Analysis

  • max time kernel
    150s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08-02-2024 01:36

General

  • Target

    afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe

  • Size

    896KB

  • MD5

    5bb2d0c9ee6a86afb4169f89f6b9216a

  • SHA1

    f2a455a5f76807faf077b61a3ed61ea6a5d11a59

  • SHA256

    afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c

  • SHA512

    59b693615980a38acc5726a03a7bf5688b0f3440eb714c87e97e86bfba18d8f3362d36bcbd9eac3158e15d1f9f67ff745f3d00343c39dde7f3e0143376bed7ed

  • SSDEEP

    12288:pqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDga7Tx:pqDEvCTbMWu7rQYlBQcBiT6rprG8a/x

Score
7/10

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Checks processor information in registry 2 TTPs 15 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 10 IoCs
  • Modifies registry class 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 22 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 62 IoCs
  • Suspicious use of SendNotifyMessage 58 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

Processes

  • C:\Users\Admin\AppData\Local\Temp\afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe
    "C:\Users\Admin\AppData\Local\Temp\afe9422ffaf9a7efd82f0991b9511e63ac7f0796ed5fbc366f83a1df49c7fa7c.exe"
    1⤵
    • Checks computer location settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:760
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/
      2⤵
      • Enumerates system info in registry
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:4784
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff7b3246f8,0x7fff7b324708,0x7fff7b324718
        3⤵
          PID:4896
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2204,2114318545298594190,9078106322244121857,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2216 /prefetch:2
          3⤵
            PID:2168
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2204,2114318545298594190,9078106322244121857,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
            3⤵
            • Suspicious behavior: EnumeratesProcesses
            PID:4336
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2204,2114318545298594190,9078106322244121857,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2668 /prefetch:8
            3⤵
              PID:3664
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,2114318545298594190,9078106322244121857,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
              3⤵
                PID:4416
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,2114318545298594190,9078106322244121857,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
                3⤵
                  PID:3572
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,2114318545298594190,9078106322244121857,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4040 /prefetch:1
                  3⤵
                    PID:5856
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,2114318545298594190,9078106322244121857,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4204 /prefetch:1
                    3⤵
                      PID:5804
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,2114318545298594190,9078106322244121857,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4044 /prefetch:1
                      3⤵
                        PID:6504
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,2114318545298594190,9078106322244121857,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4440 /prefetch:1
                        3⤵
                          PID:6632
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,2114318545298594190,9078106322244121857,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1
                          3⤵
                            PID:6688
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,2114318545298594190,9078106322244121857,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5460 /prefetch:1
                            3⤵
                              PID:6916
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,2114318545298594190,9078106322244121857,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
                              3⤵
                                PID:7132
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2204,2114318545298594190,9078106322244121857,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4304 /prefetch:8
                                3⤵
                                  PID:5888
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2204,2114318545298594190,9078106322244121857,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5668 /prefetch:2
                                  3⤵
                                  • Suspicious behavior: EnumeratesProcesses
                                  PID:7532
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login
                                2⤵
                                • Suspicious use of WriteProcessMemory
                                PID:2080
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fff7b3246f8,0x7fff7b324708,0x7fff7b324718
                                  3⤵
                                    PID:3044
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,13388217517765069387,5951738911900975446,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3
                                    3⤵
                                    • Suspicious behavior: EnumeratesProcesses
                                    PID:2644
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,13388217517765069387,5951738911900975446,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2136 /prefetch:2
                                    3⤵
                                      PID:4468
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
                                    2⤵
                                    • Suspicious use of WriteProcessMemory
                                    PID:1212
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x10c,0x110,0x114,0xe8,0x118,0x7fff7b3246f8,0x7fff7b324708,0x7fff7b324718
                                      3⤵
                                        PID:1788
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1536,3272976408237931914,2023695986068285739,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 /prefetch:3
                                        3⤵
                                        • Suspicious behavior: EnumeratesProcesses
                                        PID:5732
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com
                                      2⤵
                                      • Suspicious use of WriteProcessMemory
                                      PID:2852
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0x90,0x108,0x7fff7b3246f8,0x7fff7b324708,0x7fff7b324718
                                        3⤵
                                          PID:4872
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,3227609373669277232,427322541585452975,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 /prefetch:3
                                          3⤵
                                          • Suspicious behavior: EnumeratesProcesses
                                          PID:6056
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/login
                                        2⤵
                                        • Suspicious use of WriteProcessMemory
                                        PID:5008
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fff7b3246f8,0x7fff7b324708,0x7fff7b324718
                                          3⤵
                                            PID:3580
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,16523088382694604939,3297520097974158163,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 /prefetch:3
                                            3⤵
                                            • Suspicious behavior: EnumeratesProcesses
                                            PID:5744
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com
                                          2⤵
                                          • Suspicious use of WriteProcessMemory
                                          PID:3764
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff7b3246f8,0x7fff7b324708,0x7fff7b324718
                                            3⤵
                                              PID:4496
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2040,15886334268768386627,2894630713689235398,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1532 /prefetch:3
                                              3⤵
                                              • Suspicious behavior: EnumeratesProcesses
                                              PID:6388
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com
                                            2⤵
                                            • Enumerates system info in registry
                                            • Suspicious behavior: EnumeratesProcesses
                                            • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                            • Suspicious use of AdjustPrivilegeToken
                                            • Suspicious use of FindShellTrayWindow
                                            • Suspicious use of SendNotifyMessage
                                            • Suspicious use of WriteProcessMemory
                                            PID:1632
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fff7ac09758,0x7fff7ac09768,0x7fff7ac09778
                                              3⤵
                                                PID:1000
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3000 --field-trial-handle=2004,i,3595267037260993181,15867329379456699100,131072 /prefetch:1
                                                3⤵
                                                  PID:7432
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3784 --field-trial-handle=2004,i,3595267037260993181,15867329379456699100,131072 /prefetch:1
                                                  3⤵
                                                    PID:7500
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3996 --field-trial-handle=2004,i,3595267037260993181,15867329379456699100,131072 /prefetch:1
                                                    3⤵
                                                      PID:7688
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2980 --field-trial-handle=2004,i,3595267037260993181,15867329379456699100,131072 /prefetch:1
                                                      3⤵
                                                        PID:7420
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2244 --field-trial-handle=2004,i,3595267037260993181,15867329379456699100,131072 /prefetch:8
                                                        3⤵
                                                          PID:7404
                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1884 --field-trial-handle=2004,i,3595267037260993181,15867329379456699100,131072 /prefetch:8
                                                          3⤵
                                                            PID:7292
                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1636 --field-trial-handle=2004,i,3595267037260993181,15867329379456699100,131072 /prefetch:2
                                                            3⤵
                                                              PID:7284
                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4844 --field-trial-handle=2004,i,3595267037260993181,15867329379456699100,131072 /prefetch:1
                                                              3⤵
                                                                PID:1196
                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5444 --field-trial-handle=2004,i,3595267037260993181,15867329379456699100,131072 /prefetch:8
                                                                3⤵
                                                                • Modifies registry class
                                                                PID:8220
                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5428 --field-trial-handle=2004,i,3595267037260993181,15867329379456699100,131072 /prefetch:8
                                                                3⤵
                                                                  PID:2736
                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5748 --field-trial-handle=2004,i,3595267037260993181,15867329379456699100,131072 /prefetch:8
                                                                  3⤵
                                                                    PID:5896
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5736 --field-trial-handle=2004,i,3595267037260993181,15867329379456699100,131072 /prefetch:8
                                                                    3⤵
                                                                      PID:5844
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5736 --field-trial-handle=2004,i,3595267037260993181,15867329379456699100,131072 /prefetch:8
                                                                      3⤵
                                                                        PID:684
                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3940 --field-trial-handle=2004,i,3595267037260993181,15867329379456699100,131072 /prefetch:2
                                                                        3⤵
                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                        PID:1912
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/login
                                                                      2⤵
                                                                      • Enumerates system info in registry
                                                                      • Suspicious use of WriteProcessMemory
                                                                      PID:1324
                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fff7ac09758,0x7fff7ac09768,0x7fff7ac09778
                                                                        3⤵
                                                                          PID:940
                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1840 --field-trial-handle=2008,i,15698393410122433385,17940911486995315774,131072 /prefetch:2
                                                                          3⤵
                                                                            PID:7816
                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1936 --field-trial-handle=2008,i,15698393410122433385,17940911486995315774,131072 /prefetch:8
                                                                            3⤵
                                                                              PID:7928
                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com
                                                                            2⤵
                                                                            • Enumerates system info in registry
                                                                            • Suspicious use of WriteProcessMemory
                                                                            PID:224
                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fff7ac09758,0x7fff7ac09768,0x7fff7ac09778
                                                                              3⤵
                                                                                PID:4836
                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1904 --field-trial-handle=2000,i,2110790805724675801,9266299203282099646,131072 /prefetch:8
                                                                                3⤵
                                                                                  PID:7440
                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1772 --field-trial-handle=2000,i,2110790805724675801,9266299203282099646,131072 /prefetch:2
                                                                                  3⤵
                                                                                    PID:7396
                                                                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                  "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
                                                                                  2⤵
                                                                                    PID:456
                                                                                    • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                      "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
                                                                                      3⤵
                                                                                      • Checks processor information in registry
                                                                                      • Modifies registry class
                                                                                      • Suspicious use of AdjustPrivilegeToken
                                                                                      • Suspicious use of FindShellTrayWindow
                                                                                      • Suspicious use of SendNotifyMessage
                                                                                      • Suspicious use of SetWindowsHookEx
                                                                                      PID:2112
                                                                                      • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2112.0.1638298445\161214430" -parentBuildID 20221007134813 -prefsHandle 1812 -prefMapHandle 1804 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {56922a94-a833-4323-9ab5-821dba5d8769} 2112 "\\.\pipe\gecko-crash-server-pipe.2112" 1904 17978106058 gpu
                                                                                        4⤵
                                                                                          PID:5180
                                                                                        • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2112.1.1087111811\487517783" -parentBuildID 20221007134813 -prefsHandle 2356 -prefMapHandle 2352 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f99046ec-6bdb-4be1-ba2f-1e2f5ee4c544} 2112 "\\.\pipe\gecko-crash-server-pipe.2112" 2384 17976de3558 socket
                                                                                          4⤵
                                                                                            PID:6876
                                                                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2112.2.882068416\2043867635" -childID 1 -isForBrowser -prefsHandle 3216 -prefMapHandle 3212 -prefsLen 21668 -prefMapSize 233444 -jsInitHandle 1116 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7fcd6810-c4e5-4246-969b-c8860aa39414} 2112 "\\.\pipe\gecko-crash-server-pipe.2112" 3296 1797aa20758 tab
                                                                                            4⤵
                                                                                              PID:6776
                                                                                            • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2112.3.1775491214\336743086" -childID 2 -isForBrowser -prefsHandle 3600 -prefMapHandle 3156 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1116 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {643e2f06-3aec-4444-ac27-193998bc1bde} 2112 "\\.\pipe\gecko-crash-server-pipe.2112" 3612 1796a662858 tab
                                                                                              4⤵
                                                                                                PID:7676
                                                                                              • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2112.4.1801480340\1503472478" -childID 3 -isForBrowser -prefsHandle 3920 -prefMapHandle 3916 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1116 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {337710bc-1f4f-4a45-a7d4-2278e52473a7} 2112 "\\.\pipe\gecko-crash-server-pipe.2112" 3928 1796a62d858 tab
                                                                                                4⤵
                                                                                                  PID:3388
                                                                                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2112.5.1449668758\955500533" -childID 4 -isForBrowser -prefsHandle 3920 -prefMapHandle 4540 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1116 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {757a1ced-6940-439a-915d-9e44eb998734} 2112 "\\.\pipe\gecko-crash-server-pipe.2112" 4552 1797c5c9f58 tab
                                                                                                  4⤵
                                                                                                    PID:6684
                                                                                                  • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2112.6.244046068\665723301" -childID 5 -isForBrowser -prefsHandle 5108 -prefMapHandle 5104 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1116 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7ff5feb2-0acf-4d2d-8fec-48806b3b48fd} 2112 "\\.\pipe\gecko-crash-server-pipe.2112" 5116 1797c5c7e58 tab
                                                                                                    4⤵
                                                                                                      PID:4816
                                                                                                    • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2112.7.517150761\487198938" -childID 6 -isForBrowser -prefsHandle 5680 -prefMapHandle 5660 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1116 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d1e3ff1b-2ffb-4e02-83e7-6d08de0035f9} 2112 "\\.\pipe\gecko-crash-server-pipe.2112" 5688 1797ea5d258 tab
                                                                                                      4⤵
                                                                                                        PID:9164
                                                                                                      • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2112.8.1812757819\1020122809" -parentBuildID 20221007134813 -prefsHandle 5552 -prefMapHandle 5544 -prefsLen 26381 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c648b96e-ab79-4cf3-af70-60a34ce9e286} 2112 "\\.\pipe\gecko-crash-server-pipe.2112" 5812 1797ec2d758 rdd
                                                                                                        4⤵
                                                                                                          PID:8492
                                                                                                        • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2112.9.339290833\1812768870" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 5804 -prefMapHandle 5812 -prefsLen 26381 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8a280f55-8b4b-4d51-93be-816a8305781e} 2112 "\\.\pipe\gecko-crash-server-pipe.2112" 6012 1797ec2da58 utility
                                                                                                          4⤵
                                                                                                            PID:8740
                                                                                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2112.10.1436804135\1825883466" -childID 7 -isForBrowser -prefsHandle 6160 -prefMapHandle 6140 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1116 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f2057636-700a-4d9c-abed-b959af55a77e} 2112 "\\.\pipe\gecko-crash-server-pipe.2112" 6200 1797edae258 tab
                                                                                                            4⤵
                                                                                                              PID:8892
                                                                                                            • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2112.13.1951412585\1102005344" -childID 10 -isForBrowser -prefsHandle 4552 -prefMapHandle 4688 -prefsLen 27337 -prefMapSize 233444 -jsInitHandle 1116 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c54c1b9c-df18-4c14-bf1e-cb406b05dd95} 2112 "\\.\pipe\gecko-crash-server-pipe.2112" 6396 17979933758 tab
                                                                                                              4⤵
                                                                                                                PID:7904
                                                                                                              • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2112.12.464174980\1293862464" -childID 9 -isForBrowser -prefsHandle 3996 -prefMapHandle 3984 -prefsLen 27337 -prefMapSize 233444 -jsInitHandle 1116 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {82cdb2de-776a-436f-9a8f-36ca7fd3cbc5} 2112 "\\.\pipe\gecko-crash-server-pipe.2112" 4020 17979932858 tab
                                                                                                                4⤵
                                                                                                                  PID:6848
                                                                                                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2112.11.373059461\886138720" -childID 8 -isForBrowser -prefsHandle 4576 -prefMapHandle 6544 -prefsLen 27337 -prefMapSize 233444 -jsInitHandle 1116 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {00be3621-f50f-4542-a7e1-cb96f313f109} 2112 "\\.\pipe\gecko-crash-server-pipe.2112" 5056 17979224b58 tab
                                                                                                                  4⤵
                                                                                                                    PID:5616
                                                                                                              • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login
                                                                                                                2⤵
                                                                                                                • Checks processor information in registry
                                                                                                                PID:1928
                                                                                                              • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
                                                                                                                2⤵
                                                                                                                  PID:4300
                                                                                                                  • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                    "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
                                                                                                                    3⤵
                                                                                                                    • Checks processor information in registry
                                                                                                                    PID:3908
                                                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                1⤵
                                                                                                                  PID:4560
                                                                                                                • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                  1⤵
                                                                                                                    PID:5984
                                                                                                                  • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                                                                                                    "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                                                                                                    1⤵
                                                                                                                      PID:7580
                                                                                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                      1⤵
                                                                                                                        PID:3844

                                                                                                                      Network

                                                                                                                      MITRE ATT&CK Enterprise v15

                                                                                                                      Replay Monitor

                                                                                                                      Loading Replay Monitor...

                                                                                                                      Downloads

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

                                                                                                                        Filesize

                                                                                                                        40B

                                                                                                                        MD5

                                                                                                                        062cc84c0218b55fdd1b19857d52cc59

                                                                                                                        SHA1

                                                                                                                        e25a3051e499e2269d9e2ea0f384eaa781d3ce24

                                                                                                                        SHA256

                                                                                                                        8fe2e20bb3cf656eff404cd69a740bdbeb2abde044ac1c802270c6bb349129f0

                                                                                                                        SHA512

                                                                                                                        bac28b92d9f095b08e6b68eadc1d11814faaf8f7ce24f8da404eac4127bbc560817492ce72a681192e80605d7feedfedf20543b0503840c33488d5728afd583b

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

                                                                                                                        Filesize

                                                                                                                        22KB

                                                                                                                        MD5

                                                                                                                        7a204d478c8dfe822bf86f9103bbd9b3

                                                                                                                        SHA1

                                                                                                                        7114b36ea1588d9372d730b2ee5dec7a3aee36d1

                                                                                                                        SHA256

                                                                                                                        d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb

                                                                                                                        SHA512

                                                                                                                        f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

                                                                                                                        Filesize

                                                                                                                        21KB

                                                                                                                        MD5

                                                                                                                        7d75a9eb3b38b5dd04b8a7ce4f1b87cc

                                                                                                                        SHA1

                                                                                                                        68f598c84936c9720c5ffd6685294f5c94000dff

                                                                                                                        SHA256

                                                                                                                        6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7

                                                                                                                        SHA512

                                                                                                                        cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

                                                                                                                        Filesize

                                                                                                                        1.5MB

                                                                                                                        MD5

                                                                                                                        46f142e67520a5d85e9e35459211a46d

                                                                                                                        SHA1

                                                                                                                        35e2f736216cca983b3f52c84217d041cce55860

                                                                                                                        SHA256

                                                                                                                        5ce498b437b99d3380211cceb192d422ab6de982b6e21d7e91a5e2ec164b799d

                                                                                                                        SHA512

                                                                                                                        a8e7ed170fa6db1c285214c8dc1ce0aaa724ad57df0d4e54f55a5b41c274ff7c5be7abfee8f5b65c0b79c84df611185284b928e1ef87a26225c7d25a49ee87ff

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

                                                                                                                        Filesize

                                                                                                                        46KB

                                                                                                                        MD5

                                                                                                                        3b40598a735a304a93194868c712d563

                                                                                                                        SHA1

                                                                                                                        6ccfd7117bf97966c78900872119f749873e5347

                                                                                                                        SHA256

                                                                                                                        e8b23f654dc1dc41d425a7ba52885933403e1ee55867aa52f18b641e93a8cdd6

                                                                                                                        SHA512

                                                                                                                        4e159ca9cfb5ebe7af0e847923f82d4219a467121cb51be9a0f0f6a2345067e234df5ef51206e71c80e5727333a5917e0aa1ca2fbd7ba72f280b69fdb9acb3df

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

                                                                                                                        Filesize

                                                                                                                        774KB

                                                                                                                        MD5

                                                                                                                        4e08eee044c91ace0ad7a46cd9542a0a

                                                                                                                        SHA1

                                                                                                                        b542dc6b9818c8c1e07563d3656389c67b3ed5f7

                                                                                                                        SHA256

                                                                                                                        e5602fcd6ae093bef4648c93d192f79d4d6849d783096aecfdd2f53e3ad85982

                                                                                                                        SHA512

                                                                                                                        72851bad9b83bfff6a47141bd5ad47bf1a2fffc7c8c62e611606b06208f5daa3c52ff49f60945ae58884e22476069b99c7a7f44f1ea8d624cf2ad4f4227d3b59

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

                                                                                                                        Filesize

                                                                                                                        31KB

                                                                                                                        MD5

                                                                                                                        aac9daa9fbd0a896f415cb631da7f954

                                                                                                                        SHA1

                                                                                                                        94e7321a4d9cb4f42d662f5685a36920807c8c38

                                                                                                                        SHA256

                                                                                                                        c9da818db49a51bb93b938ccaf2941b1b3df40f0d1a8e8710cd14284b5c01715

                                                                                                                        SHA512

                                                                                                                        2dae89fdacc8c85ec21603c7ebe3b4f0d8362ea3678670c079745bde82737757c110f5d66ffe53559a8331a49a809005813e12b830941f0f72707ed43ebcc4b4

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

                                                                                                                        Filesize

                                                                                                                        33KB

                                                                                                                        MD5

                                                                                                                        27a05b77e7bba6c2b279f1a67cd6acef

                                                                                                                        SHA1

                                                                                                                        3164de3d460475f745bba673aecd9f7d799d7509

                                                                                                                        SHA256

                                                                                                                        71aca97ad43f1a016bcc6a04f90587cba90db71a03358130d686acf042e00f83

                                                                                                                        SHA512

                                                                                                                        5cdf58d637dc70be10b36d7ca7230404ca4cd58af53028183cfc28335dd8d3ccb24f0653c0844acf67deb18f8b529dfa83ecb2af34dc1129662dbdf20c0bba06

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

                                                                                                                        Filesize

                                                                                                                        1KB

                                                                                                                        MD5

                                                                                                                        65ca53297ac64257a92cabb320382c89

                                                                                                                        SHA1

                                                                                                                        7ef2e1d7b18ec95e95becca4b2a2d42fc4d6ddc2

                                                                                                                        SHA256

                                                                                                                        723826ce374a2cb80c39a733dffc0130486c1b663e90c7063bc6c20b1f52e417

                                                                                                                        SHA512

                                                                                                                        2bdaf5eaf8354d193c9531e6a7677449500e307629ca244706ed29350919bb64cb5c8fd8c4f2f10cde4e2c2f6773bccb0949c09fa6fec089632b76194809012e

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                        Filesize

                                                                                                                        1KB

                                                                                                                        MD5

                                                                                                                        b6364b73a778cd9a13ef592250800da0

                                                                                                                        SHA1

                                                                                                                        5bf11efa62f47da0a48211ac5926a04984ca24fd

                                                                                                                        SHA256

                                                                                                                        60ac5648ac2430efc34d6cbc6877b564106bb9f78c7f188b0f3812a8fb6615b4

                                                                                                                        SHA512

                                                                                                                        85e296db81cfa655acf541fe2a3993acb3ce657eb40619491904fc8dc6ed346b40aa7d4c341652e93fc65d190c61253f1bef10928e68ab996175fa3d73bc88d0

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                        Filesize

                                                                                                                        1KB

                                                                                                                        MD5

                                                                                                                        ea2798bb8d773d8aa8f7168a909263ad

                                                                                                                        SHA1

                                                                                                                        b917a169c1af3978faa1d7596a38e507ff6e3ef1

                                                                                                                        SHA256

                                                                                                                        b5518d6f62a2d41949288fddff3262ed8591cc3a6e28b7f0b2f81aa4f94988c1

                                                                                                                        SHA512

                                                                                                                        1493c034e27615928e761f5bc1dcdbab50548236e46de451dc158989964792ad84a47159938b5c1ec8b19b9e193c927abc5a0a4b0294860ea5718d261143ff12

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

                                                                                                                        Filesize

                                                                                                                        16B

                                                                                                                        MD5

                                                                                                                        46295cac801e5d4857d09837238a6394

                                                                                                                        SHA1

                                                                                                                        44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                                                        SHA256

                                                                                                                        0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                                                        SHA512

                                                                                                                        8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                                                        Filesize

                                                                                                                        3KB

                                                                                                                        MD5

                                                                                                                        75d3746c575d09ab38d38ab1974844dd

                                                                                                                        SHA1

                                                                                                                        f360d56a66a8bfb7de7017937bb65f29f6baed58

                                                                                                                        SHA256

                                                                                                                        0cac52140175e4349adb68efb872fc521fcea496db63176ddfc639f0bdefe1e3

                                                                                                                        SHA512

                                                                                                                        d9299c501c8124fff90a4288bc68ff9cdd05201ddabec4570b74451ca0891acb3d35701e9fe970655b3089ed24668594446bcd31dea6d313b7bd6959f3dcccad

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                                                        Filesize

                                                                                                                        3KB

                                                                                                                        MD5

                                                                                                                        11eb96d6510a5fa41fcc0dd7fb4c57e6

                                                                                                                        SHA1

                                                                                                                        b1b8b13ab4c01e1d5ca4105efa5c495b0b99138e

                                                                                                                        SHA256

                                                                                                                        1fb1378893d5c186e54d28344adb36c14331f5f81efc217abe37f3686368c28d

                                                                                                                        SHA512

                                                                                                                        1013e85e1646bd9d943b2a29509264890ada6733947da840c7ae116ee2c5f1417576b2f829e8b875b43bbd9551cb00b19b782978198eb3f82ae13f56d1811f87

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                        Filesize

                                                                                                                        1KB

                                                                                                                        MD5

                                                                                                                        9f7829567af8aa1e745c27e1bba2a86a

                                                                                                                        SHA1

                                                                                                                        30cfc2b1026e142a1547e79da35a477508996e19

                                                                                                                        SHA256

                                                                                                                        d994969a778c28850c6b0fe1a77bd0443f1ce68f10dd82491cf97b4d198b5654

                                                                                                                        SHA512

                                                                                                                        8091c05d274debe9426a986853276cf55f69d1ee1c778afee03ef2adb5aac562917eee48ad86dc4fe208dfad4bdebb31527277601b8152aae21d33d73c023ed4

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                        Filesize

                                                                                                                        371B

                                                                                                                        MD5

                                                                                                                        fab0acfda72663a0e570547901c580e8

                                                                                                                        SHA1

                                                                                                                        98af9bc59fda74849b00fd13f052efd554536dac

                                                                                                                        SHA256

                                                                                                                        a85a1cc51973da1f5bd035bc403b4f94d686892c76d09023bf4c595bceb4943e

                                                                                                                        SHA512

                                                                                                                        13b49968de11d88a76ad824d05d9c4c8a7f679d8035a8e66a74f8c2ce0f62482aca7b4487b82bf76f2e0b3d42ce90acf2b4c3af8935d967a55a9cf3db02dc655

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                        Filesize

                                                                                                                        701B

                                                                                                                        MD5

                                                                                                                        c12b405ad03647bd21c9ef8bccb6d573

                                                                                                                        SHA1

                                                                                                                        076d003e456659590fab28bace263394873c5aff

                                                                                                                        SHA256

                                                                                                                        b540af47c6abc507ac4f9e58449a7f416ebf143a5fb4b02aafbd7bf9041aef40

                                                                                                                        SHA512

                                                                                                                        c63f9ff62e901880549d7f5b24d7636b43a2e5f4bb48fdf2cf2835f3b630e3ac81d23bf9682086d4037977e1e8f144f8bdd3eea5975ca28c8b09da5093def055

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                        Filesize

                                                                                                                        867B

                                                                                                                        MD5

                                                                                                                        8de73cc4670d98ea50bd0c4bbc13c99b

                                                                                                                        SHA1

                                                                                                                        ece4c9e56e4fa280c33b8588e0d290652f814e85

                                                                                                                        SHA256

                                                                                                                        ff07a2fd616599ad0d6183c62868e47964f43e0c73370350bb73891f0dda2e0f

                                                                                                                        SHA512

                                                                                                                        57a57a95a2c915d8a6f79c3790f56ac4c1a2ee51a22ecb6c9aaf3463137c4ab33ddacb07108c8d38a04381a8ccf70559b7a4c5d7fb924ddc4822dc0da440fcc3

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                        Filesize

                                                                                                                        867B

                                                                                                                        MD5

                                                                                                                        9cf4cc1f3afaebe5351cb908f5a49e7f

                                                                                                                        SHA1

                                                                                                                        bcce54733fdcf0e11c9271547f3a8d42b9064236

                                                                                                                        SHA256

                                                                                                                        bfdf683502da1e778fc3c62dda5cf8e91db36900a3fe9bb84789150ace4f51fd

                                                                                                                        SHA512

                                                                                                                        d66e6b66fe8db8377570ff9124c80d5c70ac15abf8871b8b950a46c9eb6949178ef1f65b404756de270f0fbefdbb70b5a7b155c6a2e65f8e073245227d69ae21

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                        Filesize

                                                                                                                        6KB

                                                                                                                        MD5

                                                                                                                        4971ff655db4d47cc39712193320fbb3

                                                                                                                        SHA1

                                                                                                                        3e3db777e59ca28351c3155dcaea15f0d74cd104

                                                                                                                        SHA256

                                                                                                                        8ce6a40487f0d2888ec863e41d9136f09c4fe3fd7e476abe71a8135a95145aa4

                                                                                                                        SHA512

                                                                                                                        d04d2f3facdd0ee06c262f5561cd9b38e0f1b50fa2d1188675d89ac3c694bb03c7d4d9fb4d0ec0c49ac55ebf1e2296627b44ed564865f51157e7cc6a55715c20

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                        Filesize

                                                                                                                        7KB

                                                                                                                        MD5

                                                                                                                        fd3701b3f8b0023bdf1ec9d3c17f6ba9

                                                                                                                        SHA1

                                                                                                                        975374320223350ed596b28d2068056f1047063a

                                                                                                                        SHA256

                                                                                                                        2efe7fab452cae1dd894320b3936b14e6872fedee7bbb97c7e5b046feae6eea6

                                                                                                                        SHA512

                                                                                                                        9621760fb335c7591932417cee75ec2e70802ce05dc2ed68b10cb10c7f6b42062789f186d90c10e9499b5b34881cecba7a8456d85afaf7b57f96f5f03310d854

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                        Filesize

                                                                                                                        176B

                                                                                                                        MD5

                                                                                                                        fd1592eb6374d71b0aba3ca7983f0245

                                                                                                                        SHA1

                                                                                                                        55268db994baf5200fb363086bcc22f436d749d0

                                                                                                                        SHA256

                                                                                                                        1fcb8f031750493b076c423ed7977905a23b86c6a66a5ff2ec8900bf698603d9

                                                                                                                        SHA512

                                                                                                                        85e07672ac27fa022ca5e91e82c15ca06a35c0df9b7caa18119c31d161fe96e6b4852105352e63443dfce07719667ef2be64c36980cd33bc73560f6735a0d1bc

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                        Filesize

                                                                                                                        112B

                                                                                                                        MD5

                                                                                                                        5ae8361b7b0ad01dc0f2662a6c400cac

                                                                                                                        SHA1

                                                                                                                        e25a6711cae825db93befe4d065d921b9d06d945

                                                                                                                        SHA256

                                                                                                                        9b118426588263d9e03e05ea1d6fe123f9f98a50e88c77572612abc6c9379d3e

                                                                                                                        SHA512

                                                                                                                        23e50ed77e0393078e5f0974f0fd2e23f2ba62ae34721d13da6495bacd5c95737fbb33956f8acd641485a721417ebb0e1c92a9a4dc92b800dc9e6eba5f31a358

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe580b07.TMP

                                                                                                                        Filesize

                                                                                                                        119B

                                                                                                                        MD5

                                                                                                                        dae8c4f884569244f7c3f9c6f2ab2396

                                                                                                                        SHA1

                                                                                                                        f6b20785ed3ecf96742cacaaabd3c02e33e05ce4

                                                                                                                        SHA256

                                                                                                                        8502ae6b57c3c50c6d049d79611ef765ebdd325d1a905f60e7b4f106d7cf696e

                                                                                                                        SHA512

                                                                                                                        2eb22e879acba4679bac24a1dca278cba9c30c01eb384518c399d11022e83e1a7f8df115b526eff79f928f2366b9927659877751f636728e52b086cb30c98ded

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                                                                                                        Filesize

                                                                                                                        72B

                                                                                                                        MD5

                                                                                                                        50b07e9b01a2423a6c97c99fa00a4515

                                                                                                                        SHA1

                                                                                                                        7caed0ec2c276deebace4acc13c5f82aa041e656

                                                                                                                        SHA256

                                                                                                                        17a993621b23f56536947689a8ebc963abf912f5c4063fce5b126313bf36baa7

                                                                                                                        SHA512

                                                                                                                        9b03b0e2168c094e4ad56ba676bdb26beb005962ee90d040ff67264a2b95056ef199c025d8bcb91ff53252108277049ba734572348e213acdc33be5f513ba3da

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58652d.TMP

                                                                                                                        Filesize

                                                                                                                        48B

                                                                                                                        MD5

                                                                                                                        9cccf1fff8d7d64c3f50799de30ee84b

                                                                                                                        SHA1

                                                                                                                        3d1649f9be36aa47e3ad4ea7a29fa08758e04535

                                                                                                                        SHA256

                                                                                                                        60da1659994a6ab6d210bd58f5ff12d1e7de701691ea749ebd468c5204a43a1a

                                                                                                                        SHA512

                                                                                                                        e4fc8ac93c15a2d8fa6eeec6f0cb8e87bc3d7329a2a69d12267b7917b9bd755ab79317c867c4a3cdfcdea3f40bcd640ab6caf983152478b2413f56f084b5d832

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                        Filesize

                                                                                                                        235KB

                                                                                                                        MD5

                                                                                                                        3735cb2744e354706c6a9b8feb205519

                                                                                                                        SHA1

                                                                                                                        3415f087e0dba98747e358e9ec88ea73ae940293

                                                                                                                        SHA256

                                                                                                                        0b50a94d83e922ce9c5b18fbf1f9f137c3407946d18c308e39df7e14e21d07fd

                                                                                                                        SHA512

                                                                                                                        81575305388836aaf4d700f829bb50983581d38d695977e73213dbdb3baca472f629a9a34bb4c1bbac94bf44c0b7a3bf0786f50ec5127f9761094b2f65a937b3

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                        Filesize

                                                                                                                        235KB

                                                                                                                        MD5

                                                                                                                        3c3db1592606110c81e92d022370154c

                                                                                                                        SHA1

                                                                                                                        ff319d5b95c8c4ebf4f10e292c316255d4935502

                                                                                                                        SHA256

                                                                                                                        76b98131b5124ce7611cffb85b2cf30c28943bc060e1bb87689c1848ace472ab

                                                                                                                        SHA512

                                                                                                                        2f40a72c05d745147d66e53112f295fd8ccbc7a8b29e60a072ac29c024bd08d51ac9dd0341e8df4b138592014f7bc293a6d57be5a480495170361db6f6216072

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                        Filesize

                                                                                                                        115KB

                                                                                                                        MD5

                                                                                                                        59d4b0cba82ad778f4bd9cd97d008d1d

                                                                                                                        SHA1

                                                                                                                        0124aa24703a58fb35d52e3dd79bcf6d5183741a

                                                                                                                        SHA256

                                                                                                                        725c0c8ecac7e28a96470fe297a87db9bc55be6e47fe5873c80954293c728a40

                                                                                                                        SHA512

                                                                                                                        60e637fa27c1f581265dfd66f424e7fce6fd75318d5fac577a82e26e77946b32fcecf1cbf67fe660b2bf8972da11e49c8741ecbe24ab08573c7bbf2fe67f994e

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                        Filesize

                                                                                                                        116KB

                                                                                                                        MD5

                                                                                                                        67d48596658ec528fa6b99f0aee6695f

                                                                                                                        SHA1

                                                                                                                        b976078c1bbfc2d2dd104df4578e7cfc6416ea1f

                                                                                                                        SHA256

                                                                                                                        f5736e08ef4dc5f6b2aeb8bd2b685d9d72127b57437347c512ef3718769fd447

                                                                                                                        SHA512

                                                                                                                        3e6a6a606c87e93ca1bbc7b9a87197c505325c28fc3454f27625326a5c00d23455a7d6886400484d6243cc9f7624f5af89c7031190269cc81dd8bf5049c9244e

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                        Filesize

                                                                                                                        116KB

                                                                                                                        MD5

                                                                                                                        d8f56fe9eeaf571e048edd80559e4b1c

                                                                                                                        SHA1

                                                                                                                        d99d2c8e124e118820f9fd74dab960fbf8398574

                                                                                                                        SHA256

                                                                                                                        2032b2d9a4d0146647f91e242a22c282ac46624fe56638c54451d34673b9e414

                                                                                                                        SHA512

                                                                                                                        bf877a757ea4ac2d2ed12022dfe70fa4c958c3fc1da2b41e6ef01d16600d52c3111a2c5e15e285249b2a49ceb6c777b0f9710b47a1a4e2e8bb9dfd1687a76cd1

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                        Filesize

                                                                                                                        115KB

                                                                                                                        MD5

                                                                                                                        175fa306ff381ada6c26c4feaae70a2a

                                                                                                                        SHA1

                                                                                                                        db064893c7c5af64f6960fcd13ee1a66b42a38cf

                                                                                                                        SHA256

                                                                                                                        96119e7992e4df5c653ba51a2f8fdb7240d2474310548b836e4998a9bb7c72a6

                                                                                                                        SHA512

                                                                                                                        8993537a4ba51fcde9becd39ba99063c94936f39fb53fc764cc0f7e88b7a7f5b9e99b76b42204287062f9685f2df7543d7e7e141050423c21696971bdb7d2c5b

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                                                        Filesize

                                                                                                                        85B

                                                                                                                        MD5

                                                                                                                        8549c255650427d618ef18b14dfd2b56

                                                                                                                        SHA1

                                                                                                                        8272585186777b344db3960df62b00f570d247f6

                                                                                                                        SHA256

                                                                                                                        40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13

                                                                                                                        SHA512

                                                                                                                        e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

                                                                                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                                                        Filesize

                                                                                                                        86B

                                                                                                                        MD5

                                                                                                                        16b7586b9eba5296ea04b791fc3d675e

                                                                                                                        SHA1

                                                                                                                        8890767dd7eb4d1beab829324ba8b9599051f0b0

                                                                                                                        SHA256

                                                                                                                        474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680

                                                                                                                        SHA512

                                                                                                                        58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                        Filesize

                                                                                                                        152B

                                                                                                                        MD5

                                                                                                                        51ccd7d9a9392ebca4c1ae898d683d2f

                                                                                                                        SHA1

                                                                                                                        f4943c31cc7f0ca3078e57e0ebea424fbd9691c4

                                                                                                                        SHA256

                                                                                                                        e36c7d688cd7d187eacc4fc1ccdd2968de91cee60f15ecb0e0d874da07be7665

                                                                                                                        SHA512

                                                                                                                        e3773c19314c66f09c0f556ade29cd63d84cc778be64060a570eed8f6c7918b7d09d2694d9e2d379bdaecb4e20cb140749a8111ef267c67a620d64cb598e0619

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                        Filesize

                                                                                                                        152B

                                                                                                                        MD5

                                                                                                                        7a5862a0ca86c0a4e8e0b30261858e1f

                                                                                                                        SHA1

                                                                                                                        ee490d28e155806d255e0f17be72509be750bf97

                                                                                                                        SHA256

                                                                                                                        92b4c004a9ec97ccf7a19955926982bac099f3b438cd46063bb9bf5ac7814a4b

                                                                                                                        SHA512

                                                                                                                        0089df12ed908b4925ba838e07128987afe1c9235097b62855122a03ca6d34d7c75fe4c30e68581c946b77252e7edf1dd66481e20c0a9cccd37e0a4fe4f0a6fe

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

                                                                                                                        Filesize

                                                                                                                        20KB

                                                                                                                        MD5

                                                                                                                        923a543cc619ea568f91b723d9fb1ef0

                                                                                                                        SHA1

                                                                                                                        6f4ade25559645c741d7327c6e16521e43d7e1f9

                                                                                                                        SHA256

                                                                                                                        bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

                                                                                                                        SHA512

                                                                                                                        a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

                                                                                                                        Filesize

                                                                                                                        34KB

                                                                                                                        MD5

                                                                                                                        d1a0d8504b6a46215e2a4cf521ddb7b5

                                                                                                                        SHA1

                                                                                                                        3d6e16808a1e17ccdaca99f37ed30468391c62e0

                                                                                                                        SHA256

                                                                                                                        cb357178d5e09917800b0669d958b5517c4f8b322c01f2adeca3ea7fa4e707c1

                                                                                                                        SHA512

                                                                                                                        2ee68d71b04a78e1bc353f66daaeac1ab9f2e1119d7b6974571f8ef1a7a20fc1ea3903f3d90f3feffe7d820339abed4a26cabb230ddba3baa415309daad2d570

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

                                                                                                                        Filesize

                                                                                                                        203KB

                                                                                                                        MD5

                                                                                                                        b0b439b7e0fda0d849a30b3e9fe5cdc0

                                                                                                                        SHA1

                                                                                                                        186bb36ea6aa4e966e536fff9df9a4c846addd79

                                                                                                                        SHA256

                                                                                                                        bad9c84267d924ac86be698bc10af250d433ff1855f8ca7f8f4efca2ef75594d

                                                                                                                        SHA512

                                                                                                                        8b5e4b3fabfb27e83c63a9b2c0e8eff431cd597714249fabe1ab6d3286955cba2b04adf48be76b72519fb08ffc36f840d53e53a1916c8cd20f9c618b47af40e3

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

                                                                                                                        Filesize

                                                                                                                        18KB

                                                                                                                        MD5

                                                                                                                        85b2f70f7cca6ac183b1c48cb0198d98

                                                                                                                        SHA1

                                                                                                                        b9c226a60c83280f96ac76c3fcbfcb7547fbacf8

                                                                                                                        SHA256

                                                                                                                        c8cdeeebc42c8dd3140e12b64b94f1606d9960af22b6feaf834f4eadf8e1ea33

                                                                                                                        SHA512

                                                                                                                        79cb317cad7739b3f23988e3f430f8f9ebb4fb42a1fbb3c8672a835fd343c5588e6f912c2831909a1bf0729ddb2c820deed51d7dca050c303975230664570b48

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

                                                                                                                        Filesize

                                                                                                                        21KB

                                                                                                                        MD5

                                                                                                                        3669e98b2ae9734d101d572190d0c90d

                                                                                                                        SHA1

                                                                                                                        5e36898bebc6b11d8e985173fd8b401dc1820852

                                                                                                                        SHA256

                                                                                                                        7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a

                                                                                                                        SHA512

                                                                                                                        0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

                                                                                                                        Filesize

                                                                                                                        20KB

                                                                                                                        MD5

                                                                                                                        c1164ab65ff7e42adb16975e59216b06

                                                                                                                        SHA1

                                                                                                                        ac7204effb50d0b350b1e362778460515f113ecc

                                                                                                                        SHA256

                                                                                                                        d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb

                                                                                                                        SHA512

                                                                                                                        1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

                                                                                                                        Filesize

                                                                                                                        34KB

                                                                                                                        MD5

                                                                                                                        b63bcace3731e74f6c45002db72b2683

                                                                                                                        SHA1

                                                                                                                        99898168473775a18170adad4d313082da090976

                                                                                                                        SHA256

                                                                                                                        ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085

                                                                                                                        SHA512

                                                                                                                        d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

                                                                                                                        Filesize

                                                                                                                        16KB

                                                                                                                        MD5

                                                                                                                        9978db669e49523b7adb3af80d561b1b

                                                                                                                        SHA1

                                                                                                                        7eb15d01e2afd057188741fad9ea1719bccc01ea

                                                                                                                        SHA256

                                                                                                                        4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c

                                                                                                                        SHA512

                                                                                                                        04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

                                                                                                                        Filesize

                                                                                                                        17KB

                                                                                                                        MD5

                                                                                                                        2ba277bbbcc8715291613160a997cebd

                                                                                                                        SHA1

                                                                                                                        e64ee67165bbadd3b8bde989c3e5b1d2540cf09b

                                                                                                                        SHA256

                                                                                                                        00ffe000f78ae3c8c8d5557e3ab0089e29730ed10b2a190bd2b7a569812afd96

                                                                                                                        SHA512

                                                                                                                        c0f7840f181ad991c45ed1be0fcc0d90be100f8bbf36c54418ebe66f46d776652447eb5b7eaffbd2eb07c04455841d8e5d74f404eddf3c22daa34269d842435e

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

                                                                                                                        Filesize

                                                                                                                        16KB

                                                                                                                        MD5

                                                                                                                        d8e56edd91e6a8e254c9df3c3619f493

                                                                                                                        SHA1

                                                                                                                        e5bb299b458c95e5575da0a42ff7b49969b880b4

                                                                                                                        SHA256

                                                                                                                        8b598d7196aef8cb9eacf393e5b2520f5387f125552e1fefb6f373be30f64e97

                                                                                                                        SHA512

                                                                                                                        46d3bb6eeba235ed9e2621cf6bf89c10c78fbbee1bec31d59347532d9d242de4bb533911d0981d3c1af85a1d51226ca694ccbcef178adda1fb71e9634820027b

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

                                                                                                                        Filesize

                                                                                                                        56KB

                                                                                                                        MD5

                                                                                                                        57ae6558fd495a4c05692113c7315b1e

                                                                                                                        SHA1

                                                                                                                        edcf35929545ae68664779e0254b67e720e1a0b3

                                                                                                                        SHA256

                                                                                                                        fc01d1f63650df9b53e5ed7f8ad20f8ca46a194533f72ab431ce862d1f310b63

                                                                                                                        SHA512

                                                                                                                        51fe9f8eee096ecaec21a1b1ccc72ddefa178627cf8809daf12713c70edc075bd1b03f277a505b2357076a278afd11a4f853132d8fbae53361a36438fd8951f4

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

                                                                                                                        Filesize

                                                                                                                        49KB

                                                                                                                        MD5

                                                                                                                        55abcc758ea44e30cc6bf29a8e961169

                                                                                                                        SHA1

                                                                                                                        3b3717aeebb58d07f553c1813635eadb11fda264

                                                                                                                        SHA256

                                                                                                                        dada70d2614b10f6666b149d2864fdcf8f944bf748dcf79b2fe6dad73e4ef7b6

                                                                                                                        SHA512

                                                                                                                        12e2405f5412c427bee4edd9543f4ea40502eaace30b24fe1ae629895b787ea5a959903a2e32abe341cd8136033a61b802b57fe862efba5f5a1b167176dd2454

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

                                                                                                                        Filesize

                                                                                                                        46KB

                                                                                                                        MD5

                                                                                                                        beafc7738da2d4d503d2b7bdb5b5ee9b

                                                                                                                        SHA1

                                                                                                                        a4fd5eb4624236bc1a482d1b2e25b0f65e1cc0e0

                                                                                                                        SHA256

                                                                                                                        bb77e10b27807cbec9a9f7a4aeefaa41d66a4360ed33e55450aaf7a47f0da4b4

                                                                                                                        SHA512

                                                                                                                        a0b7cf6df6e8cc2b11e05099253c07042ac474638cc9e7fb0a6816e70f43e400e356d41bde995dce7ff11da65f75e7dc7a7f8593c6b031a0aa17b7181f51312f

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

                                                                                                                        Filesize

                                                                                                                        46KB

                                                                                                                        MD5

                                                                                                                        621714e5257f6d356c5926b13b8c2018

                                                                                                                        SHA1

                                                                                                                        95fbe9dcf1ae01e969d3178e2efd6df377f5f455

                                                                                                                        SHA256

                                                                                                                        b6c5da3bf2ae9801a3c1c61328d54f9d3889dcea4049851b4ed4a2ff9ba16800

                                                                                                                        SHA512

                                                                                                                        b39ea7c8b6bb14a5a86d121c9afc4e2fc1b46a8f8c8a8ddacfa53996c0c94f39d436479d923bf3da45f04431d93d8b0908c50d586181326f68e7675c530218ed

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

                                                                                                                        Filesize

                                                                                                                        37KB

                                                                                                                        MD5

                                                                                                                        01ef159c14690afd71c42942a75d5b2d

                                                                                                                        SHA1

                                                                                                                        a38b58196f3e8c111065deb17420a06b8ff8e70f

                                                                                                                        SHA256

                                                                                                                        118d6f295fd05bc547835ba1c4360250e97677c0419c03928fd611f4f3e3104b

                                                                                                                        SHA512

                                                                                                                        12292194bb089f50bb73507d4324ea691cc853a6e7b8d637c231fadb4f465246b97fd3684162467989b1c3c46eabb3595adb0350c6cf41921213620d0cff455b

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

                                                                                                                        Filesize

                                                                                                                        31KB

                                                                                                                        MD5

                                                                                                                        81ac05c6d01d84d913a56c11909cdc7d

                                                                                                                        SHA1

                                                                                                                        55f6bd5429c5a35ed53caae2cd50d856edcb7883

                                                                                                                        SHA256

                                                                                                                        b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5

                                                                                                                        SHA512

                                                                                                                        0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                        Filesize

                                                                                                                        1KB

                                                                                                                        MD5

                                                                                                                        485feabbfd915baa371530e2e5b464aa

                                                                                                                        SHA1

                                                                                                                        76557007c11916dad8e35d83cdae8636ac9744c5

                                                                                                                        SHA256

                                                                                                                        9962808a4d6e57e5f5138df2a717f08b49da6e7a8339608df26456348eb750d5

                                                                                                                        SHA512

                                                                                                                        d46eccb4d835546b52ec1e7a0e1f9798fb2a537135fadf67c263bfd533ba524973fe1a8a6f2d1473ff34f2231f100788d508c4b8ad771e131cb632dc29d9eea5

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                        Filesize

                                                                                                                        1KB

                                                                                                                        MD5

                                                                                                                        c7335b27a396fea830d7758082046926

                                                                                                                        SHA1

                                                                                                                        dbf4da7da3404e1ba6f16cf887c14ef24424167a

                                                                                                                        SHA256

                                                                                                                        222677ae9000f41b7582c502d3092474c250909e053f5346de420c109afd6762

                                                                                                                        SHA512

                                                                                                                        a0afb898a4f7e4241f233bad557a9e0644ec7ddfdfb93f62f4030b6765c92f92e461d04cd6bc85f89709ebd782484a51c0ad2ab8cf7367c95be45680f8c9acfa

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                                        Filesize

                                                                                                                        2KB

                                                                                                                        MD5

                                                                                                                        7e12cdc698a3d2fd7f58b6bf85ed9cd1

                                                                                                                        SHA1

                                                                                                                        9525b465a944804a8c72a7d3cd45baf7532e1eba

                                                                                                                        SHA256

                                                                                                                        d3c918a0f480d7bda5413bdb02f8980dc6afed207f53f0c5be09ac1ea4f5752e

                                                                                                                        SHA512

                                                                                                                        0ab317478cee8bbad506565a3f7422ecded6f48a75670df5bd12ebafdbb1f386cf11f9d684415eeadf36586b179f1227c892b4bed54f99a1f90d93f9f8985035

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                                        Filesize

                                                                                                                        2KB

                                                                                                                        MD5

                                                                                                                        c4d7573d97b5ea283916f89fe5f846ac

                                                                                                                        SHA1

                                                                                                                        abd16d3f8350a40d9f322a3bbce0cc1ad406708b

                                                                                                                        SHA256

                                                                                                                        0c4668a5adbcaab2f8d494aeff4783d50a7bfcfea1aa0a4a4397cf3ab0cc3110

                                                                                                                        SHA512

                                                                                                                        500a9a8dc6fee4d1fd0e0cc0bc9317ac68597dd4a8d96be1f95ba99f3de025aa86a6a99d9a438616eb1713f3ec34bd4e4bb45fe4f66a9a7146e19fadca26fd91

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                                        Filesize

                                                                                                                        111B

                                                                                                                        MD5

                                                                                                                        285252a2f6327d41eab203dc2f402c67

                                                                                                                        SHA1

                                                                                                                        acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                                                                                                        SHA256

                                                                                                                        5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                                                                                                        SHA512

                                                                                                                        11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                        Filesize

                                                                                                                        5KB

                                                                                                                        MD5

                                                                                                                        7efd28027d6312d377fdf729e8f91763

                                                                                                                        SHA1

                                                                                                                        07773d347815f201c4376edb4e3087645220faf2

                                                                                                                        SHA256

                                                                                                                        1127ec87c9068dbe4e972fea76774f7ba3482f06bf4dc1297adb91d77de7114b

                                                                                                                        SHA512

                                                                                                                        e22f43efa5f55e77240d35ce078bdef0db2559a8896949d36e36882a62a259665d2d99087715850b1edc257dcdc59428033aa9779f954f55ca8d531fb8ca9e0d

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                        Filesize

                                                                                                                        7KB

                                                                                                                        MD5

                                                                                                                        3d8ae44e21121eb55b135bab80a78833

                                                                                                                        SHA1

                                                                                                                        3920cdbb07a6e357715c4309a85cdd6f83288014

                                                                                                                        SHA256

                                                                                                                        e2957325eec9432a3609208139ab73bb3f3f63f3ebbd4cf638cefe5870ef554a

                                                                                                                        SHA512

                                                                                                                        0b3a7a0581f509680ccc625791dc472a81fd9b95b502a91dae6641f7c82fe52cc8c0152abc1664a3f8ce4420b4c0dffc22255d06c7c42573de29aeff9e94f552

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                        Filesize

                                                                                                                        6KB

                                                                                                                        MD5

                                                                                                                        a6b47f94bff4f1d39b229ce2fb44ed35

                                                                                                                        SHA1

                                                                                                                        ed95a0aed76c95bef2b0968e106207d1f9c9e25f

                                                                                                                        SHA256

                                                                                                                        07d595e1d482a11aa37ff6ccafe5996e7c1a50bc02f6ff659bad32a2358a1920

                                                                                                                        SHA512

                                                                                                                        b98cf7aefff48f1544a8284aa6932a481898d78cda66ae96bb9ab0b78c1dbdb552005ffa09650eba72319cd1bedf362b00c7334248408adccbe553e1b0d39f64

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                        Filesize

                                                                                                                        7KB

                                                                                                                        MD5

                                                                                                                        1612d97b775af5001fdb4fede3825b8c

                                                                                                                        SHA1

                                                                                                                        74916bae7bfd47438e34cca0b002e9fc504ce052

                                                                                                                        SHA256

                                                                                                                        88c3689b243b3b7b5c2610a265fa5c7a4eea16ea204f7e57dcd4420f0f792a40

                                                                                                                        SHA512

                                                                                                                        67f8e9404e45ea9e0fd7405ecf32ca2cb91daebb67ac450ec67d76b9cfe782f1df91e89e3cdb786b77e19f555a60313f4942727c5c78fe0bad2aa19770b0a05e

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

                                                                                                                        Filesize

                                                                                                                        24KB

                                                                                                                        MD5

                                                                                                                        52826cef6409f67b78148b75e442b5ea

                                                                                                                        SHA1

                                                                                                                        a675db110aae767f5910511751cc3992cddcc393

                                                                                                                        SHA256

                                                                                                                        98fc43994599573e7181c849e5865f23b4f05f85c1115dff53c58764d80373fb

                                                                                                                        SHA512

                                                                                                                        f18df18cab6b5ecd71b79c81a2a1fdac42cc9960f62f06ac25f4d6487792705f2766ee3a10239eaac940d090186e6bc820e4eb7a5ee138f6e5c1c64f951b960c

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\807b778b-e3a1-4592-879c-5f420fa724a5\index

                                                                                                                        Filesize

                                                                                                                        24B

                                                                                                                        MD5

                                                                                                                        54cb446f628b2ea4a5bce5769910512e

                                                                                                                        SHA1

                                                                                                                        c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

                                                                                                                        SHA256

                                                                                                                        fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

                                                                                                                        SHA512

                                                                                                                        8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                        Filesize

                                                                                                                        89B

                                                                                                                        MD5

                                                                                                                        8da1504ca5bfd2c0a265e504d43cc097

                                                                                                                        SHA1

                                                                                                                        6e59bc31c727ee37044540f66501ab2c2d3d74e8

                                                                                                                        SHA256

                                                                                                                        1d4bb5a5d24170e8d0218c335817f6cb5ebe788a8829de49b859fb5834a0f9b9

                                                                                                                        SHA512

                                                                                                                        ceede6554f4b1f19d1d955884f5331e766a9d5b31d9ef865641367a5a72793bd88ecc36406fe146690de1eb42160a7eaa660521f53f3fef34e56cd68d9699576

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                        Filesize

                                                                                                                        146B

                                                                                                                        MD5

                                                                                                                        ab2fac2127880106077b590403934cde

                                                                                                                        SHA1

                                                                                                                        b23b9f4118f35c32ae807d0ccad3a62c8ac957d4

                                                                                                                        SHA256

                                                                                                                        e6aa1020d177f39e271ffdf9d81fc194e0a80ae678a17faae57a2b5a01f2308e

                                                                                                                        SHA512

                                                                                                                        0f1849abdeb7cb1fbde74265c3a0d454a05cf2025a164c8151405ffdd06f877f4830e3cb5fcc758090b16e058e8afe2874bef88cb6f1a62b2901a8b41ea5f1b2

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                        Filesize

                                                                                                                        82B

                                                                                                                        MD5

                                                                                                                        9e3e65a1c9b45eddd7f2e37e91c8eb24

                                                                                                                        SHA1

                                                                                                                        cdd3dd28c6a9e5ef0eb45becc13a5a0aae9ab90b

                                                                                                                        SHA256

                                                                                                                        e00bcabf31bb71c2db5ec391eb2a761af30c229737593ffb302707dfa09467e1

                                                                                                                        SHA512

                                                                                                                        5af4bfc2799c95aaa6d18336883203e749ce31305d5a289c025bc36a74f9bf12bcdc326cf20be3a6b0c2a759cf190fc6e7da767d5f8c8e911dee4d35c919743b

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                        Filesize

                                                                                                                        146B

                                                                                                                        MD5

                                                                                                                        38691affc476c65c757420a29c0750aa

                                                                                                                        SHA1

                                                                                                                        b790cb95222e385b32874e821bcc1f0a7ec20990

                                                                                                                        SHA256

                                                                                                                        e4847f5fa1872f5afe4786f24ac547fef8277ce15a08a1c7da253ea1e0f39e61

                                                                                                                        SHA512

                                                                                                                        f19fe7ecb3684f271975a4db5798f62bd3b164873008e23f15526f876ccf7fc3debd858bfcc02d0ca6d95fbba170ba0dfdc51dc6c1a93a216ae52cc4339486e2

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

                                                                                                                        Filesize

                                                                                                                        41B

                                                                                                                        MD5

                                                                                                                        5af87dfd673ba2115e2fcf5cfdb727ab

                                                                                                                        SHA1

                                                                                                                        d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                                                                        SHA256

                                                                                                                        f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                                                                        SHA512

                                                                                                                        de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                                                                                                        Filesize

                                                                                                                        72B

                                                                                                                        MD5

                                                                                                                        b859908c94ce7bd9f46a7ed6f1207f69

                                                                                                                        SHA1

                                                                                                                        7fa9807b910f387c39f6d907a701729cd4fb0723

                                                                                                                        SHA256

                                                                                                                        fc4a9d84dbef4cbf18429fa7c7fb5bc9b024535055a14fa00304efb19aa7997c

                                                                                                                        SHA512

                                                                                                                        dd44b65d89b762e457d5334002ff936072b4108478ec85e067686bde71d04b7917f3952b03db96438360e8fc3ee78ed08b6a4554b1235e63b89d0160beccea92

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe586b77.TMP

                                                                                                                        Filesize

                                                                                                                        48B

                                                                                                                        MD5

                                                                                                                        90617347a99008b7b711afdf29422e90

                                                                                                                        SHA1

                                                                                                                        9b8f009014eb4b6ae3ff4b957869172770d16fe2

                                                                                                                        SHA256

                                                                                                                        ff8691a408c8401db587af3f0dfd9f3807ea0928a2dc1890c4f6d27086afba24

                                                                                                                        SHA512

                                                                                                                        04afb67cb20c96aeb71ab9ab350fd7c742ffc557f6418388f7233169beaa3c662c8108b867ac6d5fc8f1ae38ebe27b35731c2760be569cd4b7c6b291e4a752a0

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                        Filesize

                                                                                                                        1KB

                                                                                                                        MD5

                                                                                                                        387e2820f2771a58a226a326945bd62d

                                                                                                                        SHA1

                                                                                                                        eb6ece12f89f90888a864010cc77192aed1b8a9b

                                                                                                                        SHA256

                                                                                                                        d29e65dfe0112506c87195b662bffb7d626d43dbcf003b33b11ec64dac8f4797

                                                                                                                        SHA512

                                                                                                                        654c226ec7ceec450657bd071adb57dfffbafc06bc065b2231b2f9d1eba75484a204314ef4dd6b639f4d9fe955a0e2876491497eefed1501ec0f9373dac9c801

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                        Filesize

                                                                                                                        1KB

                                                                                                                        MD5

                                                                                                                        de0ad8ec9ee184a402c74116823a095e

                                                                                                                        SHA1

                                                                                                                        eab77cd683445a65449b661406031071326278f6

                                                                                                                        SHA256

                                                                                                                        aabdf92bdd2834cd7209a56adf1a579741aabf1c0c503e7ef48f9428edefb908

                                                                                                                        SHA512

                                                                                                                        bbf9f68c82b47d121fa53b5b1a30a2b82bd7ada69bd367a2834c9847bd1b0b70496bfbbfb948fdd3d455acb5c08a5fdd24476e05902d3495166c7ccf93c4622c

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                        Filesize

                                                                                                                        1KB

                                                                                                                        MD5

                                                                                                                        dfc43ce70baa6e54d5c1c895b4f848d9

                                                                                                                        SHA1

                                                                                                                        9baf604b59bf0cabec21d4212960cec7a99f37a4

                                                                                                                        SHA256

                                                                                                                        2eb6d175a4608de6880a4245dad523af5f6df817ba80eab4bd9b27ceeaffce52

                                                                                                                        SHA512

                                                                                                                        7b025ba411d3e80dc86980f5dfa30ce3d8851256f23d3c8cb0d6bfb29ba67a7fc6f09744a77b6ea11ac1c57b6abfdb8a696cd48198a85bd2ea518ec57846dd49

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                        Filesize

                                                                                                                        1KB

                                                                                                                        MD5

                                                                                                                        f8c2044e655e6a96ba3939d8ac18c62c

                                                                                                                        SHA1

                                                                                                                        bd2a2e1ce8d71a5941382d2a961ee3e04e48073a

                                                                                                                        SHA256

                                                                                                                        9bceb1d20cf09aa335524da3d2ff30ffd30c26abbf1bd2671fd87c253328da79

                                                                                                                        SHA512

                                                                                                                        9749f3d867b19c901f15e2a1fe1211dbddc891d57b1615790c1c4bba37d3da6d0b4a795b54e4011123b195b787638d9de4aba57049af7ff1c537399a6ac4243d

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                        Filesize

                                                                                                                        1KB

                                                                                                                        MD5

                                                                                                                        f92a3d6da522ff2ac18d1dc1ccbd0873

                                                                                                                        SHA1

                                                                                                                        7305cb6c0eb7e9dfe839f3fa7101ca3fe7941b65

                                                                                                                        SHA256

                                                                                                                        9865e105b11090d387b138f88ff95142354bb57d43bc32df8536248dd4a1fe63

                                                                                                                        SHA512

                                                                                                                        aa122525f92e893be3fd38df74ad258ff5913df021da23ce2cf25b438e493d3f3d6552d58bcba36b1fa6dd840749710574cbbb6ae668cb6e119c28545d68ad0f

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                        Filesize

                                                                                                                        1KB

                                                                                                                        MD5

                                                                                                                        6fc6fe83d92456281ac34764ff858df1

                                                                                                                        SHA1

                                                                                                                        8ae2c441e3155e667c76fa738145d027dc905944

                                                                                                                        SHA256

                                                                                                                        a68109f0924f44948ee5fcdf5c97fa62f2e32f2a88e9cdaaec4a23b17e863a48

                                                                                                                        SHA512

                                                                                                                        078a950390aa8a0b13cb64464be2b7482cbc23e74386ab21cf3b3ed60e7ebb336ae27c9a543cdb4d06aeaca7415bcc7c800c4a26e9e8e84914fbb3f2f93fb92d

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e148.TMP

                                                                                                                        Filesize

                                                                                                                        539B

                                                                                                                        MD5

                                                                                                                        a619e2cfd9958ca1a3a869af85ffb90b

                                                                                                                        SHA1

                                                                                                                        d9c71935f80c80f534621f8f5fc69c65b823dda7

                                                                                                                        SHA256

                                                                                                                        89fc9fa3c1c843267069b63e817caed57ef361774ac5e9fdfe596fdd419ab89e

                                                                                                                        SHA512

                                                                                                                        7378b5fb19f05b42106356cfa078caf7495065f0173c5620d2b7c27d916cb46650822af34df04ab5ce2506c4db7095c02860c62a8deae37d9b8afa8a39e46b8f

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                        Filesize

                                                                                                                        2KB

                                                                                                                        MD5

                                                                                                                        06c5ed82216577f7b5140d7a63a79a02

                                                                                                                        SHA1

                                                                                                                        d1afd9a7529537696347573d2b770a20c831ce28

                                                                                                                        SHA256

                                                                                                                        7623c5533ae65b23682cde5415f20af9aca5d1d8ea16f84238d212d8de2b189f

                                                                                                                        SHA512

                                                                                                                        dbe9dc248d00778901bb23dd5a6e6fc0971b186be0916b4e20fcd82d555ac2e7846137fdf23128923422a10d96d416ff9168aa1ee64d5600d4afb55f8edeeb87

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                        Filesize

                                                                                                                        2KB

                                                                                                                        MD5

                                                                                                                        a1bf07f4b7d649375e56e2e89144c416

                                                                                                                        SHA1

                                                                                                                        d62762f2395467d799127ad3fb661acd920c9734

                                                                                                                        SHA256

                                                                                                                        235101c8ed76c23cdba914a5a56d1d1dd57d2bf6a5d765833937a5166bf063d4

                                                                                                                        SHA512

                                                                                                                        33a217fb17dedf3eebf34327bbbbc4e4b203a3a302a8a1cdb97ddffc7ead8fb041223f7ebe46f0413e5bc728333040f82bc630d7a88a3f09b1ba6dea88db0c32

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                        Filesize

                                                                                                                        2KB

                                                                                                                        MD5

                                                                                                                        9059a640d98d4f91b2557db58ae6d194

                                                                                                                        SHA1

                                                                                                                        2962e756e1dd01b73b18813c96c706382a75912a

                                                                                                                        SHA256

                                                                                                                        f89178acd942d1212fd8e0a2050e211ed4439bc68e9d50bfe86959e461f5e745

                                                                                                                        SHA512

                                                                                                                        e05cc8c3ab21877292401c834ee3d8042d2a3f4191cfe11603a8d07cc2c8e15c3bfa72e0c79b2d6e87e06d083a489d48acd67f129098ae0e9beb093e4059fb48

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                        Filesize

                                                                                                                        2KB

                                                                                                                        MD5

                                                                                                                        ebf303fc8a868ad3568703169b3aeb5e

                                                                                                                        SHA1

                                                                                                                        69a90e98ccdd7641c607bd0d8724c8bab551fc39

                                                                                                                        SHA256

                                                                                                                        b1ad3389d51ee929b4d8175494b3dda786784d6656f2efc49fbfac2ae40bb7ba

                                                                                                                        SHA512

                                                                                                                        1935bca21db72b99726a4d7fb137e4c7ab5e4ebe5d66f60965d500d643804fde7a69143eae1c14c611d4108f444f8ea3fb965044baa3aaa454303f737593474c

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                        Filesize

                                                                                                                        2KB

                                                                                                                        MD5

                                                                                                                        abfbd65fdadcc6df4a6e331ccc53b8ec

                                                                                                                        SHA1

                                                                                                                        1ccd294981b9599047b0a368c3ae1d3019af21f7

                                                                                                                        SHA256

                                                                                                                        10a1ee4517670fe5e640af8ee5d3b0c4c583003576eb981f9d00203b6a960f74

                                                                                                                        SHA512

                                                                                                                        685f8ccefd48b217f8e6a2955761bb8367c1b1b27b4fae3a95db68d3ff1f0030fec7fa45b77aa6f0cae44c522f44b06ea4085097439edca10db44490e2b6c3f0

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                        Filesize

                                                                                                                        10KB

                                                                                                                        MD5

                                                                                                                        8d00796dba54d986a743f9567d21df5d

                                                                                                                        SHA1

                                                                                                                        a3883e577328d8e362011e857b2a803a2f87f923

                                                                                                                        SHA256

                                                                                                                        f2cdac337e653c3b94bbaa31ef7325adc3016869ec56402efb09308964ace77e

                                                                                                                        SHA512

                                                                                                                        1a65b0d8241e0ba4ea4c0fb17e4644438c9b6bcff080c6b152296cb6c4cd34740e3d4522d3d5ac8df7138d1c878329e96d28065878799ef67f2570dbdc731695

                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                        Filesize

                                                                                                                        10KB

                                                                                                                        MD5

                                                                                                                        e4ef404dda1b3dbae958888674d5488a

                                                                                                                        SHA1

                                                                                                                        e646621774127847437dea2a8f063d4a73a566ce

                                                                                                                        SHA256

                                                                                                                        28b7c3ccc0fc455d808ace29c835e88625fda3f0132da98694a3c368679db2d6

                                                                                                                        SHA512

                                                                                                                        8e8971d5efbd8bf29321126bf68981af089b7bd2b57dca34226adcddbe463f03a2a51883a723594fac00de7e9e758e001f530763e9f3007a1b86fa7d344534b7

                                                                                                                      • C:\Users\Admin\AppData\Local\Temp\tmpaddon

                                                                                                                        Filesize

                                                                                                                        442KB

                                                                                                                        MD5

                                                                                                                        85430baed3398695717b0263807cf97c

                                                                                                                        SHA1

                                                                                                                        fffbee923cea216f50fce5d54219a188a5100f41

                                                                                                                        SHA256

                                                                                                                        a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

                                                                                                                        SHA512

                                                                                                                        06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

                                                                                                                      • C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

                                                                                                                        Filesize

                                                                                                                        8.0MB

                                                                                                                        MD5

                                                                                                                        a01c5ecd6108350ae23d2cddf0e77c17

                                                                                                                        SHA1

                                                                                                                        c6ac28a2cd979f1f9a75d56271821d5ff665e2b6

                                                                                                                        SHA256

                                                                                                                        345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42

                                                                                                                        SHA512

                                                                                                                        b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\stdidscq.default-release\datareporting\glean\db\data.safe.bin

                                                                                                                        Filesize

                                                                                                                        9KB

                                                                                                                        MD5

                                                                                                                        9097ea229aa22e397568d7aa45ab3f0d

                                                                                                                        SHA1

                                                                                                                        e8d0f9366e397196cb5d448410950b2278fa8797

                                                                                                                        SHA256

                                                                                                                        98d8f8c64c90ad46ac412354fca3fcbeebed30fb9ab72a2f72b8803565007d6d

                                                                                                                        SHA512

                                                                                                                        3e1ae19e2ca0c7c18b80bac262ebbb8e4a57d6d6985b8eb7f6632b544d642193bd8d1cf232f3753b44e02ac0377ff836c5eb5bba569b675b1695ec1fa58c9fbc

                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\stdidscq.default-release\datareporting\glean\pending_pings\786278c2-e571-43f2-a12b-8e06f4ae78df

                                                                                                                        Filesize

                                                                                                                        734B

                                                                                                                        MD5

                                                                                                                        23ae0d33b5255f656cfe691431a033ea

                                                                                                                        SHA1

                                                                                                                        0b66a57237116289b3b80dbcba4e0bb3a7b7d147

                                                                                                                        SHA256

                                                                                                                        9fa62ce5b0140b6de1c55dfdffd174840bd4c90e179a46c2e1269529bfb7c2fe

                                                                                                                        SHA512

                                                                                                                        98967a94cc4a810d66e2ec6968b2e84f025a524dcf1d07e3838e8335ada59af1c3cf04814c090a5ea24c030b3872145cba541860d3967d2209971c9fab574b1d

                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\stdidscq.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

                                                                                                                        Filesize

                                                                                                                        997KB

                                                                                                                        MD5

                                                                                                                        fe3355639648c417e8307c6d051e3e37

                                                                                                                        SHA1

                                                                                                                        f54602d4b4778da21bc97c7238fc66aa68c8ee34

                                                                                                                        SHA256

                                                                                                                        1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

                                                                                                                        SHA512

                                                                                                                        8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\stdidscq.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

                                                                                                                        Filesize

                                                                                                                        116B

                                                                                                                        MD5

                                                                                                                        3d33cdc0b3d281e67dd52e14435dd04f

                                                                                                                        SHA1

                                                                                                                        4db88689282fd4f9e9e6ab95fcbb23df6e6485db

                                                                                                                        SHA256

                                                                                                                        f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

                                                                                                                        SHA512

                                                                                                                        a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\stdidscq.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

                                                                                                                        Filesize

                                                                                                                        479B

                                                                                                                        MD5

                                                                                                                        49ddb419d96dceb9069018535fb2e2fc

                                                                                                                        SHA1

                                                                                                                        62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

                                                                                                                        SHA256

                                                                                                                        2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

                                                                                                                        SHA512

                                                                                                                        48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\stdidscq.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

                                                                                                                        Filesize

                                                                                                                        372B

                                                                                                                        MD5

                                                                                                                        8be33af717bb1b67fbd61c3f4b807e9e

                                                                                                                        SHA1

                                                                                                                        7cf17656d174d951957ff36810e874a134dd49e0

                                                                                                                        SHA256

                                                                                                                        e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

                                                                                                                        SHA512

                                                                                                                        6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\stdidscq.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

                                                                                                                        Filesize

                                                                                                                        11.8MB

                                                                                                                        MD5

                                                                                                                        33bf7b0439480effb9fb212efce87b13

                                                                                                                        SHA1

                                                                                                                        cee50f2745edc6dc291887b6075ca64d716f495a

                                                                                                                        SHA256

                                                                                                                        8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e

                                                                                                                        SHA512

                                                                                                                        d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\stdidscq.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

                                                                                                                        Filesize

                                                                                                                        1KB

                                                                                                                        MD5

                                                                                                                        688bed3676d2104e7f17ae1cd2c59404

                                                                                                                        SHA1

                                                                                                                        952b2cdf783ac72fcb98338723e9afd38d47ad8e

                                                                                                                        SHA256

                                                                                                                        33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

                                                                                                                        SHA512

                                                                                                                        7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\stdidscq.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

                                                                                                                        Filesize

                                                                                                                        1KB

                                                                                                                        MD5

                                                                                                                        937326fead5fd401f6cca9118bd9ade9

                                                                                                                        SHA1

                                                                                                                        4526a57d4ae14ed29b37632c72aef3c408189d91

                                                                                                                        SHA256

                                                                                                                        68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

                                                                                                                        SHA512

                                                                                                                        b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\stdidscq.default-release\prefs-1.js

                                                                                                                        Filesize

                                                                                                                        7KB

                                                                                                                        MD5

                                                                                                                        536bd2091a7ccf8b926672ac5560ed78

                                                                                                                        SHA1

                                                                                                                        e23c077ce3357f26a7e66b4720221083921f3088

                                                                                                                        SHA256

                                                                                                                        705ab2736d953d7547c611a5f594b186b7637948c139310e310134b4adc86fc8

                                                                                                                        SHA512

                                                                                                                        fb66958594f21129c1d0eb4ad6690809a69e0cc85853444dd33d7eeebaadb05e89cf59d8d9137321fd6b4f0c055c3b2ea45fa4a4a26c83dfedae62374d24f328

                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\stdidscq.default-release\prefs-1.js

                                                                                                                        Filesize

                                                                                                                        6KB

                                                                                                                        MD5

                                                                                                                        9ff3c3bf61ed67344da0ee4e6c51bd14

                                                                                                                        SHA1

                                                                                                                        09ad111fec42783d4f440e5f2b9cfdcc266cfcf0

                                                                                                                        SHA256

                                                                                                                        5c75b250ed492750f9ec7d2cab25526a55d1c1aac2771423448ee6e8dc86e803

                                                                                                                        SHA512

                                                                                                                        eddc8a9e805eb46ce18605c38192a3a23d241f61462401164d917c6e031e0bbb7ed3ed5d93f1ded47851f6b890e972dd277cb66683ff1af23ec8ede4dd4e2ecf

                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\stdidscq.default-release\prefs.js

                                                                                                                        Filesize

                                                                                                                        6KB

                                                                                                                        MD5

                                                                                                                        133bcaed263c6166c17e6362b04eb641

                                                                                                                        SHA1

                                                                                                                        6486b3fa1a587d7b0451ad684625f37bb06f112b

                                                                                                                        SHA256

                                                                                                                        b3fbab95dc047a77e38cc236016c0171d51f7eb8784c0bb714cfd88431201ef8

                                                                                                                        SHA512

                                                                                                                        03fd78a831b02d7cfdcc374ca14e9c776252be63e8ae2e364bb7343df251ce7f54ee4676410b40139145990f076072b4e3a04a74d30a0a770aadb7e7fa219123

                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\stdidscq.default-release\prefs.js

                                                                                                                        Filesize

                                                                                                                        6KB

                                                                                                                        MD5

                                                                                                                        eb51b1fbd817f598c53526d1e0b3df61

                                                                                                                        SHA1

                                                                                                                        a2636996745daf2402b05b1d9515472cea2071e6

                                                                                                                        SHA256

                                                                                                                        653b7f8f0b375e4e073d6a10ae2a9eacf52ad884316993202d686120e7c3bd99

                                                                                                                        SHA512

                                                                                                                        72cac1f854e175ba64564ea0571b8311e9bd8e7b9a59255aad96cf589f3b6459e71fb58b8ea845b9e456689fbc58c3192e6706509d34b9fa0774ebcddbf0be1d

                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\stdidscq.default-release\sessionstore-backups\recovery.jsonlz4

                                                                                                                        Filesize

                                                                                                                        1KB

                                                                                                                        MD5

                                                                                                                        4214e009784d5144dbdca3ad7bac4cf2

                                                                                                                        SHA1

                                                                                                                        7db7879a154ef7cd943c9c8249f9c362aac25460

                                                                                                                        SHA256

                                                                                                                        055c6dbf0e53bf0bb243fa56c7a56e533151896f9a26ebc652cf040a1d70d15e

                                                                                                                        SHA512

                                                                                                                        2542bc6e3f365fb983e150ca097de43a03efbe030e3ac7be6fcb63c947e2b6ee1223249660f928197c9dc8e46a5b1ea38ed82ffb5c9e4adbc7c353bf3e3ba1e5

                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\stdidscq.default-release\sessionstore-backups\recovery.jsonlz4

                                                                                                                        Filesize

                                                                                                                        5KB

                                                                                                                        MD5

                                                                                                                        f56cd42c4fe3cfc3b4911999fd11fcfe

                                                                                                                        SHA1

                                                                                                                        06667b0c5052df8b9666009ff1f9d0098723f99b

                                                                                                                        SHA256

                                                                                                                        4169db8ed5d0b439f553034c3f43008db27220eba1b30cb8db32e1a99772a2d9

                                                                                                                        SHA512

                                                                                                                        0e64ccfaa4eaa2329083f6866b03b4274a7a4aa30d409ac50a50727b8a7bb361bcc7f25e0fad2f0393645ecb4fab16a65af441d6858f2f468d47cca408e449db

                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\stdidscq.default-release\storage\default\https+++www.youtube.com\cache\morgue\169\{13945b31-a48c-4265-907c-0975c9b611a9}.final

                                                                                                                        Filesize

                                                                                                                        192B

                                                                                                                        MD5

                                                                                                                        2a252393b98be6348c4ba18003cc3471

                                                                                                                        SHA1

                                                                                                                        40f75302fcbe4a8ac2e33a8d9daf801abc2a9598

                                                                                                                        SHA256

                                                                                                                        04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee

                                                                                                                        SHA512

                                                                                                                        07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\stdidscq.default-release\storage\default\https+++www.youtube.com\idb\3728217877yCt7-%iCt7-%rae3sbpfo.sqlite

                                                                                                                        Filesize

                                                                                                                        48KB

                                                                                                                        MD5

                                                                                                                        0d627278a9c6d4a0efe29d707436910c

                                                                                                                        SHA1

                                                                                                                        68e8d41b0616ff5ce0fe1cb4e6179a93029c6bc7

                                                                                                                        SHA256

                                                                                                                        fcb206fdf3eee38de7c0a42f317c4153500a6975167199d5c0929e161da31759

                                                                                                                        SHA512

                                                                                                                        5f3e38bec3ada13b26497e5656d926010f63b7a15b45ccde63af6a75d313b6e420fc00cdc05315b1a435e90771eee418ac6ec086b91bd5554e1cb720514bd5ac

                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\stdidscq.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

                                                                                                                        Filesize

                                                                                                                        128KB

                                                                                                                        MD5

                                                                                                                        02df51be6a58232d1e1a5e52a7ee3a59

                                                                                                                        SHA1

                                                                                                                        e60f831b84f519d0ab0c3d063aa096345a522e87

                                                                                                                        SHA256

                                                                                                                        5dd4ca9932059a1754b9875113036198ef83a9774c9b367ed9b27aa129bea26a

                                                                                                                        SHA512

                                                                                                                        2425c698f93e6cc9839c20242309cab9be26a424bf3d2d680cb18c4149b70072e07ea587de462966e54fb46aad8db458d0c015bc666f4b694bd193337277a009

                                                                                                                      • \??\pipe\LOCAL\crashpad_4784_DEMHRYGEHYYDHVZT

                                                                                                                        MD5

                                                                                                                        d41d8cd98f00b204e9800998ecf8427e

                                                                                                                        SHA1

                                                                                                                        da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                                                                        SHA256

                                                                                                                        e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                                                                        SHA512

                                                                                                                        cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e