Analysis Overview
SHA256
5f6287c9f1b5a24d70fdb7d13925d2e4679abd082690feec77be51d54181112d
Threat Level: Known bad
The file 5f6287c9f1b5a24d70fdb7d13925d2e4679abd082690feec77be51d54181112d.exe was found to be: Known bad.
Malicious Activity Summary
Detected google phishing page
Checks computer location settings
AutoIT Executable
Unsigned PE
Enumerates physical storage devices
Suspicious use of SetWindowsHookEx
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
Checks processor information in registry
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Uses Task Scheduler COM API
Modifies Internet Explorer settings
Suspicious use of AdjustPrivilegeToken
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-02-07 21:04
Signatures
AutoIT Executable
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-07 21:04
Reported
2024-02-07 21:07
Platform
win7-20231215-en
Max time kernel
40s
Max time network
153s
Command Line
Signatures
Detected google phishing page
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff5600000000000000dc04000065020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b0720b1d8642c344adb870a2e917866400000000020000000000106600000001000020000000c99cbb230b693c295153d25dede62e18735eb11a56d75ab536540eb580d54d8d000000000e8000000002000020000000a9a46f3faea447c27fa935eeaceca552ae1e38d28bf5b9a6ccf7167151076a8890000000cad2be954c19ee310ca2795fdf971884889ffdaaf787051f8ab1e810228c748f06bf04b1ecbbe79cdf1038bf4728eb2580d2bb8658a13c203653f55469f97ff4ed20273ba3400b26a5e312f8b7b9cce93b257291ae1c30ded167757dac9746bf2fb3785bfc9b0070683b9ea69b89dc7852598590a9675fef76d9fbd4fbea4d4a27beaab6265900016bed44d3b98c4219400000006307a2de99db24105983171026e3465384a16b4efcc8643f6d8715b4359ec49c51324a0632b8bd435ba016fda954c2b19e430c4689d9877c482d51527e957247 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b0720b1d8642c344adb870a2e917866400000000020000000000106600000001000020000000eb767710f3942afa0117c521738b90afb008a3aa62a1e3ab73dd82cb42e8d523000000000e800000000200002000000022fee17e686573c92fef50645fd4bca39e61d22ee27673a0521fa0345b012e8a20000000ee7787f36ef96f89019febb7e3c455b0d566e158399a0766be4eddbc2b131a3740000000a1385c34c6bf7cf5acdac39c72426a6240c412989bc88c311d143b2c7b72ed903ac51842d969275cb9eb55bb6284b69b7ac088db656061e53fee7160bf786f5a | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{88D7E201-C5FC-11EE-A675-6E556AB52A45} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\5f6287c9f1b5a24d70fdb7d13925d2e4679abd082690feec77be51d54181112d.exe
"C:\Users\Admin\AppData\Local\Temp\5f6287c9f1b5a24d70fdb7d13925d2e4679abd082690feec77be51d54181112d.exe"
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/account
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/video
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2640 CREDAT:275457 /prefetch:2
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3048 CREDAT:275457 /prefetch:2
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1476 CREDAT:275457 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com/account
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef66f9758,0x7fef66f9768,0x7fef66f9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com/account
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef66f9758,0x7fef66f9768,0x7fef66f9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef66f9758,0x7fef66f9768,0x7fef66f9778
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2104.0.1405387008\1097163102" -parentBuildID 20221007134813 -prefsHandle 1276 -prefMapHandle 1268 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b8cd05ea-5bb7-4dea-9534-a3b4b5a20a18} 2104 "\\.\pipe\gecko-crash-server-pipe.2104" 1376 45d7b58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2104.1.333125564\76802996" -parentBuildID 20221007134813 -prefsHandle 1540 -prefMapHandle 1536 -prefsLen 21610 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b3ae07f0-669c-4bba-91b4-087f9b4cc218} 2104 "\\.\pipe\gecko-crash-server-pipe.2104" 1552 e72e58 socket
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1092 --field-trial-handle=1220,i,9275206162816237346,3522226847496552234,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1388 --field-trial-handle=1456,i,7943984248114829255,18418611023950930012,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1328 --field-trial-handle=1712,i,4338316635514156446,5069871813722509831,131072 /prefetch:8
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2104.2.1628455062\844208291" -childID 1 -isForBrowser -prefsHandle 2356 -prefMapHandle 2352 -prefsLen 21648 -prefMapSize 233444 -jsInitHandle 700 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {228cee70-f64e-4537-85da-f8865f5ab9b4} 2104 "\\.\pipe\gecko-crash-server-pipe.2104" 2392 16bace58 tab
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1304 --field-trial-handle=1712,i,4338316635514156446,5069871813722509831,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1088 --field-trial-handle=1712,i,4338316635514156446,5069871813722509831,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1060 --field-trial-handle=1456,i,7943984248114829255,18418611023950930012,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1500 --field-trial-handle=1220,i,9275206162816237346,3522226847496552234,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2248 --field-trial-handle=1712,i,4338316635514156446,5069871813722509831,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2256 --field-trial-handle=1712,i,4338316635514156446,5069871813722509831,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2304 --field-trial-handle=1712,i,4338316635514156446,5069871813722509831,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2536 --field-trial-handle=1712,i,4338316635514156446,5069871813722509831,131072 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2104.4.1053084323\80135645" -childID 3 -isForBrowser -prefsHandle 2628 -prefMapHandle 2632 -prefsLen 21754 -prefMapSize 233444 -jsInitHandle 700 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ee6f0be3-af61-45fc-af19-4521d8d8cea6} 2104 "\\.\pipe\gecko-crash-server-pipe.2104" 2616 1ae82058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2104.3.1724639762\1191921619" -childID 2 -isForBrowser -prefsHandle 2060 -prefMapHandle 2056 -prefsLen 21754 -prefMapSize 233444 -jsInitHandle 700 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {15fea286-53a4-4778-80f1-f34469c33c18} 2104 "\\.\pipe\gecko-crash-server-pipe.2104" 2040 1ae81a58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2104.5.1639891339\1696619581" -childID 4 -isForBrowser -prefsHandle 2792 -prefMapHandle 2796 -prefsLen 21754 -prefMapSize 233444 -jsInitHandle 700 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {de713dfb-01d4-4a78-a84e-0717f7a44d9a} 2104 "\\.\pipe\gecko-crash-server-pipe.2104" 2236 1ae82c58 tab
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=1324 --field-trial-handle=1712,i,4338316635514156446,5069871813722509831,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=3040 --field-trial-handle=1712,i,4338316635514156446,5069871813722509831,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=1116 --field-trial-handle=1712,i,4338316635514156446,5069871813722509831,131072 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2104.6.1527772631\2037469272" -childID 5 -isForBrowser -prefsHandle 3532 -prefMapHandle 3528 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 700 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {87d66285-b535-412c-89b7-9afbc9703f2f} 2104 "\\.\pipe\gecko-crash-server-pipe.2104" 3544 e62558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2104.9.1515536247\1834695251" -childID 8 -isForBrowser -prefsHandle 4356 -prefMapHandle 4360 -prefsLen 26345 -prefMapSize 233444 -jsInitHandle 700 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6575e94f-4bca-4f9b-a427-438cb6e6d7b9} 2104 "\\.\pipe\gecko-crash-server-pipe.2104" 4344 1f5ee358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2104.8.1563516002\1573965873" -childID 7 -isForBrowser -prefsHandle 4184 -prefMapHandle 4188 -prefsLen 26345 -prefMapSize 233444 -jsInitHandle 700 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3864181c-8f9c-4a74-b026-65966fb96c9a} 2104 "\\.\pipe\gecko-crash-server-pipe.2104" 4172 1f5ece58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2104.7.1732307546\389602611" -childID 6 -isForBrowser -prefsHandle 3920 -prefMapHandle 3916 -prefsLen 26345 -prefMapSize 233444 -jsInitHandle 700 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b8d57a76-de66-4acf-bd02-8d3dd4a0c4ab} 2104 "\\.\pipe\gecko-crash-server-pipe.2104" 3784 1f5ecb58 tab
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4432 --field-trial-handle=1712,i,4338316635514156446,5069871813722509831,131072 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| GB | 142.250.187.206:443 | consent.youtube.com | tcp |
| GB | 142.250.187.206:443 | consent.youtube.com | tcp |
| US | 8.8.8.8:53 | m.facebook.com | udp |
| GB | 163.70.147.35:443 | m.facebook.com | tcp |
| GB | 163.70.147.35:443 | m.facebook.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | facebook.com | udp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.35:443 | facebook.com | tcp |
| GB | 163.70.147.35:443 | facebook.com | tcp |
| US | 8.8.8.8:53 | fbcdn.net | udp |
| GB | 163.70.147.35:443 | fbcdn.net | tcp |
| GB | 163.70.147.35:443 | fbcdn.net | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | fbsbx.com | udp |
| GB | 163.70.147.35:443 | fbsbx.com | tcp |
| GB | 163.70.147.35:443 | fbsbx.com | tcp |
| GB | 163.70.147.35:443 | fbsbx.com | tcp |
| GB | 163.70.147.35:443 | fbsbx.com | tcp |
| GB | 163.70.147.35:443 | fbsbx.com | tcp |
| GB | 163.70.147.35:443 | fbsbx.com | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | accounts.youtube.com | udp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| FR | 157.240.195.35:443 | www.facebook.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| FR | 157.240.195.35:443 | www.facebook.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.35:443 | fbsbx.com | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent-lhr6-1.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent-lhr6-2.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent-lhr8-2.xx.fbcdn.net | udp |
| GB | 157.240.214.11:443 | scontent-lhr8-2.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent-lhr6-2.xx.fbcdn.net | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| GB | 163.70.147.35:443 | fbsbx.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| GB | 142.250.180.14:443 | youtube-ui.l.google.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| GB | 163.70.147.35:443 | star-mini.c10r.facebook.com | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| GB | 142.250.180.14:443 | youtube-ui.l.google.com | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| GB | 142.250.187.206:443 | youtube-ui.l.google.com | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 52.10.159.154:443 | shavar.prod.mozaws.net | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| GB | 142.250.187.206:443 | consent.youtube.com | udp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.179.234:443 | content-autofill.googleapis.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| N/A | 127.0.0.1:50029 | tcp | |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 142.250.179.234:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| US | 8.8.8.8:53 | accounts.youtube.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| US | 8.8.8.8:53 | scontent-lhr6-1.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent-lhr6-1.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent-lhr6-1.xx.fbcdn.net | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | scontent-lhr6-2.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | scontent-lhr6-2.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent-lhr6-2.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent-lhr6-2.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent-lhr8-2.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | scontent-lhr6-2.xx.fbcdn.net | udp |
| GB | 157.240.214.11:443 | scontent-lhr8-2.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent-lhr8-2.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent-lhr8-2.xx.fbcdn.net | udp |
| GB | 157.240.214.11:443 | scontent-lhr8-2.xx.fbcdn.net | udp |
| N/A | 127.0.0.1:50044 | tcp | |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| GB | 88.221.134.209:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 172.217.169.46:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 172.217.169.46:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r4---sn-1gi7znek.gvt1.com | udp |
| US | 8.8.8.8:53 | r4.sn-1gi7znek.gvt1.com | udp |
| CH | 74.125.108.201:443 | r4.sn-1gi7znek.gvt1.com | tcp |
| US | 8.8.8.8:53 | r4.sn-1gi7znek.gvt1.com | udp |
| CH | 74.125.108.201:443 | r4.sn-1gi7znek.gvt1.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| FR | 157.240.195.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| FR | 157.240.195.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | beacons4.gvt2.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| GB | 142.250.187.206:443 | consent.youtube.com | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| FR | 163.70.128.35:443 | www.facebook.com | tcp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 157.240.221.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
Files
memory/2228-0-0x0000000000DE0000-0x0000000000DE1000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{88D7E201-C5FC-11EE-A675-6E556AB52A45}.dat
| MD5 | fed3e36f6895a87523ce3783db4eaadc |
| SHA1 | 5660ec842056de0622ff86be416925ba0e67097e |
| SHA256 | 836f26453ba7595c65e2c3cf56205d1ac191b309a2e18b63843b23943f84e888 |
| SHA512 | 1cf73dec7a18be0f35dd09f0066e114e9fba3f3c77e396fd6b9d5a38501838cd4c89d1c699b04facea150b0eb5f73f8a14f04a25288870843249b06e3793ec35 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{88DC7DB1-C5FC-11EE-A675-6E556AB52A45}.dat
| MD5 | af34a7777caada6c143c7af08b4ab2f5 |
| SHA1 | b657acefaca16c94cc85a855e4dc02797a324c96 |
| SHA256 | de497adc52338e8c6f4a013a56157427f0d8c28efed65c6c67e06f9786df1fe8 |
| SHA512 | cc09080a5e12c9c67bde1bc1f76c692ac734d2937314ec050e97fc62936a7cb5e792a0262cdb8c0b3d27e63a4352a9ae169036f687a7d5caaf6a494f2563ada3 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{88DC7DB1-C5FC-11EE-A675-6E556AB52A45}.dat
| MD5 | f8075d86c71fa4fa4583cbbd227eca9b |
| SHA1 | 07503ea32f50420a6f975a3004296c3eae86c3a3 |
| SHA256 | 4c0f7dc012fd94a07c5336a0aa2f89abae9fd9279947a418a199608719a422e6 |
| SHA512 | e869397a800d50ce94aff6517fe4b1bab33d558d9589add795062e017f29f7e0d8b8b6fddc648c5365eba12577dd33dea77c45c353d2eb5c2bb8678b492962ea |
C:\Users\Admin\AppData\Local\Temp\Cab6884.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | ed6a3e90e67195616727004360b1c9c0 |
| SHA1 | 5b1324b20f9ff7046285400fcb8039af0b4eb47b |
| SHA256 | d875c875c4e1d3ead3e3d9e3e0d0277697fdf165d3ee9d0e791611541df47da3 |
| SHA512 | 4de4d56254db941730b42876ea406cd9dc280f78649b2ef980fe2b8d68a192e343329aecc8f165c57435a0823e825da0f4dc5a960f28111523231bb13a9f3d3b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 3c07ff2ed22c59cc74b22f2afee002ac |
| SHA1 | 1c1175e4685e9f22987dd4fbac9b210c3c472ae9 |
| SHA256 | 6631f9ce02015294dc5280ea42012430e04d2f07dc9c672793ea181c53e7d2c2 |
| SHA512 | 06a8b29e128229309ce0a43bba4577aa30c265718b640e8525e7e49ad3f62b9e6cbb98917891f3ec2ca682be53174344f47ef52d963f63375ff11e98cdb14ab1 |
C:\Users\Admin\AppData\Local\Temp\Tar6914.tmp
| MD5 | 9c0c641c06238516f27941aa1166d427 |
| SHA1 | 64cd549fb8cf014fcd9312aa7a5b023847b6c977 |
| SHA256 | 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f |
| SHA512 | 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | 7df0bf6e7b41d79c8359c96ae17e003c |
| SHA1 | 2aeb825a21378abe751db1d341364bd57e02b9f2 |
| SHA256 | 181c013ded0bf1993895dffd01c7a3f13d8620ace29d4f66b92deaeee89f6821 |
| SHA512 | 34169366184b5f837ba5fde71721ef553c585d76d67912a91c990dc002daef3445519ee96b5ab905c77b3cdac62ad4d1c7ace6af688131e9740c3c678a87235f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | 94692e52132d2bd9e1958919a76ef0ce |
| SHA1 | cd7f9404cb9f1bc9b8be65bb45f8e0f89d392055 |
| SHA256 | 72c109dda62418da8ba6fe045d14bbe75001c5023dfaccb2ebcfbf2cf3263619 |
| SHA512 | 5f473b57fada614fbdeb5ff0a825579734f44cdac432a8d52513e0e31c35dbe04b810d8e60805f97de520df4f56ab6f71aa88c518534be88b7d0a5afff805595 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 59bef73ce1cb1d7d55e8a9809322eb4c |
| SHA1 | 68ffe9e3ea9c09c42ee3704273e0bb17cc7d187f |
| SHA256 | f3eb86d5ebe657866b26d8d4b7c5c2d66463b652fadc8ff6f879f1cd72aeded5 |
| SHA512 | 55cf7efee8f1d8eb951cd1ab2df31ddd55bf916ede3d5530736797f28dc59774ba4f26a82a1f5b7b8105d132a615ae951fc4b68af4869265c0a72fb3c6ef8962 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6111b33e546f8a6a1f44f2afc06a13fa |
| SHA1 | ebc00851c6ef072074334854d0ebc73860913368 |
| SHA256 | 3a7dd5cd2ca4e495e2805c7c16f5d59c0dedc66be056d8d94e2a273f7c1ffb97 |
| SHA512 | 40f75469ec3e45a706973a2e18eadca357a2c0f7a597452bfa9140697c1b30481c0743a3bc0173b8cb09058230645146f8dd43b9997683f4eb6c940420a7f629 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a0182e11cf029b7e3a294a7bd2c6e803 |
| SHA1 | f055656025d656da227490c260c3d667dba87204 |
| SHA256 | a486bebceac97521cbf429e2a7409affdfe6bc7634e8607a3173d9ab7a9c8601 |
| SHA512 | 4396c80c4586e5a7d5ac33c0f9a1ba5a4b8b82427fe0da07942085a418150584afe1db0743d727613ae9032b32ebb73ead295cd5b97f0f581f889caaf2751287 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4
| MD5 | cad81fad2ab96418942ccf7a83132c26 |
| SHA1 | c97d85bfdc74d42801b06f07cb49abe262d2f549 |
| SHA256 | 343a22ce1c80b7675588c481445158ef298b35eba0c69ad47ef95ef77fbe9969 |
| SHA512 | a50c96f39626de958c7216425f52293cdd0af6635044346445d26e1f4e4985aa83c4f31f83e447ec9bc388c254755cfec083e71bfd28c4a04bbd70a82007a717 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4
| MD5 | b932ebed0109fff715aff23e5ae77d13 |
| SHA1 | 9caa7475001ab828b92e10429bc626af43db89b4 |
| SHA256 | 9efbe927aa3a815842e442361a07926763c10ba1f22656d4f6aea1a082629c64 |
| SHA512 | 73a3b8572612730a09a46218fbc52633621f35739d01bb8c6945e005d7948b52dab269d7b97bf307daa38a309a690a9b18706d44b199bed35ce7bafde024ac2c |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E1CCB52I\favicon[1].ico
| MD5 | f3418a443e7d841097c714d69ec4bcb8 |
| SHA1 | 49263695f6b0cdd72f45cf1b775e660fdc36c606 |
| SHA256 | 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770 |
| SHA512 | 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\f9yyw0t\imagestore.dat
| MD5 | e1729f3472c8d8ae72a32a6d77e90652 |
| SHA1 | 82d25391859f411d1ad0d5b5c856ac33165f097e |
| SHA256 | 2ecb7563df677d7991bba9564105fc4a75770b6f66a3c2ecfc7c3e1dbf3e90e1 |
| SHA512 | 1e9671eae566797b8e07910f080fa1e81fa0cab71c041298f214242ea68fedfd8cadc95aa7deeec15a0a102d3a4232e83b33762c8fec08fe476ebeaf2e0a8b3a |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\f9yyw0t\imagestore.dat
| MD5 | dd1650113e310aca2a284ae352f5b0de |
| SHA1 | dbaabc93340fd93faac6eff654446797a0d2877f |
| SHA256 | 095d05d942f9e2202daa761b85f82cd7d87844a3dc11ce27cd173c45f7181379 |
| SHA512 | d380574566d62091b031ac9e0fb9af11b06ce0d35ee764659c7ebd571fec958aa576d4c5f1df5ef7929895f6350a895455b5ad1fd9ea8cd5f508c50db5842398 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\f9yyw0t\imagestore.dat
| MD5 | e5bc0b81f77895d371daf655a279652f |
| SHA1 | 169f5cae67ab7f533d6f59756378ca574a1cd265 |
| SHA256 | bfa44bcbed9a5efea78572ad41c07496ef7d25e0542fe95b057bf97ad00117ca |
| SHA512 | f2584e9bd3dc0d0e445881c7e9af3dbd8a633c5b289abbb705a91f49d2047796fe5967c2a533aa029598c9c4b2583c97416aec832de0c46cf0a9489951d0d344 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U1J1BPYJ\gB76kJXPYJV[1].png
| MD5 | 389dfa18be34d8cf767e06fd5cde4ec6 |
| SHA1 | 47b751cffab47d076816c63ce08d3e84600376ee |
| SHA256 | 3c45ce612f41b1e7936e7cf5b235047344fd3146d1630e342f186d1d1e8e00d5 |
| SHA512 | c4db18f636ad85e87f93a208fb4b02b528659ba367e51cfa6d7826ac1159f445a85fbca8d12ac67556e8fb5208dae24ae309e783d50feb088ef0e9f47ac19430 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\XQMFFAWM.txt
| MD5 | f5ec8932a665405a5db236e5e2a2005c |
| SHA1 | 54f5e2040fa087336a3b7dc42d6fbbac2cb5e83e |
| SHA256 | 1f6be1cffe419f7955e8a1f632f9c722cbdfe02b25bbc2f682d00ead8e4f1e37 |
| SHA512 | d0a0ae406c2077352d4e66bbc1946d178635170ce68600ee450bd3a032e8cf41f06066878b471a784cd1546e737a8f9c6d462be8535b5610ea090d36cc1f4c25 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752
| MD5 | 6a41995a1367f78186db2d0a673e5ae9 |
| SHA1 | b64ee88fd1b389d3719c25cd91ae8c60eb878169 |
| SHA256 | 3c7c286afa1d168b88b6f88c0930fbe88d24faff2a8b83d091da542efcf9abd9 |
| SHA512 | 1b4f74ca7da06252d328106f26017add154a12196a62e3e39512e5d031dfffd07b1cf94c6acf8aa61c33f6733f121e6deb584f61b338be6f5aa7fbf8614556ab |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752
| MD5 | bc0cd685752afe0c38084fbb5292ee98 |
| SHA1 | 35194d4343252fe2c6947d62fd67457efb79d7ac |
| SHA256 | 7fdc7579c3b8cbd6bd686d660635eadf254e8fd1ee3e95fd8a2f5ac422dcde77 |
| SHA512 | 34cc441012ae1fa71d1e9178021c308988b5ff2e4ae4a9c6a6f17c78ca0bb1c38e70c4fd67bf7cd84c84f20eaf12f702beb30127788fecc2f75d07c9e93ed397 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c4bf108615744321e2027d23f6b236c5 |
| SHA1 | 124b0c56de10c55e4f58cbf1b8444508e61cf46c |
| SHA256 | 7ecbffbff39c7c9b77ce6e0382a7c759b8bd5f007fdd68d9524187d2977f1b18 |
| SHA512 | a502bf196896b3f251c12529219ca36abd4c17821d3a95d170c582e5b949263ba797a49e03b508051275a43288dbfe38d9dd7b6fb9111e71ef825840893a0127 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 642dc959a62fd600eb0e69e99ecd0697 |
| SHA1 | 7b6e79053992dcb3103c8fe1f2a8001d8ddbd800 |
| SHA256 | d6308a4850a9dbb4cc5a66016e479425f3d3af54e2f43c4692f05d824ec84cc4 |
| SHA512 | 509d41bd4ac528eb70b3d45900a302041d51b45f0d8ad211c22f3081a8522decd096dc93ddf6e7fb6a552ff84120c53dee6014cceade56f5eeb2f8e319d20d57 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9bee3ae51593cc71db8d9d51dceb772b |
| SHA1 | 968ee22e1c13c6aaf3c12047a4f199a2a615590a |
| SHA256 | da31b1cf77fe9bfae6f62b462c46d83bf341216b609769c345c8d0ae98dc0d21 |
| SHA512 | 80c6f4b966c35b22e98568347cc29cbb855372addde8cc3b0c12044db6e3e41e624d59f4d610cee38744ac2a540d68a8ff76e7480e109487513e68d80aa0cf84 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | de00615370aa90a971bc8dd3d1e3b462 |
| SHA1 | c5f38912839548da26dee1129298ca30745d5e49 |
| SHA256 | c486414fd73425e594468c7fe976e661659c50f9fa23eb47cafc7eb6f1b3aac7 |
| SHA512 | 53fc3f623dc2093b525e899ed15b78948120d8cc840f044897f46ccfe8ae541ab603fabd1de57d34ba0a9e6a0ec42cdfedaca48756bd6ec01c3c77f82b9f0d4c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c2143e8e153ce960e1ce43f3a0b99058 |
| SHA1 | 07ab1291d3c8c419145452365d24e916d4320d57 |
| SHA256 | c9a6b6de77c09a6dc5050def7d656812ce36a12c4b65d656122664cc8f1d2b12 |
| SHA512 | 7d9c0b040ff74254f62a4169e9cb3d4323a2993df3c7c66e1cdcb1fd50e38ffbfbba6379e96167f0527704d2c5ce06d7d30c0022e5f5e2895b808025ec84d022 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 503a27cc814e07dfb13f3546644ad989 |
| SHA1 | 0f0cfbc6c504aee553257352a4e1dd7275570251 |
| SHA256 | afad24c11c5303f4141c9f38009a089bc8100d0abe837c82b878c6309a3af927 |
| SHA512 | a9734b80302e0791fbf8755289770403d356a8bf9ed6d1cd253793e2c9a74fedfbdc541a29f868f9072ae6198e97b4664956c7a6ddf5efc577b23dbb47a96f77 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 36d572f778083c2809a76d61cdccca0a |
| SHA1 | c2522735a908ab30f59e4fbd3fbb6f5891331d2e |
| SHA256 | 81b9778710c12cba1f679b38421eb1dae2e1b18119e9adbb519f719dfaf48e39 |
| SHA512 | d774017c9bec2ef4bfea11ff4f8a28a96a2354c836d956dfe4be64cca1b2cd64ac026044f9d7bf84dfdf10cffb3c141facd0fc12f9c27283f8a4a51d14dfb7ac |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 640212ebd4d071b232b25692efd5d71f |
| SHA1 | b2f6426cf095b5d03baeaf904e118b0157043980 |
| SHA256 | 493556164f151a2e63f62d923ca53667c2a7963ba739d1eb7b36f1a4f174f018 |
| SHA512 | 0c40070d8e8e46bc4a729820a87eefbbb54603eaa8c052769d71420da6d325810ce40b429bf279f08ee5e938982f5622c209a48ce49f8592c06194bf9f7d496e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 644bd56a60cedd8b05bad2b2dd0e8bc3 |
| SHA1 | 278c13ee0eb0dc0ae4334b3e78d420c15cbff1c8 |
| SHA256 | 01fb0358de6516a83e139140c0af543840821bf76c696cb5a76ee9abb1d984f8 |
| SHA512 | 640052aa6d0c251b655a9b0ccd25778a45a549c06a7313d45c719b2b552787665265cb5d9517e398e5308240b617c9f5c02e80ac528bdbf3ffaab54cc93359b9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 92adfeb3decbfda9e1c6aa03b9be9158 |
| SHA1 | 7b935223b77bb01c1a337626182de471bb89ea7b |
| SHA256 | 1a8f8574b6916427c1137b913bc3866370338d74d3afcb8c9694d1ab31e50c57 |
| SHA512 | dfbcb59ba1589984904cc480e307216bba0383e839c1c776ebee72e38cb0409fcbdb3f4a3e026fe319d029302b4b6f49600ebbe674215651471d501b67a0294d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5d0fa393ae0779eab5ded7d165cbf0a2 |
| SHA1 | f726ba27f3b67464f2e3a874dd8ae25f45fc6329 |
| SHA256 | 511be3618f254e8d055f02680326bad322472da0f95a5643d5826dacb775ae06 |
| SHA512 | 09177aedb5188aec815ba8620287f82b1f3c3a4a0d92511154376331c20f74dae495451e020d33656cd8b1b0810d3db1dab7b84233e9af380b1b7867e36bb0c1 |
memory/2228-789-0x0000000000DE0000-0x0000000000DE1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 39ff684cd3d1d94c2fb6b46100f307d8 |
| SHA1 | 132f5fb5a6dcae572dbd0ff97eb367dbbb9c87b5 |
| SHA256 | c872f03f360cd719310fd2303105d47b8ab815561280819e5fd03241e8029959 |
| SHA512 | 419b717a78bfa29fc5f8d45515e1c50cbb2afb8702b5b152c9833c63b25f951a70eb0f2c7b32d6ea1ca747175753e853d62629ef51eddf91ea59072f6e8a0cd5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | f732dbed9289177d15e236d0f8f2ddd3 |
| SHA1 | 53f822af51b014bc3d4b575865d9c3ef0e4debde |
| SHA256 | 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93 |
| SHA512 | b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 16b7586b9eba5296ea04b791fc3d675e |
| SHA1 | 8890767dd7eb4d1beab829324ba8b9599051f0b0 |
| SHA256 | 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680 |
| SHA512 | 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771 |
\??\pipe\crashpad_1536_GVAJYFDHIFQMQXOJ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp
| MD5 | 18e723571b00fb1694a3bad6c78e4054 |
| SHA1 | afcc0ef32d46fe59e0483f9a3c891d3034d12f32 |
| SHA256 | 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa |
| SHA512 | 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 8549c255650427d618ef18b14dfd2b56 |
| SHA1 | 8272585186777b344db3960df62b00f570d247f6 |
| SHA256 | 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13 |
| SHA512 | e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | bc6142469cd7dadf107be9ad87ea4753 |
| SHA1 | 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c |
| SHA256 | b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557 |
| SHA512 | 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 803b366d78854a267e1a545e4fb2a4b0 |
| SHA1 | 06ad18e19372b2045b0824715daded75ade86857 |
| SHA256 | 4bea3ed9113cc217da909d39e240f437e7fe5412ee29712f0ccde2d1b4a117eb |
| SHA512 | 0a4afd3254dbddbc4aca3b98e85b3ef249e4068b093fee879ef06857e3ea498cf8f8074e95cc64aaa7b8f824f57ec8eed73a9fb21791edccd3143d9c450a4f73 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\12728d11-889d-4f2e-acf9-83a4b11a9051.tmp
| MD5 | 895259f4a08bbfb20360384c2ac1f09a |
| SHA1 | 8aff76fee918d18d2acaa93bf64e94e8a6fe9406 |
| SHA256 | 8860cdef6e20b4b38cebe3390f32c65f733f51d04efa2f9345371c3fe7db9898 |
| SHA512 | ee03e1234641ac2a1f98e81df1c057db000524be363bcb4d4b805bc94048d2195f21bc75da6ac5905941774c5445b95136c75828bb4310e6e8c20e5b4e9d4073 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_5DF872FD70B73DFE5D4C6BC4C26F7C22
| MD5 | 8833ace222b15bd8ee8fa0d859c1c0b0 |
| SHA1 | 94b53265a53df41029efb5d640f8c3bcd9468329 |
| SHA256 | f4af621f1529425ef7f196c3bd180b269b7884290d2c6501f9937890519f5fd6 |
| SHA512 | 41494718f904b8d0f844d0f6a0b7ce190e3e5d2a9c26f2e4068b530401d996f8c9c30cc59fccc950eb2d8b222a889bbb36bab20583905d83b281aea6d8531c97 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_5DF872FD70B73DFE5D4C6BC4C26F7C22
| MD5 | 386a14d539e6e5389274f2f999bd859e |
| SHA1 | fef458df5e93770d68e2f3dbcccd88f58dd977ab |
| SHA256 | 77976918914873836ca4f608429dd8288e5c412aac1b4a220bf9875b23f2bca9 |
| SHA512 | a20250f4b712dada9d559481500c5e43e95a50b53993db70e23dc786dbd889abe6b318cabff801693899b93958701a1bf151c3116382bb55277a2efb93f23a9b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
| MD5 | fb908a10ac0c109f344b7c11dedc2ffd |
| SHA1 | 8af77beee499f2b26dbcbaa5ccbe49b33fbe1adc |
| SHA256 | e66c3986512a7e8988bda191e407e2fb395603bc88d64c626b34b0fdae398642 |
| SHA512 | dbba53551eb1d128f6e754481221cd6085885211f566a75d4081087864d5b6213bfa8b062f80b10f8f788e0e82d3553dbe1bea055ade03214851cf575dbb4b95 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
| MD5 | d035405822364cfd4d1012fcaf19398c |
| SHA1 | d2b588ddffddb22682fd5ef80e9e60ac0b208bf5 |
| SHA256 | d5ecddfc8b14b6ccb94f635d250a15108cabbe283614c06e9aa0239de27da9ed |
| SHA512 | ea030e9fd1b3be7385b83a8e07294e55c10c7ddae01e21cc2c9a218b2ed0b7bf79a1a1ebe4a671023e06b121b9fe931bae15e0e6ac9eab4134674f5350b8499e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486
| MD5 | b079bb55d22cefcee13770880c1432cb |
| SHA1 | 8507ef101cc4471652dd88512990a9c1360559c3 |
| SHA256 | f80de1f9b8ab5a10a275a21389b2dcfe166b01fc8a560f276aaf024d34799ee9 |
| SHA512 | ac9619242d028c168de40146f054a78c0dbe4c7ea98c0c9c8b8d3b1674fc5b4fbf79ed86aecaa76deb0f3377edbd129b0ee351ff335226a74e6d6aca0b3de845 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486
| MD5 | cdd47269a9649c9ff29a4895adc4a4a3 |
| SHA1 | 59faa717b17fd3632db95bfc6610545a48f5d901 |
| SHA256 | 835fb94b2a76af1a21b68ea31d0dc79568dbacd126db541bab03be70147431f0 |
| SHA512 | 449d2c6f27cf3f5ca865dfa7a5422bfb08c1b40399cf56ebc57ea4b73d265fb935f228fd068ca209a2f2ea15d93a0d1356db6dc0d54cee1d1b7979f9d1afc55f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\datareporting\glean\db\data.safe.bin
| MD5 | cd478ef7eb5f07323c6bcb8a9216ff8e |
| SHA1 | 5aefd0169a461722867cdc0ca6ea67b3d5b020d7 |
| SHA256 | 84e3852bfbcf9365721ff69e4b42d830746ea9aa651475ae12680fedee56bc93 |
| SHA512 | 56460c08175f0332246ec814a3f518055ad4b1f90ebab0be2e397d4b1583aaed51d447048bd397036dbb53e9526bd9c90acd55e2216d3353271c6c10b350fcc1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\datareporting\glean\pending_pings\42f013f7-1566-43c4-ae71-6876180200cb
| MD5 | b5bd040b4154ba09ebb58a9094d0afee |
| SHA1 | 9c65c1eb03305ab30b305c9b747966a315ef5471 |
| SHA256 | 4848554d9720cc93be9747539968de4938fbbc4210dc7be1ff88f50fbabfae9a |
| SHA512 | c2531220d7fbde37cfdc854bde2823f6d304f76497e4c8ae7c0dcb7f23199099d9059593572e20eef4ec4057170efd14bbcb2098dfdd250da87ec9ea8776f4e0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\datareporting\glean\pending_pings\41739d37-cd37-4a58-b5a9-a418abb8a1cb
| MD5 | 86b23c9f1a2229954839d3f009493793 |
| SHA1 | 5ee8e6d0e56dac9b17f191c1c1774fa70a9fbd87 |
| SHA256 | 8a5a6efec46705fcc455a8303243ecbb07c15f7e30df5ed1d6d8f2ba103c736b |
| SHA512 | 9ba7cd27271ebf46b065793685c252c9a466a72793cca104f1f642606b38b00ac66c9165f14803831ec0d7ca26ab34d63a900e0dfaf808c47178c351af0c6387 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | 1a3730d2c03dc5dd6ca328fd31ffae25 |
| SHA1 | ea5ee0830758e5e374b9b6f4ea53c70e988fd1df |
| SHA256 | 012dd7b1a2c6393f6d04e1dc1a0785c8bf243fc9afe8f36c1ed5915f164e6579 |
| SHA512 | 2643624c1f3dd3f16cff9dba22b70f926e2aa24478d90bb8392cb563d401ec20cf7377a2d8bbd2f04f662abb7271d1167a064a5813fb58175ec2cb352d6ec5fe |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\prefs.js
| MD5 | feb8dd3ae4bc44f16203e56fa622eca4 |
| SHA1 | 70af4350ff9c320a5ee3bc684c981e364bcb45dd |
| SHA256 | 0a6e1515c616cbfaaaa84b75725001e3f20848964d362b113c29af4cc2b67556 |
| SHA512 | 7aae805a667232c0b2f8d1d75ed7ae377456bd44b7481726dfca896d4e213aaa6ffa622d310cc4bda6b01cb046333c2d992df437b5b23b7ffbe2fc904f8b0f6e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | bb36dec5c4b77141a03f48f5bf1b9419 |
| SHA1 | 78ac8c1a44999764676e4913894573de3c189ac9 |
| SHA256 | 41613ad7c6f7c252ca942071f8e3137692aedf1caea16f928aa00a2d7756cda9 |
| SHA512 | 0393e1711948479c80700ceae697d50f476ff364a3df0a6258e9e783a2313e69ba39a6e7d65c36da780ffc1b4c15b4bcd7bfedc6e42c8e5eddeeb259e3a4cf3c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_1C8038BAE9D4E52C4463A14FAB50BBA7
| MD5 | 795f8866e12adcec35ddd45f5f14f07c |
| SHA1 | ad5c1d159764ef682e4c89ebfbf2c2f785cabe5a |
| SHA256 | 25252fbb7ee8490b485967aa6eae5fe09d342fec37d4c2e571fb57656814965d |
| SHA512 | 7f13c760a2e97636a3b24917c694b9ef5d2b6865c27f774bb740d9d65ce61ae94b94827dba36fc1a70e7b79f8d888926ba1c652ef005829cee34331b662aa0d2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_1C8038BAE9D4E52C4463A14FAB50BBA7
| MD5 | ecf0f729cdf95a06adf44b317c88a337 |
| SHA1 | a44e22eb35e60a9ea6c89f13cb545942f21bae87 |
| SHA256 | 1b3dcc1d982ebf91fb7387c5adf53cab94b3e405af44e5c962a42e3c4b26f711 |
| SHA512 | 5564885d86196efecc02cf1ec7fa6b94ec97c0b3e3cf87a467b3940934da3df4d2a8ab4022250cf59b687cab5f2021befceb59b6ca24e01fb634b8057201d045 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 8b19a4b9d3818b3c0e97645e635c369d |
| SHA1 | 7b7bedb4485412052e5ab3d6207704904fb530d1 |
| SHA256 | 6c305b0a5bd1527e93b40018fe1de162409adca2eeda171f0b00d93bd3fea55b |
| SHA512 | cc744ec436e2f7bb42eb3f17e485e153905cb6b05bdb921573ee0f782f16e514569d63594a76e74fd9c66aec3d11bc6bd8ac36415e7feaa8a82f4316ce959728 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fc96d4d505812a0bcb9fcc39e6fe697d |
| SHA1 | 3f922a520f403108273132dcbfbba497812eb93c |
| SHA256 | 83cdcd483538f0dea76c86ea793dbf8b170aaecd17ea63d9ee1acc4a59598e55 |
| SHA512 | 365877a65e8acd97b44f709243b314c23bc5d8f6eae87cb0da9a0830ae681999760beb2544e99149d300c5c8c68983ffa90afea903cb475accb928ab0108d442 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\prefs-1.js
| MD5 | 3b189a5da451f0e9f79bb0d1b9260557 |
| SHA1 | 4bf5bed0be39058578dd104210b75b1a3827d16a |
| SHA256 | 7cda97689390c387657f394f49ef2431148d9eb80600b9cfe92e439667acd5fc |
| SHA512 | 8f72c7ae962c60417813433d7010c96898173ba4cbe9bf8a45b86b1df5ecaa8f0073c2f8fbc86f6e4933ee6f00c3366e7505683dbe93703575399f5390bea178 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | f2798203c01f560b5dbfb278e67fc103 |
| SHA1 | 1b7c23d587f27f04a5794f96ef01445638e8fc29 |
| SHA256 | 3795556c0460e983786f42ac291480804b237a66a41e32145d48c2487eee888f |
| SHA512 | c77fa62cc57f241828eae3468cf840725d1e4258e61e21b2cfaa8614d07a4217260e4d0e5550912dc159cc73f852b1de04b9b21722886c014ed09e87a2e0566e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d72452cd827d9902f3ef4798e5b19c2b |
| SHA1 | 458b721418bedf5aac114b0f6d29e3630abcb761 |
| SHA256 | 97d2e973d77bf71147cae07ef1042aef71bf4f326d577c2b6849b760ec5da9e2 |
| SHA512 | f13b7f35f2d5b4c0a680b283a12fa79899e836c1680e58137008f659db335718df60abece24b65d443f861eb23a709ae9138bae862495724553d3ada3afebc2c |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\prefs-1.js
| MD5 | ab9c976db612cfff5dcf045b71ecf515 |
| SHA1 | 69c2af5e1388c649d667fb0867b06b355259fc59 |
| SHA256 | 5830ce95c07ede714d9bf76deb23a1fd5bebf829b96930cc0715e86e96a6d6f7 |
| SHA512 | fea5e160b2e8f3dc77c102fbc45ca8104b3140324afda95dcfe2de3143d530a29dbacb1c243dc3fb61c8bee17f9a4f7cc954885590f33393d575ebafcb3b5d03 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 15327d71129550fbb1013e7001b53fe3 |
| SHA1 | e3ce7f28ac8699d95b3130b441c5e7415de3e978 |
| SHA256 | 6269a62210bb25dbe9e1c88f0e2d8c9148b8384d67d9f6d46982071abd78d660 |
| SHA512 | 951eb8983acdbdad2d1937f19a6739064333e90ad7d764608700b7b1b21274d9caaee2b1e54091d949c325905ee9b878b3a999f6226c212bf348a5ad7a5c4907 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | b22a8e1612b0f404e6e6503b0dc17a63 |
| SHA1 | b47e9c6ce2cb99219ece4e269ac1078f365f1da6 |
| SHA256 | fc67b459a82316cf3923dd9f6dacb9a7ac19349fd4da1fa851e948f8250b4bf2 |
| SHA512 | e028738302912eb6191391a45661e0b947940e482983123731f9a8891757761873cd417d24e47e8cc5ade664203540a6f78c9baec05e6cd216730ddebefbc63f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 946534f289717e304b4183ddf208a4e1 |
| SHA1 | 8027d8cb6cd08654b4e65dbc13ae4b759b7daab5 |
| SHA256 | ad3455b3d692fab6002ba8d988fd2ed175a5605b689228b7a9537cb6aa199f01 |
| SHA512 | 2b02d7de81249f04698cbcc2f3f3a74f69cce8591dc3bf0ac8b8d6d6c3164fecc5404944563552f8ccbaffb91bfe172943041c1e3f5969964ac65316a2735314 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 99c1b6c73e4978d676e218f16959ee15 |
| SHA1 | e056e78368e11edbbff77876ceb227ed9e33c269 |
| SHA256 | a5c6193cc45ad616a5a5bf69ab4be62b10f7db45b363bbd92a86500dd3fb646e |
| SHA512 | 8ee3adb3f3306216104af065b2595e72cada3eca879ab11fa73a0ba6c7a8a319a7cd2c6f6eaba8a20464e25b230d48b3478013a10658ae3da167ecbb40b72097 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\f816329e-6dcd-4ab7-9aef-3ebd89f057ca.tmp
| MD5 | eab2a0c85982ab127d12bc0a3edfe520 |
| SHA1 | 6210028d8aa0f258db80ae9a9f2c0c13dd15f5e2 |
| SHA256 | 7eb6c8e58bcd90bd4310cb07dc68496c4927d1a9c419f0074d925a63ff99bbe3 |
| SHA512 | 736178e0cfca7d4ade33dd21305b828c9cf4c31063422f7dbd161a26facf30fc825fa9343fe4bce1c756c638be01d2a180c1a39b7b571ee75e83a1f4cce39337 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bbedba2532b29f6e27ac895272628da3 |
| SHA1 | f1ea48f051ad112eef297f551adfe6d552626d80 |
| SHA256 | 29661e0b65870cc8182bda66070030b0e4e26c25d44d8374f7dfd571d4a5ba79 |
| SHA512 | 6b8b928c3df9eaf7d459d513c8c6fdf4a1a0662ec1eca69abc88e572d79acaca1b1054fbd239c857dfecbf5280f2c7516dd79bd8ee52b90cc18081471832f50c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3045534b2b52094a730f3c1b6811849b |
| SHA1 | 758ad890304b9c1a4290f67150ca41488a39c5c3 |
| SHA256 | 5468b8fd10e80a477df904e69eba4da0112b19a9aef94f4ccf370261b28579ca |
| SHA512 | 7f6a72ad079c2accaf48bcf56d40ceaafd3f6205c7cc2f4da95ab1934308b4dd35f27cf706117c17a32389e873f9743aa9644b723127f80c44b92a1a19a8d37a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 40815dd01600703b0a2c27acd7aeaaec |
| SHA1 | b000077aed479db9dd23dccf6cb18652a0da4ea3 |
| SHA256 | c4cbe3c60ec415252d1ff695d5de4ba91739846e1b08d681e555a19acb1ac2fc |
| SHA512 | 3d3944cf080323a33e37853c5a7d9ecf790d1151e04dfeb77fb4e5c44a4996155b050682a2b35fc3271b307dfb3ea51d6f31a61c7dacfa84c674227dd3adc3e4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | 77bc33cc30296a18d385a7294b2bf8ed |
| SHA1 | 04399313065912a69f5841c82096f8775364e85e |
| SHA256 | 8c9cf3e347a24a510edc2e0e88337590e501053083cd1f60e1df160f751bce0f |
| SHA512 | ef43219ec6d4ceaa6aba3cd46e3f3cdf4a4d3feb87ad8d523da14c389dbd992b724f444dc06120aeb180415a064d6c7ce40c7be0dad8a5edf5948ce401e0e852 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f8326dc9f6713bed68018630fffe1f1e |
| SHA1 | 2818720204b50c2c4e18c83e838f6d961d083975 |
| SHA256 | f240a37144edafa99fbe7bd3f85aa1a53c8ff28c5ab9fd16e698542cd319e109 |
| SHA512 | 6aa8389ccda818af25f421adc79c07ca55771195daab1215dd3dd8684a721b1e149db77b79f7e9881bfb2e6db88ca34b492e76d44dc5742c552e06c6dd00b575 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7251b64d210e3d1c8fb057459db1d0bc |
| SHA1 | 484242cb46a0e5f826f02a903d8252ce14f1a189 |
| SHA256 | 56a06bea5a147a59ef822eaf30815580ee3841c10c65ddcee2ca1fb2f29e010d |
| SHA512 | 1e09137419e9eebab7f841a58893e2634550b22796eb425d134c80fae35fe47cd0ebc6062042bb162f6ec90c23889b03595773af98c2139a0e4008a21b97eb83 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e60da53221be79cf04610013c641b2f1 |
| SHA1 | f7a529924c2e75d0b2a5eabcb6d0615315cf0c8b |
| SHA256 | 2b8a179a6cf79ddd9189b268f3e4ff31af68a349ce270390cae0f1c24ea6a75b |
| SHA512 | acbc5f335889dfd70c59572830b13d5108217bc65d6f51ee1ec236645f8c4281d630f9d4882d6622ddab1cb39b68ddb5dbbd5d6fedfb1afc69f94979978aa9f3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | f7141f0c3b0300cfdf7da5b44e387933 |
| SHA1 | dfbf8010d90cff3480a3727895af10f2e25b4833 |
| SHA256 | c5e901bb707f9f15c19b2da2d78d50df4aa67d49bec12c0787d6e2e5d5eae751 |
| SHA512 | 7e0dcd6a3d97cd96126b9dbff56b7e6954c1ad374d556ef45b1a5b26621cb041ca356a1f740d20762aab719af2cebafaeb338e50a0649b5ccd707e8d24fa177d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | d39b39c002f0fe8fe7c6359a0dffc55f |
| SHA1 | 55890778b48d4b99ce5fa942ef2b59d1e478071e |
| SHA256 | bb59f10e3c27e626da2ee1bb0cab4161139fe8b60be08d23d62b0d6ed56b1788 |
| SHA512 | 124585aba26ab065db7dc1461443964db60bba5c77acd212850dcd484452adbc0b539cb4f84a239aea218ce280e26645b4145c8e8fc031571661c0d757990f5a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\v0rbzz8n.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d403865b5fd616b9b043cd9f9f2be6d5 |
| SHA1 | 593ecfb0cd1f9742d0165e65ddbf5bf2f6d184fd |
| SHA256 | 2977054894383e16c8d87816c039507b512b875f74643d2ea940b2f405e6b9c4 |
| SHA512 | f309aa941e2a8a6484a4d09725824c0be6a7212fd93943c99edbfe807097fc55013b7c4fd7b528dcfc1a26097366ee9b73d13c3c8e9b14b77c38f73c1c6ad8d8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e429ca470ca1f892999867a9d5a266eb |
| SHA1 | ac2450887ebb6f01a27d3ecef87446e71075dca3 |
| SHA256 | 0dcd914f5c19a28e23cc04e2c790c4e94a10aee7eedadb27bbc6d4156d8fdbc2 |
| SHA512 | 44cd6992d333539819e6d50fb2899f7aff912e447be74da5604d11ffed0143195612960fd5aa2cfa35e8767bab553ff94f12345122917e74c31a7e9e9a0cb062 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-02-07 21:04
Reported
2024-02-07 21:07
Platform
win10v2004-20231222-en
Max time kernel
149s
Max time network
154s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3803511929-1339359695-2191195476-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\5f6287c9f1b5a24d70fdb7d13925d2e4679abd082690feec77be51d54181112d.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3803511929-1339359695-2191195476-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3803511929-1339359695-2191195476-1000\{32B7CB3A-1E56-4CB1-9A5B-5CADDAD84513} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\5f6287c9f1b5a24d70fdb7d13925d2e4679abd082690feec77be51d54181112d.exe
"C:\Users\Admin\AppData\Local\Temp\5f6287c9f1b5a24d70fdb7d13925d2e4679abd082690feec77be51d54181112d.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/account
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ffd08ff46f8,0x7ffd08ff4708,0x7ffd08ff4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffd08ff46f8,0x7ffd08ff4708,0x7ffd08ff4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd08ff46f8,0x7ffd08ff4708,0x7ffd08ff4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com/account
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ffd08ff46f8,0x7ffd08ff4708,0x7ffd08ff4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/video
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffd08ff46f8,0x7ffd08ff4708,0x7ffd08ff4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com/account
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd08e99758,0x7ffd08e99768,0x7ffd08e99778
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ffd08ff46f8,0x7ffd08ff4708,0x7ffd08ff4718
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffd08e99758,0x7ffd08e99768,0x7ffd08e99778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com/account
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffd08e99758,0x7ffd08e99768,0x7ffd08e99778
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com/account
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2100,5142662345310993542,9369302286842634667,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,5142662345310993542,9369302286842634667,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,5142662345310993542,9369302286842634667,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,3225691061046949988,12523541700539108597,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1816,17931456407392227789,10106403924858765561,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 /prefetch:3
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,5142662345310993542,9369302286842634667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2104 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5084.0.122638664\377114032" -parentBuildID 20221007134813 -prefsHandle 1848 -prefMapHandle 1836 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {11791c15-d4d8-4d36-b568-59f1b1534e5a} 5084 "\\.\pipe\gecko-crash-server-pipe.5084" 1952 1d66b7d7958 gpu
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1444,15491626207098524771,14675018620997872968,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,3225691061046949988,12523541700539108597,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2156 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,5142662345310993542,9369302286842634667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,5142662345310993542,9369302286842634667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,5142662345310993542,9369302286842634667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2028,5542296922664613636,5499748035697352582,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,5142662345310993542,9369302286842634667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2016,3138124771780122775,1613166926307767714,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,5142662345310993542,9369302286842634667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4568 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5084.1.694090230\2077544330" -parentBuildID 20221007134813 -prefsHandle 2400 -prefMapHandle 2396 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6485a927-7041-45e0-8ea7-8399b8c2ac4e} 5084 "\\.\pipe\gecko-crash-server-pipe.5084" 2436 1d65ece6358 socket
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,5142662345310993542,9369302286842634667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,5142662345310993542,9369302286842634667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,5142662345310993542,9369302286842634667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5836 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,5142662345310993542,9369302286842634667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5708 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5084.2.989526075\1410798487" -childID 1 -isForBrowser -prefsHandle 3104 -prefMapHandle 3100 -prefsLen 21603 -prefMapSize 233444 -jsInitHandle 1356 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {726a5650-5e54-4d51-af35-4793e8349974} 5084 "\\.\pipe\gecko-crash-server-pipe.5084" 3076 1d66f13d358 tab
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,5142662345310993542,9369302286842634667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=1900,i,13512852158313548562,6101279645566488801,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1644 --field-trial-handle=1900,i,13512852158313548562,6101279645566488801,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1896 --field-trial-handle=2168,i,14295884961836393889,13760915769965910517,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1844 --field-trial-handle=2168,i,14295884961836393889,13760915769965910517,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1632 --field-trial-handle=2168,i,14295884961836393889,13760915769965910517,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3008 --field-trial-handle=2168,i,14295884961836393889,13760915769965910517,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3000 --field-trial-handle=2168,i,14295884961836393889,13760915769965910517,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3904 --field-trial-handle=2168,i,14295884961836393889,13760915769965910517,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4056 --field-trial-handle=2168,i,14295884961836393889,13760915769965910517,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1868,i,17786628884181160445,4841543071169965919,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1756 --field-trial-handle=1868,i,17786628884181160445,4841543071169965919,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4876 --field-trial-handle=2168,i,14295884961836393889,13760915769965910517,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4920 --field-trial-handle=2168,i,14295884961836393889,13760915769965910517,131072 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5084.3.1638652320\159121816" -childID 2 -isForBrowser -prefsHandle 2916 -prefMapHandle 3368 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1356 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {129c3f48-bd17-4f98-98ad-fccbc5e07b32} 5084 "\\.\pipe\gecko-crash-server-pipe.5084" 3144 1d66fd44958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5084.6.1888051838\478715394" -childID 5 -isForBrowser -prefsHandle 4348 -prefMapHandle 4276 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1356 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e1713730-0f19-4380-9fce-256efbb5b23c} 5084 "\\.\pipe\gecko-crash-server-pipe.5084" 4268 1d66db8b558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5084.5.1806539890\290045184" -childID 4 -isForBrowser -prefsHandle 4080 -prefMapHandle 4084 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1356 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1212d5f6-993a-4517-a498-6e47b9b1e590} 5084 "\\.\pipe\gecko-crash-server-pipe.5084" 4072 1d66db88558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5084.4.1989003689\920018230" -childID 3 -isForBrowser -prefsHandle 3924 -prefMapHandle 3920 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1356 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bad5bf7a-04d2-4a85-979c-605d8302ed10} 5084 "\\.\pipe\gecko-crash-server-pipe.5084" 3936 1d66db8af58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5084.7.435083871\2122197219" -childID 6 -isForBrowser -prefsHandle 1208 -prefMapHandle 1204 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1356 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3bfbef1b-c7bc-4f95-9259-ae9629fa5a5a} 5084 "\\.\pipe\gecko-crash-server-pipe.5084" 3760 1d65ec62b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5084.9.1238798187\549410122" -childID 8 -isForBrowser -prefsHandle 5996 -prefMapHandle 5992 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1356 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7d5ee35b-229e-4b53-a60c-38db07119a61} 5084 "\\.\pipe\gecko-crash-server-pipe.5084" 5912 1d6726c6858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5084.8.1597385199\786878492" -childID 7 -isForBrowser -prefsHandle 5820 -prefMapHandle 5784 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1356 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {702aad48-8380-4e5d-a967-cc653073a7b4} 5084 "\\.\pipe\gecko-crash-server-pipe.5084" 5800 1d6726c6258 tab
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3276 --field-trial-handle=2168,i,14295884961836393889,13760915769965910517,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3220 --field-trial-handle=2168,i,14295884961836393889,13760915769965910517,131072 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,5142662345310993542,9369302286842634667,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3924 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=852 --field-trial-handle=2168,i,14295884961836393889,13760915769965910517,131072 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.179.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| GB | 142.250.180.14:443 | www.youtube.com | udp |
| GB | 142.250.187.206:443 | consent.youtube.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 35.147.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.242.123.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | consent.youtube.com | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| GB | 142.250.187.206:443 | consent.youtube.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.147.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 216.58.212.234:443 | content-autofill.googleapis.com | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| GB | 163.70.147.35:443 | star-mini.c10r.facebook.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 52.24.144.241:443 | shavar.services.mozilla.com | tcp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.107.243.93:443 | push.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| GB | 142.250.180.14:443 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| GB | 142.250.187.206:443 | consent.youtube.com | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| GB | 142.250.187.206:443 | consent.youtube.com | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| US | 8.8.8.8:53 | 241.144.24.52.in-addr.arpa | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | 4.178.250.142.in-addr.arpa | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | accounts.youtube.com | udp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | scontent-lhr6-1.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent-lhr6-1.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent-lhr6-1.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent-lhr6-2.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | scontent-lhr6-2.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| GB | 163.70.151.21:443 | scontent-lhr6-2.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent-lhr6-2.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent-lhr8-2.xx.fbcdn.net | udp |
| GB | 157.240.214.11:443 | scontent-lhr8-2.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | udp |
| GB | 216.58.212.234:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 11.214.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| N/A | 127.0.0.1:50208 | tcp | |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.160.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| GB | 88.221.134.155:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| GB | 172.217.169.46:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 172.217.169.46:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r4---sn-1gi7znek.gvt1.com | udp |
| CH | 74.125.108.201:443 | r4---sn-1gi7znek.gvt1.com | tcp |
| US | 8.8.8.8:53 | r4.sn-1gi7znek.gvt1.com | udp |
| US | 8.8.8.8:53 | r4.sn-1gi7znek.gvt1.com | udp |
| CH | 74.125.108.201:443 | r4.sn-1gi7znek.gvt1.com | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.108.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 16.234.44.23.in-addr.arpa | udp |
| N/A | 127.0.0.1:63632 | tcp | |
| GB | 216.58.201.110:443 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 155.179.17.96.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | consent.youtube.com | udp |
| GB | 142.250.187.206:443 | consent.youtube.com | udp |
| US | 8.8.8.8:53 | 79.121.231.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| FR | 157.240.196.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | 35.196.240.157.in-addr.arpa | udp |
| FR | 157.240.196.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| CH | 172.217.168.67:443 | beacons.gcp.gvt2.com | tcp |
| CH | 172.217.168.67:443 | beacons.gcp.gvt2.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.168.217.172.in-addr.arpa | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 142.250.187.206:443 | consent.youtube.com | udp |
| US | 8.8.8.8:53 | 123.10.44.20.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 8a1d28b5eda8ec0917a7e1796d3aa193 |
| SHA1 | 5604a535bf3e5492b9bf3ade78ca7d463a4bfdb2 |
| SHA256 | dfaf6313fd293f6013f58fb6790fd38ca2f04931403267b7a6aef7bfa81d50bb |
| SHA512 | 51b5bec82ff9ffb45fee5c9dd1d51559c351253489ea83a66e290459975d8ca899cde4f3bb5afbaa7a3f0b169f87a7514d8df88baaeec5bd72d190fd6d3e041b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 1386433ecc349475d39fb1e4f9e149a0 |
| SHA1 | f04f71ac77cb30f1d04fd16d42852322a8b2680f |
| SHA256 | a7c79320a37d3516823f533e0ca73ed54fc4cdade9999b9827d06ea9f8916bbc |
| SHA512 | fcd5449c58ead25955d01739929c42ffc89b9007bc2c8779c05271f2d053be66e05414c410738c35572ef31811aff908e7fe3dd7a9cef33c27acb308a420280e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | a43c5442720748bc3520106b9b6d4737 |
| SHA1 | 3ae6a4bbe5cc3acc29b02debfe78a366e7d046ab |
| SHA256 | 0e33c15bae9de0161695319643a4e46b888255d6b11af246e2050f7863708e3c |
| SHA512 | 9167b7a8ad92b7b82119edc9591c28d53b18256cf2259b6bbccc7c5c1833d20be514393845c6acce3dddc44d71a2c258ae27da3ea0ced8cded56e689f0b4479b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | f732dbed9289177d15e236d0f8f2ddd3 |
| SHA1 | 53f822af51b014bc3d4b575865d9c3ef0e4debde |
| SHA256 | 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93 |
| SHA512 | b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 16b7586b9eba5296ea04b791fc3d675e |
| SHA1 | 8890767dd7eb4d1beab829324ba8b9599051f0b0 |
| SHA256 | 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680 |
| SHA512 | 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771 |
\??\pipe\LOCAL\crashpad_4080_ZGUFZJQTGHCXGCNM
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8a76fc73dcf3ca2da441223af4c12964 |
| SHA1 | 6f16bfcce39ee07b2dd5b560c97a58ce46684782 |
| SHA256 | 294c875c0080fa444f432e2b68f1410e38ee8109fb7a816b08be690924aa716a |
| SHA512 | 3fdc636dd7d461227f7beddada969bca841b57caf6bc60333b9682e21fc886a7532af152e6d2383727020a3f1a0874efe6b00b213830e0d6424ba870400a2c5a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 70f3cab8214d17335c2c25b4d4528a81 |
| SHA1 | 3fed6266330165ff47b1c89c467e32e869dc99f7 |
| SHA256 | ac5963ae04b9ac43de3d78a7480e9f0387ca52f5bc726e0f195e40028faa5d8e |
| SHA512 | 31adb2a251a2b00afa427f2c409368ae22ace5197e1b5fd83cb067152e3f6b9c164838dd29560b8f7eeffb876a073a0215b8ee1af516ceac58914afa2093e375 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0bbcf6b4abd356620419865fde1b86f4 |
| SHA1 | a1681c1a54e0dd9aba8b5b7ca277e9936cc57660 |
| SHA256 | 45b429496c7a9e673e213f20f39c2282a1f766644a234fc8e91ce3fc2d0c40e4 |
| SHA512 | c8c00e7a09167d36a106ac4c2cd1edeb132f9b358699bfba26a282d5df5e96a87d446a585ffcde407bb55dafbd08781e871eeb4b3c9e3d3a10c8a755ccb6a4ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | eccd8e996fbfc4a25f6ed4b64ac9299d |
| SHA1 | 7d9fea75bf5f13afc433fb4129832191d5dfd6b2 |
| SHA256 | 29e6513eb1b376090b751786d7d70a8418d116340354882e8514f28302057882 |
| SHA512 | 823f6816f3fad53b69d73e32df66e174e9741a350604a8828e68b7d1006174a9626bbd51ec5f4e34ec7d3d9e76f71f023d6911a67b45cf6aec84b9fcb0385f4e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 40c91b8656791e114dd8b5fdc4df9236 |
| SHA1 | a6aaac1f465565b598933add5dace315ec36a81e |
| SHA256 | b026bbbe526dd3656b047f15c4a01dcae1257a86afe8b78886d0f662ddca8fe5 |
| SHA512 | 6e1573b8f4f0185e777886855112104ed2108ed4fb0ac3e7458d47580a448f1f385744f1dd19bbb9a6cec73d7d5a52bbf9e70d7daa15a8026922f4c138f3436f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 656965b12cdea23b276160924c8f16db |
| SHA1 | df26466fdb1fd14fc6e95af58b7d99771f305783 |
| SHA256 | d01615785e6bdf85f7be09c802e2e2bcb46b2e8859357339ca787ebfc4ed1412 |
| SHA512 | 30d365ae369ac0ba1f6c89f1ff29614ad3e71f4ad90e7029def7aa79a1ac8eac987ec145e9744f99f1b56a8a17db2d83c85cdc17c8b0bca22d8e1fd7f225ffec |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e98f74fc33efb85b1f08709c874dad50 |
| SHA1 | 332b9287c272e6c8c246d5f5e2dc9ed52127b2b0 |
| SHA256 | cf7f76dce8ee6f0f5cd3bcc4a2ebb17efd862ee2e81ea2014e91bc712bec56fa |
| SHA512 | 3c5ac0d39356ff498c3c1796cf97c37ce4d54408548bd285f25ccab5d087fa366daca6db40144a4d3158934df1e4e74fae4cc552e9a100b78982128b38e7f661 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 265db1c9337422f9af69ef2b4e1c7205 |
| SHA1 | 3e38976bb5cf035c75c9bc185f72a80e70f41c2e |
| SHA256 | 7ca5a3ccc077698ca62ac8157676814b3d8e93586364d0318987e37b4f8590bc |
| SHA512 | 3cc9b76d8d4b6edb4c41677be3483ac37785f3bbfea4489f3855433ebf84ea25fc48efee9b74cab268dc9cb7fb4789a81c94e75c7bf723721de28aef53d8b529 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 0cf38a538711222877706ece11b2af71 |
| SHA1 | 7ddac4d55ab4e1c7091b91cd07bd0f89d5ea06ee |
| SHA256 | f27374effa592b8b504454156443c0fd99b25b645f1e15f6420a4ade9c5577ff |
| SHA512 | d3a8258c318deb8172c7ea3b38be527cb80f81b971abcd11578fc6ff1643a88045034151d0e90b31b5b315fd19fc4f95f7f8cedc073c75841730af7dda614d4e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\datareporting\glean\pending_pings\555b5fc4-e251-4b7a-aa63-9a3dade09c54
| MD5 | dbeae62b42c7b03831f2dbb0daddd025 |
| SHA1 | c5112fd4cddb659954e1da0e335a08083130f8f9 |
| SHA256 | e15f8771b3a9f2f24c66d1d17dc158e7b5bcdf21f9bd73515e9fb225523b6114 |
| SHA512 | 55f72f3f3c556f41d99f900ef822fa7a4636c24ea11024d51fa66256ff55e0ce5698bc6a5831fb061e8b44f415666d2c316459bb6b42de15d942fbaad588c1a3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\datareporting\glean\pending_pings\195bbdd7-bc88-45fc-8315-a64167eb36ea
| MD5 | 73c6e1222ff6ee61b27748fde7cfe1c8 |
| SHA1 | 41f427c5063183f0ff2256557adff45234aa8e9c |
| SHA256 | 83106f82c8cb77649e36e5b4ac5e854eaf954a1a3116085771c909dfdc27dec6 |
| SHA512 | e5addf9425cc8486a1647450c8530c7f2fc9b8039d1f10d60d4bc1d256d19ef5a58f3662e40dc37e1184acdbfd72c4d0d649d68bc48177abf913ca65b85a9abc |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 6445e42cf7d994b484250760ce08b463 |
| SHA1 | 9708ce88d5cdb0842f4e2247994f025f50599e15 |
| SHA256 | d2e6ebd6ff4725e824fa22470b72b8aa56620327d826694e76469d6da6b7a90c |
| SHA512 | 65bbb803c16b44e906b55cd61e1a48359288a8ba047278fb15be037d16fba22aaf5b9622a131d24d121cbe7bd092c0c72f166ff9889b0eedb6bf5cd9610c091f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | 3fcc922599e2cf7e06b1a158590da560 |
| SHA1 | 01ed18f9611c37c51da17ca366c51013ff388787 |
| SHA256 | 42ec2e56f22a5b5afb4e2fb30ee600ffe831c04c9f0eafc6cc9f83e7dd262b45 |
| SHA512 | 1175eb6e712bf2b746f74dbd228efc69a2c2c954de32f45a9c665fe9ce70a02f97031cf924e04293ad958179cf3b04fc91e34e56275fb2151647d461f743cac6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\prefs.js
| MD5 | 1f159d7df243def5105c10cb52926074 |
| SHA1 | ef74ee7d48f83c47b550a3d98c0a227b98cb49eb |
| SHA256 | 882b2e7d6174291766fc6e896334011dbfa442a513ff128e242763ec07645c43 |
| SHA512 | 9c83575420744a547031e9d896eb2f7963ccf337ac6a31b90bf4c8ca410fdf917461919484659517fa11c1653508320f53daad65dd225664feb6f24b79f5714f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 1932d6b451f4b503bfe93b8a878aa5a2 |
| SHA1 | 512139b4927af22776803206e1b12ae465d69969 |
| SHA256 | 30a507bb9d232bd4182b469e072607bfd4aab749e9e9748bafa63f7bf2076142 |
| SHA512 | 1ecd86d1fc9b5f8fa9ab10b6034fb726d8c89eb4ca0459c3037e7e9d9a50ecc5693fb99b2a29d775f67005ebca661c66d470474bc06de5440b7495b4dd5197f4 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\nbjxj16p.default-release\cache2\entries\D84C5E508BEC80CE1E91251C07B589F488FE6928
| MD5 | c19e705493a3a875996a52bd1efd4ebf |
| SHA1 | 8514becfee590e33a083d37b62ad21c68eb69744 |
| SHA256 | 0977aff661bac29d913b073ce8d2954067b7edb4f367237844d2279deb2e4b74 |
| SHA512 | 153acf629e5f24759535e5e6036f8533d8b7ab80ab4de7c2973875a8d5b6e95a0aec254945fc672c1ac63650cdefdb820dfac672f2d172f165c3611ea3c4afa1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\nbjxj16p.default-release\cache2\entries\6DE3B287583C69153D3E33EBA0B7051F15BB81CC
| MD5 | 8f749754113ec0a99012b4ff522141b3 |
| SHA1 | 3927dcf3f4d680718fbc344ea2d27fa25642d835 |
| SHA256 | 3bee5c9ad5088f1bd26900af8fc7eb66b7824eb55c59d14a25118576646e2c0a |
| SHA512 | 0958d694a65fc21af7a49b39bdd2927313690cab976269d1dc66eebfb237322bac0481735cd5fbbe50c2d350395c0a63ea704e32b1f5d144b98b4ba03f96c0a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | 09669771a406b60b62b161a198e46566 |
| SHA1 | 59b8fd31bddaa4b535fe4c13768bca3dc023d3f0 |
| SHA256 | 71ad351ad4c777c29f07da3a383b9f450f8fd390f18e6a23605d72d5c848786f |
| SHA512 | f1391aa207abefbbf67465f0d65b01f0ec89ce5bc5e7907efd4077e24e1cd384b43c0a1bebb9360770f63eeefd9a3eec94c216f394ebc873597f9fa25d265dc8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
| MD5 | e5b06df620ab1b4de3756b4e115c7572 |
| SHA1 | 0434fdfe944dec5031d1e61350e53f81ae85c6a2 |
| SHA256 | 149d5f39230ee21e74db3a449705cd798eaaf032a5ead56086ff51759ffd8bfc |
| SHA512 | 11b664d4e2ebb916300f030ae0a8981f83869512185645b827bee74d86f3c882766b0fdaeb33a02158b85a5dbce7264198deb77211165bc4741d73f4dbb65fef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | 9a3dbc8b483c1ea72700084a89460e41 |
| SHA1 | 2ec2256d4e7210b29a867ea9ac92e6a4a52a0e9b |
| SHA256 | 1ecaaf3dff3b52bc759520889407525a23ed323e6779922f1af702c9aba7bede |
| SHA512 | 104830babb5c7e71ad6bffe90ef19007db8188b978b0ca21fe2bd3c0f175c80b7a62ca73a62cc82608178abd327055d511e2719cefc983af712f6c524143326a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | 923a543cc619ea568f91b723d9fb1ef0 |
| SHA1 | 6f4ade25559645c741d7327c6e16521e43d7e1f9 |
| SHA256 | bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd |
| SHA512 | a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | 7d75a9eb3b38b5dd04b8a7ce4f1b87cc |
| SHA1 | 68f598c84936c9720c5ffd6685294f5c94000dff |
| SHA256 | 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7 |
| SHA512 | cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
| MD5 | 02ce533b44e01a3656dd78ecbf617f2e |
| SHA1 | 03508dd1347d05f64dd44a1fd55e0f81ac406258 |
| SHA256 | 34aea36d44cc448b84d9ba1890f9125d52e6ee75dfbd726080c1810babecbfe9 |
| SHA512 | ea19a56ce88462196a8d5ea55fe7d006b748928b39260777b787a933af2cd53230512e77d40898285bc5d3fb87d3ead2d21500382881225272ed4eb2e3eb6a7b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 577e380c074fd5c0941aefb85e13cc80 |
| SHA1 | 9409cab622ffc65d0beab68b03efd586725c81cc |
| SHA256 | 39534d0e32365737784ce174aeb423adab24ec3675f285920886a76f0c836700 |
| SHA512 | 352306f9b3bc6963e3ed75573d2bf9bfec5ceb302ab21a47130878dea34a3f662bd5d0c3df7e9bfead2852990bcf86f027f2d00db03f962f016fa4121f991fb6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | 92c1a75e44c7006e1666383bd2538b2d |
| SHA1 | af87ec0804592aa3d84ebf011b756ec604859c87 |
| SHA256 | f483e3a3e8541540eccfc6676291a7b7a216c3deb4a5acf6e6b19f057f33f433 |
| SHA512 | c8e0154dcc36d088e0863dde3aef20a4338d2c38d1b5e2c2b114cc8bb7ac97d970fa910ce8de5cf089a550f5aee7ca7a38f8e45b51dfd4d71a7671c01e20efde |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | ddf820f3977b4a66ca54348976172cbc |
| SHA1 | 6d4d1f20f70e5a5488b7002b0e9053a7e518be73 |
| SHA256 | 1d8656c5248336db462c188369901f4b0353792cff1430a81ba86a91ad03dfa6 |
| SHA512 | 720bd6fa11fdf8df86bef5046c3e4fd94bc1a6a5650bcdce080df6a78f9d39396a94e73501b138f9d28b889ad29bcd518b7ebe7669ecc6cee312e50b6e2926b3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c
| MD5 | 8ead488bdead432c5855020da0d8a66b |
| SHA1 | 618981efa77772eb31687344ff2034585a111559 |
| SHA256 | 69dbc59f20a1e7951e073d2aa5069613739a12d33c3526ee9d4d47ee0f6a33fb |
| SHA512 | 63384d6a1ac958965631eb84af82744c6cfbe71a2982a89bb8f101b8e6f9126af6baf448093e06d922c25a68b6a6763667ad7cb4728ed5ef1550f9b5b7ebc409 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 0088522c98db517a4816ec6f7a286220 |
| SHA1 | 5216eac1f1fec56248ec32cffe86d1d1290040bf |
| SHA256 | f8acf472fd5bd61d067c745c5014c7b21c7d5d185449ae4f7cdc4aa711788a83 |
| SHA512 | 06cd126e69d560c17601a1132b2b5844f5f9b538343811441975fdeff15f5b23497f115c541c1d28c0d0dc49569be392b70093748635adc90cb770376bf68823 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014
| MD5 | f61f0d4d0f968d5bba39a84c76277e1a |
| SHA1 | aa3693ea140eca418b4b2a30f6a68f6f43b4beb2 |
| SHA256 | 57147f08949ababe7deef611435ae418475a693e3823769a25c2a39b6ead9ccc |
| SHA512 | 6c3bd90f709bcf9151c9ed9ffea55c4f6883e7fda2a4e26bf018c83fe1cfbe4f4aa0db080d6d024070d53b2257472c399c8ac44eefd38b9445640efa85d5c487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a
| MD5 | 7dd1c1fe5376c6dbbe4da12f8c30bc3e |
| SHA1 | 0251a33f6147638e88344301caaabaa7b36f9682 |
| SHA256 | 79e38bc5d86489ea8b6b9f12f297e9c1b6b01a37603b30df75e0630547e9f839 |
| SHA512 | 429ed63048333519b167a3e98b3df93aa87bca4046ccbf58df703217b7b776aea1319aa08a7910f6f62a545e4078c7c227b7916b1ae3bf2f61388522e7f10423 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4c5157c4b6afda7645c43739f56d7aa0 |
| SHA1 | 868b959a72ca95e7e85d98518474593229ba8af5 |
| SHA256 | 7d214b7f7cc6f95b5564aaac763e6979964105151fd428449d8bc773b2b4a8dd |
| SHA512 | 3a2c0643c4123073dfcb0ed76db840bc907fda33bfd43359ab385ba43e49233880e2d53f90c12b478181ad3cb40c774a1dc0006486a0ab68370ac21b3ca02b03 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | e664066e3aa135f185ed1c194b9fa1f8 |
| SHA1 | 358ff3c6ad0580b8ae1e5ef2a89a4e597c2efdc5 |
| SHA256 | 86e595be48dbc768a52d7ea62116036c024093e1302aced8c29dd6a2d9935617 |
| SHA512 | 58710818b5f664006a5aa418da6c8cd3f709c2265bc161f81b9dfe6cdb8304fabaa4ce9deba419fe4281623feeeaa0321f481ae5855d347c6d8cf95968ee905e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2893f27e135d1394ff54c6bfff58bab1 |
| SHA1 | 95e2143c260386a353acbb8c3b8a7a841e5ad6c2 |
| SHA256 | 20c13c28c7d8321713efe387b5833f4663ce351d08a62f8bfd5f95ccbdc48f4b |
| SHA512 | da3d1747a794807abf195b124dce89b4dcd83b685202ff643bc2a8032a61e654ea05f4ad261fb6af32f7a24af17d5c77486d91c0f322df4c6dfbbb089d08d52b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\nbjxj16p.default-release\cache2\entries\91327050A5D76DEDF98ADB9E359869511B7AF892
| MD5 | 5e0bc67720f66366db21170d905e1d0e |
| SHA1 | f25055894c458c32487cb46c512a350c34d494a9 |
| SHA256 | 87894449c189251b8eb7ec46b672ca1d6af4310ae4eaf1e83645f09cfecb9246 |
| SHA512 | 9b14c73afeaeea792cf30b8f98b23b92649a63058f728d5829ddcd275a8134776866c310fb5ffd1289304c4651875ace12ce10b193f4bd5fccd1ea75acad1e9e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\nbjxj16p.default-release\cache2\entries\19E3E649EDA06DF28A84E691244B9A32F8B84E43
| MD5 | 4a340fb46849b8e6f46247b048c1142b |
| SHA1 | c8d356b9ceb8b73b324d5c2e888041911786fd68 |
| SHA256 | 2405c3025da20f19d2d7031a963e098fc52e1701acc3ad5945e45c62f1b8a12b |
| SHA512 | 191522a048cd70573fd6cb87e1960cbdb13bae0e553892868e810d7720cb3a8c63e92b6d7b298dde9aabf5d149e93ef41900dfad1cfe5941862f33ca7373aa11 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a
| MD5 | a0318288dc558d26022c275054485b12 |
| SHA1 | 62a5b007c872909c4588bb598a4f34216a363464 |
| SHA256 | 14d1d1946c5546f82cd6da49238db10945b37d2b75461fd8b322bf8afaae0a7d |
| SHA512 | 2339b8046f2a754b31395c5d3826d6787627e5cc2f057728511972537a731764e37db73e57cd07bf0cad82b7598c30eb47a52206bdbab53abd4a4f178142ebe1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b
| MD5 | b65693482680d902651207e585d54754 |
| SHA1 | 350b7500a9b255669d38a6d6ca0cf808038c7767 |
| SHA256 | 4c60d0e17bfb7fe53b6f4881cb5f92def77a64ea36fc7b5c0522498f0dccbb67 |
| SHA512 | 399c4c77b4bc79a08745dfabd19f2e9978099adb2af42b1fc8fa40506a9151950d972ef71c0a7e4797c3a27baaaf67f0fba75b136595dbc253cbf2e2ca378083 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c
| MD5 | 4c39438f7c048bb46c218ed97b19794d |
| SHA1 | 57b8aa8589975c2c401d6405935c5ba58ceb8c70 |
| SHA256 | da1a928318aaf194ea43568159e627466b96461bc0882b966639947ef2111bb4 |
| SHA512 | f9e5205c2e9fafa3c136d4449052e918c3b6bed85497104ba00cfae55f8222cf989e4bc1f5215507bf6a77c3f7032a8e2b2cbf3010eee240694ec793613ec301 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d
| MD5 | df4674fb2cbe04d435de09b8718d2206 |
| SHA1 | c639c65370de35d185ebf1f932a85dafefe22976 |
| SHA256 | 9d220099005c25460295bb5b2c77fac5bb759ac276a736caaf7c3aa5bf7c2bcb |
| SHA512 | 4a8ea5fa810de8f34cb53ea281d2b58676de6f5e44b14141b16b4b9b3e4c2207ea7cf0a3841b0188e130d9add137ec677d558893eb41ac580383dda44e1cc641 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f
| MD5 | 0fe9bff34999d5057c1796aee3fac7d0 |
| SHA1 | 99c4a70b4fc37ba1a20b8c4104ab8762643bc683 |
| SHA256 | ca74d4478e3cc3b666ba80f583f23578e029f0e994d30edbcf8f7fff60d85ba6 |
| SHA512 | be99eef9b258eb8a173438f1ba4a58813f8c640c880a5c62aa1a960e799d83e5d16124179b16f1171e8c2c5a8e26181ba917378264298decfb7cf085573a7289 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020
| MD5 | 5944eaba4087da01c31efab06692f901 |
| SHA1 | d17ce6b1331847706d92dfe076f109303e292815 |
| SHA256 | e619181abcf27d51966a6841870e0d251d1f3c35082d0b2079e993a73feb9342 |
| SHA512 | 26f370ff875c17c30f5267dca52a59986efa3a9472ca002ee3e84740c91cf2069207962490cb9991d6a312d80f3efff89520fd108bd92c8062b71cc7901b2440 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e
| MD5 | c48ece6248398a3765efbe7ffac658d8 |
| SHA1 | f85ec59824398e4644abea48a94a93eca1be26f2 |
| SHA256 | 953bdd9528a2914339661f547421a4386d0c729cbea0ebd5b96aabb4b798e931 |
| SHA512 | 5cb36c505c01831f3b0a39c5975488712e83d95e9ccc6645ec487801f062fe11062a0c999160dcd1f0212116135e2c1ce94e29105cc69da93f7c1090432f3bfb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021
| MD5 | 7611185685bd3d51f1f6a5a2c01b1767 |
| SHA1 | 11aa48a6137c11356546bba4d3de8d395be52866 |
| SHA256 | 10273a73d9c28cb0f4a148124da57d6094b0cbf33496449042502cb1253c10dd |
| SHA512 | 38366263905421d8bfae7e29db06ab74e307e2c7ef5330492f999d0a61956a7083465f4ef389ab0ffbdbd6e0fc84351eab6d593456f5b4999250960be3a39e5c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 144a5739140d865c6cc237a87f49f3ff |
| SHA1 | 5ad3a126d9a426882cb1302f4a58a13e132e9601 |
| SHA256 | 7df2bcb2c7190dc85228b77e42918d62307d9644ac243dc9034555697daf9cb2 |
| SHA512 | a5387684854a155410dcbe12696f2e29b30d301c31f3dea83ed179e9a2fd9c9d3f1e9795a7b578c405ae383528ce6cc50f7993db02f77db6d6b364e93f567d52 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026
| MD5 | eb8243e4418469542501ad353ead9f22 |
| SHA1 | 74fd4a687b61abaebfce2cd18ffa68a8d761c616 |
| SHA256 | 50ef5631ccafe40c09af313c5473e842c9226f662b8e46ea303e8013333b948a |
| SHA512 | ac765fceb9ce1ff53c9b431898f29527b8fc5d6293e74657a2d96a36c4f5ba234708146048b33d5d3c13053a007b8bf7f2018e34b13351786e69d28976737289 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a
| MD5 | 3669e98b2ae9734d101d572190d0c90d |
| SHA1 | 5e36898bebc6b11d8e985173fd8b401dc1820852 |
| SHA256 | 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a |
| SHA512 | 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e
| MD5 | 9978db669e49523b7adb3af80d561b1b |
| SHA1 | 7eb15d01e2afd057188741fad9ea1719bccc01ea |
| SHA256 | 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c |
| SHA512 | 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c
| MD5 | b63bcace3731e74f6c45002db72b2683 |
| SHA1 | 99898168473775a18170adad4d313082da090976 |
| SHA256 | ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085 |
| SHA512 | d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b
| MD5 | c1164ab65ff7e42adb16975e59216b06 |
| SHA1 | ac7204effb50d0b350b1e362778460515f113ecc |
| SHA256 | d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb |
| SHA512 | 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 96fca7bb4ebdbbf738acc17e9cc94028 |
| SHA1 | 0c193b2e95edf81e1954d0d3d4d43a0c095eff00 |
| SHA256 | 0ef3f5e861e91911477b56dea4abae0638e809c4bc1e9a6083ff287d6b003a00 |
| SHA512 | e35fc3393e56d4dc35ed64c49ac2325970dca9f20272df2d8123a3e7b0688b011f262f56d1d313143aa747b4c52d0d1a4da4e6746a244a3fee86d23f6bf74bea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3aa79a79624b5e558500e2c474415df0 |
| SHA1 | f7a88225d7dfb23a07a53b28d4942dcd8d4ef965 |
| SHA256 | d0569a7eda24b022aab7ec6739b9ba1aba56166a5ceed83c9f534d389345d134 |
| SHA512 | c3a6efea3ba1e0690c6789a25f3531e4b53184e87881bc9a1b6513020f4cac24014db3c8e954257de2c2290ed8af4b923ae93fbfa491a24d39ffde8fc9593854 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57b69e.TMP
| MD5 | 68369721fabaf434aba6cdf55fcd241d |
| SHA1 | b6445e66fb5911c0048351e4ebbc21f8d4c2dba2 |
| SHA256 | af4c6eaef01adf7be7ef7e666b3a3367156a3d738377178008874f6c27c3e212 |
| SHA512 | 04058ea1854f27b9260ca5e71b5e33097191e4590ad3a99bdb406b5ff192b53c4748a954eb5c2afb44d53e69850125fa320040d487e3c9e0a7674af8e66e4ac0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | deb679dd57a59b8eca1b79265dce41ba |
| SHA1 | dc7cf23dd5482f0c4cc0524a3c92c4ecdce1bd02 |
| SHA256 | 5c01d34894fee76cc797716eb0374249f22af5b751679c3d7c26b90f04ffc0a7 |
| SHA512 | 4ac03d3e35b0f60a907d4b5dee868469a28dec3156f0658f57b6d36e1b8d8dcf8e83ac8e9aa8e48d4f2db97b37371b45d4d1b76e709a9f10e6b041fa433311f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 87a404d77c424c181d4322aca2caa08a |
| SHA1 | 9349251f9e69f1d4b27c4f31105054b8f3042442 |
| SHA256 | 5a6c8ba0aba65b27a6637260baea5bc787dd4585da97270225312bed1bea4c29 |
| SHA512 | 30114619dfbba19b0852dce26be02498eb8d343c5bc4d7ac1ef7e21eec5ab1f36f02099d02d446fce39af271499902ced43bad966e918123b930b4ced8f706e0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\prefs.js
| MD5 | 6d888d89ac5328c04ab6a2bffead63c2 |
| SHA1 | cb130736552f25bbb749c3a915c07c4df3ffa6e5 |
| SHA256 | 523f536407968b5347763640410eb26412b469868cc0840bbc670bceefef176a |
| SHA512 | 1ce4132880ef65e405fb35f12f8ebd37333d9ccfc010312395e4fd8c7ba6fc119fa85db42dc75af8639b012e450b319ae4b7763280de534c169d58ffc2bf3a4a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\ac6e1d10-5968-4bff-bdab-afedc0373580.tmp
| MD5 | 1c2421941101fa4b1d744a7f97cab69d |
| SHA1 | a47bb96fedc45b37f45adf126f696bd8c3790fd7 |
| SHA256 | 4751e8871b66b2892f259231b443b625f50d1b445c450d56dad33300ea630beb |
| SHA512 | 9fcd8bc774585ab9958ba8fa1fc0c745deb7da24d85487ff24805ad3c80a0ebe5aac085db1b88ae9c36cc0a69d260eaa7e26a67f1e98e1f107f21c1e9f8b8496 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\prefs-1.js
| MD5 | 7961b0f316599f72518f709c601ba939 |
| SHA1 | 1e4eae17c4d005966bf32bd96b9c2d2ba18ce71f |
| SHA256 | 0fc7bb4ac9725a92072bed0b955a99c62b7f68da75a538a17fdffd7b0957f6e5 |
| SHA512 | 896861c639196ea6251b48483fb7f706327d81b1bea3eb985ee54426dd851dfc11bff29d564b36227d86594c33914aaac3ce226db3fd75eb9313443378284bfb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | d4d70ddded6b027894b1d22ac0cee0c4 |
| SHA1 | a810eb5e7aaf71cf89765b295a0571f0d38c1bb8 |
| SHA256 | d6bdd5c8a04f396077257a5f13761404aa4f7ced32dacb55851485c3b62e630d |
| SHA512 | c3fe6a9e2b1c95510330580a08f75d538ae2011d363688dcef26e7140e89a3f88954ca05ae07e8fd7db5bff5d0c4d7fcbc03d04f053c2e25c3db61e6b4f4c35f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | 0c0b7a97762a859295dcd1b550c920f9 |
| SHA1 | 6de8a4c39e28abac8452e7b80c86f02d051b9222 |
| SHA256 | 6fd8a1cf7cb081f4ea36114c0511f7d9aa58454bfc66995857dbd6cfa9af2828 |
| SHA512 | 9c474fb1dc581c733e3bdaeaf5cc306325820945f3ad680632511a79af8e88cb745bd16db117a68cfb7570f113a050abb86f13100c9214bb66a23f0d955e383b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | de241a9f634a25695b18d7db7a99d988 |
| SHA1 | 8571742887611d9457d9fb8f1189077b87b33410 |
| SHA256 | d642772f6f17a5ea3deb028777e4fa19181a0ce3e15604669b384913f9fc10b5 |
| SHA512 | d87fa797d433f1b5fc11c9cd7d3d7901893839b6e7d0b597ecdc061572b19e334ec48b9d5751fe908ae0641c6ff4b87934524a6c89a23982e4267b18098c60f5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 321a57ae8e3d11112db4620d9dcc74a3 |
| SHA1 | 22578c5840fdf5dcd634279656795b9080380b4c |
| SHA256 | df33e13dd293f9c8762706426d2d8acedcc1d4de027d5c9b794d35e6700ab894 |
| SHA512 | d0ac1859711851742c09a649105f87c9fee858631e1dd36020b219609ee5dc63a4570d633d03437179c7bb8f43c63225af48186953084fef44599505547da252 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nbjxj16p.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 35293a6eea8743e37d345cd809e10c5a |
| SHA1 | 31b9f1d310f852f01418a9ce006c61a3497bcea8 |
| SHA256 | 34e69753e28b17186b608b69793e86c9d342b9523503f0195116365810fcccfe |
| SHA512 | 603fb4ccf469c936d5816c54c50c43bcb933e5123a1bf21060e1bb03b836540734d9748d73d74821c9c9076205bcbadd621c9c59f2ab64dee1396dbfcaaad088 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0396a6654a3631b95790736b355cbfb8 |
| SHA1 | 7a90bd13647324f84a30c36dc7c194fd5b1faeaf |
| SHA256 | bd1650a0a4cbbe33a07a9c1af87f9788d9d9421d62763b0a53774afc6cefa563 |
| SHA512 | de4ce9179787fe78d9258fad888c618a0cfc50179ceed700d4cadf133725fb83a57bb8c3c06d81734ffe595aa209fe703a64c14c24dea0534b5e41ce657645a9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2a1fac5189532d5637f96bc17b511587 |
| SHA1 | bf1558fd4ab8bf48fafaa4bc1be885dcf1ef760a |
| SHA256 | 07eb2a6405c55d16c6d4fd124ec2d2fa4e6643e49e1c4392131f8fa71ecb5960 |
| SHA512 | 4f7e1e150a01a427d8d3a0d22d562c9083d8f2ccf59d0fe6257094352ec8185f47c2dfd120a7951d4cbd14494fa7c70b64b0a78c654d12a9746177769e6a1b6e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | d913ebed910e5533e8d236d3e2b7fd88 |
| SHA1 | fb417b2c0b0b2aca0175d48c98ae03a47af4fb4c |
| SHA256 | 3eee47e4967bf1c9fb46b6da7daab327e5faa3adc2df32cea360935cb1f07b3a |
| SHA512 | 7f4130a492ce2842137a0b4cfa0747d07c0a385ed4d2518d5abcb1afa9fdc61aa2b04e87c5f46f88b7d4ba58a297691f6bdff3aba625eadce8e6574cdf496bf9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d67d7599f9b438f01faa043bda5e539d |
| SHA1 | 7d156621702514dd7efbcdae6291c4a1b663b64c |
| SHA256 | eea3bc4446417af5205e672798d89e9c9baf0206f61f006d1d3cab6c96c9b8a3 |
| SHA512 | c79c29b6d65952337b72c404db3ffcc77d92e81cd0f99e8badcbc36640641e31deb113b695aa9d36bda189477758c5da28c71f2fd62e8b839cdacc9bd750de84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ae3f4ff8fa401d8c481cff1d9f2959e2 |
| SHA1 | 8cf616daadb8b489fff43ff5f8825d8f2eedebf7 |
| SHA256 | 22916a20e89bbee96bafa4fe997d76227f6aa386651d14f0e7d2d9636698bd1e |
| SHA512 | e1133a410dbeb3b94849082b580e771d18bccb60f1478e2dc6c9578e0541da6728be627d0d7fd26e001b74aa9718536f9afd0832a376c817565c8e135a69dfec |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 993d12192a484db5bb6103c7e84c55e0 |
| SHA1 | d59fc420ca238f214136eb17d9efc9c52e9c4a06 |
| SHA256 | 5f46bf424ca16a7d0e7a7af47068c64cc6269e71662c74bfd824b5d5442b1cf9 |
| SHA512 | 7a7985598c547f939d590cdf875d773c222e18bfa8f1fa5736de0ebf5a5b161c8667978bd955b229ec74777d203096db251cde943a378b895350cbb88d590133 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 3b10477948b6ce3239bcac560a57a3c0 |
| SHA1 | ed0e9e54849f2b0403cebb2768167ff9cfa35c0c |
| SHA256 | fc9dca8d10ef3dd17c614ee3ce8aab7f9961183b2e60618a60aa8b4607b6ad43 |
| SHA512 | cfe707b92140748146543518707beb469cfa967c5c58e26045e5eb51404dbc6cfdfb5df1adb05fcf9545a91b7e8bba4ba6291276484611a41e48a2bd2d9860ad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c4a0c42fbf3db43567092152a8d2e6d4 |
| SHA1 | 4ff6748b6b737d1d236c6f972614054345b9a0a0 |
| SHA256 | 56d0935cdf8c753c8bf110d5ce0756b20f0634c8de92d127f22ed3a3ecd6ae82 |
| SHA512 | 4fab801ddd980b36bb10e62b3085b10fbca8b63f6466c8de1ebf1e949675d55043b3ebb2d1f4aac905a2b2c8e0f66c95bfb59a08528ade427846e5f48c950bec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 95b9182e2d790c39d34a80b72e2d6455 |
| SHA1 | 45c9a65d084eeeee0d27e794729219fda0f3b294 |
| SHA256 | 114f1bc7f7cd65229ffed8347a92e83b672f4885551ad2db9a46253384e017a9 |
| SHA512 | f3e943130eb0bfd42cf7c6cdb1ad2a18382a3b199b30c228225292d2a2e9298c5c60d549182eb8360f604d180c99a55fad1818b5766b6acb8e8ab023f7a095b0 |