb57b7ce40a9b23492d2706a66f809d1337e97a96a64416f801e216f10ca6afa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

MD5 57ae6558fd495a4c05692113c7315b1e
SHA1 edcf35929545ae68664779e0254b67e720e1a0b3
SHA256 fc01d1f63650df9b53e5ed7f8ad20f8ca46a194533f72ab431ce862d1f310b63
SHA512 51fe9f8eee096ecaec21a1b1ccc72ddefa178627cf8809daf12713c70edc075bd1b03f277a505b2357076a278afd11a4f853132d8fbae53361a36438fd8951f4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

MD5 55abcc758ea44e30cc6bf29a8e961169
SHA1 3b3717aeebb58d07f553c1813635eadb11fda264
SHA256 dada70d2614b10f6666b149d2864fdcf8f944bf748dcf79b2fe6dad73e4ef7b6
SHA512 12e2405f5412c427bee4edd9543f4ea40502eaace30b24fe1ae629895b787ea5a959903a2e32abe341cd8136033a61b802b57fe862efba5f5a1b167176dd2454

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 194b5a64fbe2c17e88a64dc3054db00f
SHA1 2ba2d72c6921c329772020fc37ed74a5b0bbd6ce
SHA256 7fdb037fd4303001914286a021fd30460974f3eae3d3b685329486a83e7326ec
SHA512 4588fcc0acc1eb71403aa52ced9701cec4a21bb7207302beb845ffeb823903e5faa137fd231445d05d9508c48788d67f2481e96b2ab21ea72e6648fb6201befe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 beafc7738da2d4d503d2b7bdb5b5ee9b
SHA1 a4fd5eb4624236bc1a482d1b2e25b0f65e1cc0e0
SHA256 bb77e10b27807cbec9a9f7a4aeefaa41d66a4360ed33e55450aaf7a47f0da4b4
SHA512 a0b7cf6df6e8cc2b11e05099253c07042ac474638cc9e7fb0a6816e70f43e400e356d41bde995dce7ff11da65f75e7dc7a7f8593c6b031a0aa17b7181f51312f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 621714e5257f6d356c5926b13b8c2018
SHA1 95fbe9dcf1ae01e969d3178e2efd6df377f5f455
SHA256 b6c5da3bf2ae9801a3c1c61328d54f9d3889dcea4049851b4ed4a2ff9ba16800
SHA512 b39ea7c8b6bb14a5a86d121c9afc4e2fc1b46a8f8c8a8ddacfa53996c0c94f39d436479d923bf3da45f04431d93d8b0908c50d586181326f68e7675c530218ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 01ef159c14690afd71c42942a75d5b2d
SHA1 a38b58196f3e8c111065deb17420a06b8ff8e70f
SHA256 118d6f295fd05bc547835ba1c4360250e97677c0419c03928fd611f4f3e3104b
SHA512 12292194bb089f50bb73507d4324ea691cc853a6e7b8d637c231fadb4f465246b97fd3684162467989b1c3c46eabb3595adb0350c6cf41921213620d0cff455b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 71c4ed23aa93a7297d93a899d816d595
SHA1 abaedebd2a397f1f615d1b3e109a3960a6780b5f
SHA256 d8c91051582ffac6fad00820de8e7daecea131ed369bd522c90cadc005472cf8
SHA512 c15b6577a8e612251445b26a4f437c2e6c816ab716d07acefb690967fa9575e7eb75daaf1eb8a982634140fe81f8bfa4297f9877c4c952dbaa586a8b490782eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 526d21f1e9933d6768d2e9b4632472ac
SHA1 ee87150303e80d176b09c4af98e2cb5418eb965d
SHA256 1edf654d726ff7754fba7b5686f223591dc188a0766c3250ec98598e6d6cb5bb
SHA512 bb7fcf6a59a35642879ccb677b69ad37c0af7de9ec861ae86ceb1d65ddc6281950615788dbfe9d48e15878a8fe211f2b9a932f1111e230dcb9b340e53ac0f0c7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\sessionstore-backups\recovery.jsonlz4

MD5 15c8c0bb88a45db0863c9713a0617f00
SHA1 318bf093cc558664fa7d54ea2caa1153d718d45d
SHA256 7432ad404f168a3f1a43298c02e356cc7a3ee45a8aa9a38c390fea6e1b552067
SHA512 bd9032adf0d15659481dafd562a6e146d4fe3960eb310edae007b11b42614a4e9f4dd55ec365a2781c48be9b5e097b9ecc20ff3ea26d5fd865067868e3ef60c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d80d09a05b762b042b35da52ae3a0593
SHA1 e486f9529c6c8b956be95edba3717fa8205bcae3
SHA256 250639884cf2c2e36e8319a90c6c72efc17baae94c7417866f31b84ae69fa7ad
SHA512 3ae68a0cccbe9088033994449a48a61fcd0bb47876dca248d3e9b4b733a52b2a41ab2ec01ea8064731fbf9356481e66c800aff098888c254aab301590a878c4f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 2606202794c1878e61ba661f94ea1a63
SHA1 d327628185d63858030bccabcaee84edef92ffc2
SHA256 055d52dc71060b8207d067e74c9fea57c6f4260adc109b0f240bf6dcdd7b0f3d
SHA512 a48d6d1fad810d6cc858906f27382ad8f6ff1f2b70dddae99cfb8de083cf1695886059f77c307c097789622bc972ef60ad67d435da1a81c3c608ca258d8f1fc5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 671f91c0c97845f2a2eb233933eef850
SHA1 8427baa97a43f12e49150c725b2a8b3eb756ba65
SHA256 a61cf89c7b59d49b077d41a45491e37da420e5476c16278191bc165bd407ad5f
SHA512 6d8af99190d42fe0422de397f6d6a220d5e0ebb5bfdf9e3e7b018a8b3add372a3a9faa0045f378ed94976dcd900fe3823307c0c405fe6fb9975f048e3f7ce36a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 f9154dd51d1febb9306f06cfb5e2c31a
SHA1 8e4f491419c3e808c73acfcd9f12b2c8d5c80e91
SHA256 0e25aac346d6257504089bb90bbb3183a673976ba421056513d04f5b3974e711
SHA512 7ec48595b8cac6f019d0e1508a480b6b8ca999725ce325ea802e900d009f60a5a683a67adcd366df7dd67d8d66473fe79409cff50c2ba17b9b52b00a61397ef3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe588836.TMP

MD5 d6ee153e3f93c78fb19a47e755389e60
SHA1 34291803bf206c5adf7d2e1a58829575d40df65f
SHA256 4888cd703b82a0ae3ca59938f503eb7e490bcb0dc9f8477d26a677d588fbdc44
SHA512 ee342c66ce825f08807de8eedb0bce34823039acdd87a8971ea9c73460ab2d4231f6f5393adbbccb03cd506620143007d24cc8c86afbe6d2d8d4c720cf8f1aa8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 2bcf4abdcf98f48c9ddc4b022c9e6847
SHA1 a8171aa243b3f7df92a60ed801924b19060d27de
SHA256 6f8a8a6f454a642eb577e03b23be3941961ab29c755fc1fc9f3961b03e35c5c5
SHA512 70d75747f24846cd8041f873f853603581fa68e740a939ca46703969d228e16b988b6ddf170b4cac22819577cc8ca7e6b892eada9694e826aa4f9dabbc173825

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 7b086e5650aaa7b6facbb65d5fcf8100
SHA1 738542561a120ec62346136337af266f8f99f436
SHA256 c7ded89066092ad017b439bdcacc92813ae5fa3bd35ea6e949724404f014bf8c
SHA512 0cf43532545dfd78579b0abce3071808885cb715b7d6d08afbd61ea2e370d70326672972eb7dc6c0728cf66d0a1323df1571b782bda0a36e3b73df4d90e820b5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\3ffc6e5e-aa70-4a9a-a4d9-16d1654e77fa\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 68133925415d6ceda0e08438a1edddd2
SHA1 d6587a21b968f9b4f7676b8819a60f9da986e69d
SHA256 c6be8620b41bfa67597ba29fe8acbc676889f9c60931b7583aa36db90ff9e972
SHA512 5cf5685f0238b66b2f6f46615be7fe660231c2bdc58ccdd1f7539d5267039bd0a6f9eba9452fbf0531e60514027037ca360bffb0bf0d5e11e57d4524b3b50b45

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 81ac05c6d01d84d913a56c11909cdc7d
SHA1 55f6bd5429c5a35ed53caae2cd50d856edcb7883
SHA256 b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5
SHA512 0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 408a335e160243d9545b045e32fa2d74
SHA1 d00dcce576acf0f4650bb763c4592d5d7c81e6b2
SHA256 bf3e287e514a8c7db5a39fd59fdbc1b2b1cc41b2fde1157911317a328c096d10
SHA512 30ea1440937a49bb3451b44f34b62c950e51390c8622f4bc66b817d385497a927b00853873425eafec34e26129c09fdaf5fd11881df3dd2626a823d330a979b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\2fb27d77-0e09-405f-96f1-6ac5e0c15487.tmp

MD5 052e17074c4f44aeaa00b8185179f147
SHA1 620db7610fbd27c13b8efdd42808e3fb2d24deeb
SHA256 9e2403d0c97afef1b777c4bd7c734772c0870ff0eb1670e7ff809780c00b6130
SHA512 dc170269cdc878f5b440c72a6b9c0919b30b6e37cfb76b5c74cbc5b3ed999626066e57f1412489d46f860cf3b19b018dc550dea739c1973eca7eb463fd48525f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1edd50574c7174ec187e6c529367fa8d
SHA1 a04661b6a0b9fb0e638ac321bafcccdd2b67fbbf
SHA256 47a91b0f282ba86dda972c6458c33dde767e0a217f58d982e600e4cc07a87913
SHA512 eb02c456fe4fb8856e27d7c403fca519fb9934101d1a9b2603f3bb0d9ca9136424fc08f5eca5d520e9b09e88b549c43bc5c874bf3e8d226f76bc3975bee1bdbc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5b414a3f80ac1b31b151838e704368b5
SHA1 63e52eb5cac500b2d53ba2c0ed00038dd5374a00
SHA256 49070a99e055750b8d3dd146cfbabb491475b93baa07c6951fb830ad7038f76c
SHA512 23c9be59aab1f1039fe80069f8c22b55faa8bed8b435f304b8e41146ce23ab15ea0ae879e8a92a4da5a7c7d3c7f56e00c6d1ab3f4da18faba2b6fff1bff96f90

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 936228ed4522a225a614c489b65e16c1
SHA1 f56250112cd984084ce8d5c5bdb0dc274e798526
SHA256 bac55e01cde5f3d92c52c64e1e2943acb0fa1533154d8f58f4b33a7c32c2ea59
SHA512 541b0e789ec482097f961adb524383a03c5e7b402f016591cc1c82693931ac598d222c5a39e3018bdb0dd9dc63f0cb259fc92f403dd59b3f3310ed0c820d4ec0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 b870a495811eb65ea724f1df910bd05f
SHA1 0000a6e529110104f6a9c90b18773e12b1152ba7
SHA256 424ecfbc019b5e4187e4e826606af19ddbdd0843b8ad794fe9ef0f1d3256a28c
SHA512 9274b52b3c29c6d4216be013d6ed61543b763493f0f56f35e31a0fcebc14966bd6667fdbf370f048edca0520e126dd68b3de2285ecc5ac147aff99a154a6ee75

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fafefd7f72f8c0fab81a750c059773e1
SHA1 c470941a3a96f4562171b506f81b6212a61eef1a
SHA256 7ba3bf86b233243d085a2b3577955f553140080fc276afc80559c367c12e636b
SHA512 c7922f401b576474c0718fb8251f5c5a47d9ad8a7376ac7365eed420e0f2fa38b47d78ea34ef94fb1b32cc4ae919e05e037298992dbbfbf94b037b0903b30abe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 6f80c863966de059ef5062627894d5dd
SHA1 7ca27dde1193847e7b697676680737efb1a1dcc2
SHA256 74432a2bc2fd94a625a1c7fa2d16b83f9c6b35f27c46ceddb1685cfa01137863
SHA512 5d4e7120df2cae5eb64805603d138243b8a6e4f13905ab13669362bf331d72d0ff6f99d5ce11b1b6491cbf064e35352864b374360be9413fe055bbd6eab49ca9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58e25c.TMP

MD5 5e9e0f5de0ecf6c46ec0027208f2db94
SHA1 a53e21bfb7e5c6d8a328b8825354f828f19a6287
SHA256 a4c1efabfca6951a4f8e0c4d2d7a0713946f6562eedb89392db3153e9fc1d50b
SHA512 c5e61dd38bc7a536baa8ddb47c9e2a0aef9eb1b5ba902aea8d112549722751a76eb9ef43337995e5fe214f384030235fcb02e68f72f5bcf3f91779067a7b0965

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 70c3d082a67de0db66cfdb2323eabe25
SHA1 d405c5ec42a28786df9fbf8ebe39052a8fb1bf35
SHA256 b1b4cc26b7ad1e9bd5f252050e8cc458a57683042fa8d2b18814d4006058c87e
SHA512 e8c5125b354a19ad97a6e321bae046f9128e10c4cebfd2cc05b38006c5d851d66770416294b2d0776f344131ad27ab6f6fcd2e64e1eee300fec6b5401b538110

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 53569a426f68472a2c273ff01ed3caee
SHA1 d908ecb84fdae53a6b4f6c9acf9e30f74b3a300c
SHA256 2f7daf103c2aa71a8891eea0dc9e4f2c7f973904931653ea95fcee55df66e01f
SHA512 e5d1756e212a2febed00c8acf7814e1d3b84d98d3b96e9e668b57d6117e0d2290420ef01c5c112942aa3b7f7952ab1daba010b466976f75c69e97751dc2c7108

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58fe31.TMP

MD5 c24ac10bc8a62f6f14b506defa808579
SHA1 6e756b3ab4c0ffaad014916c0e09094686ab0faa
SHA256 184b3353adb0715f42aa51d1bad84763ded907d15d88025e8f9b7f46d70e626d
SHA512 4c2505f08d07da0f577ccb80baccacfd8aa600aa5be0e6f80d88aaaa3f48f7508137a25cdc81a8e20e23da5d7b159ea55a55b59800c430ff70636a7a545a2fee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 0fa8406b1e49dad5548586d81e5754b3
SHA1 0519385ce00e847b398723992e9a3b4feb2697bd
SHA256 b06ab7c938be099f99a623277539f3d7d40ef1a78e075763e4c37944feca0fd6
SHA512 c5c090ca6c82ec6d43023ff2636f25700fa8b7ac3e0632a15d4eeb9fbf4a407bf0f93a5b6ef0e6ac7ca1e205a34bb48bc061e8b6c6582a0ae1cd47ea4187d0ad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b89154b987ad871810e627dc26a16b12
SHA1 3472cf7069560c9649dd5c6ffa5086b52376c8be
SHA256 135e1bbf6b7070222f880112b62744c6134d685f4f0b9390797c41645c319b3a
SHA512 53afe6d02c828e51deb4493143503cf861d36250a038c51def2ef5e4f9a7c33ae84b15ce205438659f1368f5dd4d065fc827c0832563664b2fc71a676184d5de

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 115e3fad949be94c06b6b09224217422
SHA1 ff1e4f56699f5cc792987c68edcf86c6d6fa704c
SHA256 e6c12966d10b4df63d26f86506be669c4bc5b6a1ca8f2af4eac9b2417c1c081d
SHA512 ef555d71d827087d854fe8f41fa69669bc809592def751e7fdc20c1cac8a5b19af1b8b40182438b5961ea127e381a4d242c5facb7f850b773ec0fd0f2539e6c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 64d97a1b7b59db315a234f6968efce00
SHA1 64ae3cb7710fd44d4b25d975279655a158c4c27a
SHA256 2a3ab32aad0d6d174d74b15e508589a17d0bee0d4efa891a4f177231acb3405b
SHA512 52dbd79da4d58f6369af8df5efac9c2f1ce7da118d3b88561c9aad28f2b62b0199d1dfa3c2ff9bd096a62d258f07da3afa7d1caec7f8a4ce79af243dae6135c4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

MD5 3ba7e6919bc260bb6ab523197f2be3e1
SHA1 ce2d7fe3aa42d99d733266d023f6aef3766e7785
SHA256 1032fd6f298c16aaae3f1ae2059591f2f5d40e839de4f22a5bb6d41c38a39818
SHA512 2806c96ff57678813e20abc51ffbcb8ebe8986b3775df5d42812be6b50c905840503486d1b963d1fcc6c3de572da4bf9ee175b802032753785d3de69fb0768fc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

MD5 3b2df667a176193cba046f74787e731d
SHA1 0525109b7a249a66df8c8eb7d24b49852cd076cc
SHA256 f38e1d77aa0173d1c110ebbc24f55704f74d28b33c70302f1170c1f4213f611e
SHA512 f6a90da9852126be776f2b7b488e04d8ff3cc6e0f4b222e1d9fb7aa2c938d586d4c88150dae1fecc24606c5a80270eb7c70ca4286a0efd2c2478aa2701056ebf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

MD5 aaba5e872ba07d60f556b78df854279e
SHA1 93d1494959f4027195f527db143e5aa89d60925b
SHA256 0d950d310c06f5df42df4c095f087e9e04f1df621baed053ad73b6c526cdb75c
SHA512 fb9f3fe53d97caf3624a5cfc952daa6fc486e153f9fb33a3456c7f86c655214b520432d150286dbe383bb30fee251f1f63e89e6bb5b45618a541ec03f8a94346

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

MD5 bbac7bb99faedea9a0cb17dfcad195af
SHA1 409312e9c3a5eaa03f2c8227a3693e8a6dc850ff
SHA256 b286f84ee8d1ad423d6c6d681d44ec338a542abff016773fd133db9eecbcb3a3
SHA512 727cc47adb0225730fa4dc9b2a791fc9b88660082bc9ab4e2bb65633a666772a75bac12cede3feab5609fcbb3c4807fad4a3b499d5633ab273e625b3650e2e5e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 38693aa2403f6ac24c67d672bd775dda
SHA1 cc172b71e4212485cc0a245b49b52b16b30ad3a1
SHA256 b22a7ea760f0516ccf49314f00daf809a04a8815630447a0193252b3e53362d3
SHA512 ba890e0f32df895166af3217fdb0d1d2914ec9b65282ae62a092a751330bd0b76714e774cd175461d7bb836aab3ce0b0868b6eea6c6d9b3872224dc4abad33f9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4ac99e9b6229aed212659936ccd41be3
SHA1 3913db1965792039708592e540f3ca33b173828c
SHA256 ccc9a473b6a4fa6a4b999ca6a8a4124b303ba7d5be52042e4ae680707719aab4
SHA512 02803b6f1b202a1dbe414525bf6c4e51989abbb78ed8466e42314ba25b5b49fb9ddd4edacfa4bce5014d29a4429708b1b69014bd0be4cf64b693615c01b46cb8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a12c646200fadbc890b5eb6bbaa1bed4
SHA1 e05a7972de7b2cab7f2b923cb8b86b7a6f38d4f4
SHA256 c2e997c08d12eac5ae0ce49054f8f3e72bc6eb06c8fb74d6d193ca0aaff4a9c3
SHA512 fdf54ef3b2fe58ea7abe58597b8da82b3cfe69df37c988af5550e3196851382dc56848ea50c89dad3d9d69292c82e5a6282ef3ed7a7d3efeb12506529d9b926f