Malware Analysis Report

2024-11-16 15:51

Sample ID 240208-behmwsac6y
Target 11fb93037ce172da7c79780fa493ee6e.bin
SHA256 a88f61b5c204874bf519cdb12814104a4b5a5f705c1380644c9786fbf4e1e133
Tags
google phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

a88f61b5c204874bf519cdb12814104a4b5a5f705c1380644c9786fbf4e1e133

Threat Level: Known bad

The file 11fb93037ce172da7c79780fa493ee6e.bin was found to be: Known bad.

Malicious Activity Summary

google phishing

Detected google phishing page

Checks computer location settings

AutoIT Executable

Unsigned PE

Enumerates physical storage devices

Enumerates system info in registry

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious use of SetWindowsHookEx

Uses Task Scheduler COM API

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SendNotifyMessage

Suspicious use of FindShellTrayWindow

Modifies Internet Explorer settings

Modifies registry class

Checks processor information in registry

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-08 01:03

Signatures

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-08 01:03

Reported

2024-02-08 01:05

Platform

win7-20231215-en

Max time kernel

47s

Max time network

151s

Command Line

"C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe"

Signatures

Detected google phishing page

phishing google

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (data) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000566b58630fb3a044b91770fce5e9b2d6000000000200000000001066000000010000200000002348cf412cc26814546e06e93cc2e5ba64b7440f7a23bc13b5a39d944ffd74b1000000000e800000000200002000000078a10bacf8b55d8adedcdcd56bc70f9a5690ee8ad5157d518d57d245980a8f4d200000008ace985d76e62b759faf8904b63ad22ba6fe9b7229ce357ab228546fe665608040000000fbe927a7c10fd6fb66e1f3c80793c138a20492772ed79404b264eb6d4d3d524eacba082546ffb51c21febecadaa3da03287883f22589c5f778c77b69a91128fe C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff5600000000000000dc04000065020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\DOMStorage\facebook.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{DA65BD61-C61D-11EE-B908-CA8D9A91D956} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff5600000000000000dc04000065020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000566b58630fb3a044b91770fce5e9b2d600000000020000000000106600000001000020000000fcd9a7058f64bbe4e44e9f4077e6ae06cbe3971e262b985c1dbcb24c2a0bf2ff000000000e800000000200002000000089aa14e495e936a5c504e96dc6d97614a477dfbc4284076a96bfd63caf830ad290000000c20e8759b123903e42077cc48cacc2d041d6b1c09e1beec12b6e407a0c9d46e00a9b9d4d63a01594c6f60b246c418d67287aa6978ebc1b9c48cbf2b1b79f82d74f7ad5ec0967987328ea7c136d5e0ef4b48697ad899539c7dc67f05ca2f2c39710a4d7b0f85790fd743a5335e457aff337b639eef62d4c293de7da49f8ce343be038a5cc90bb521a767eddc000487408400000004c7f3ab8ba532fec34e13261e1c7e26a9132af339e5e1eaa2eb3b7ea5907fe350813c4203b3fdeab0eeec9df73f4ba7d56dcb56f13398db70c291f45351e42c5 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{DA681EC1-C61D-11EE-B908-CA8D9A91D956} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2256 wrote to memory of 2308 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2256 wrote to memory of 2308 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2256 wrote to memory of 2308 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2256 wrote to memory of 2308 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2256 wrote to memory of 2184 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2256 wrote to memory of 2184 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2256 wrote to memory of 2184 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2256 wrote to memory of 2184 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2256 wrote to memory of 3016 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2256 wrote to memory of 3016 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2256 wrote to memory of 3016 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2256 wrote to memory of 3016 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2256 wrote to memory of 2064 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2256 wrote to memory of 2064 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2256 wrote to memory of 2064 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2256 wrote to memory of 2064 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2308 wrote to memory of 2860 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2308 wrote to memory of 2860 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2308 wrote to memory of 2860 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2308 wrote to memory of 2860 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2184 wrote to memory of 3028 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2184 wrote to memory of 3028 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2184 wrote to memory of 3028 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2184 wrote to memory of 3028 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3016 wrote to memory of 3064 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3016 wrote to memory of 3064 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3016 wrote to memory of 3064 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3016 wrote to memory of 3064 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2064 wrote to memory of 2768 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2064 wrote to memory of 2768 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2064 wrote to memory of 2768 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2064 wrote to memory of 2768 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2256 wrote to memory of 1576 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2256 wrote to memory of 1576 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2256 wrote to memory of 1576 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2256 wrote to memory of 1576 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2256 wrote to memory of 1868 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2256 wrote to memory of 1868 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2256 wrote to memory of 1868 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2256 wrote to memory of 1868 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2256 wrote to memory of 1444 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2256 wrote to memory of 1444 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2256 wrote to memory of 1444 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2256 wrote to memory of 1444 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1576 wrote to memory of 1040 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1576 wrote to memory of 1040 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1576 wrote to memory of 1040 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1868 wrote to memory of 1292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1868 wrote to memory of 1292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1868 wrote to memory of 1292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2256 wrote to memory of 604 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2256 wrote to memory of 604 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2256 wrote to memory of 604 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2256 wrote to memory of 604 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1444 wrote to memory of 1120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1444 wrote to memory of 1120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1444 wrote to memory of 1120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 604 wrote to memory of 2812 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 604 wrote to memory of 2812 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 604 wrote to memory of 2812 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 604 wrote to memory of 2812 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 604 wrote to memory of 2812 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 604 wrote to memory of 2812 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 604 wrote to memory of 2812 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe

"C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.linkedin.com/login

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/video

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2308 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2184 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3016 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2064 CREDAT:275457 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef5d49758,0x7fef5d49768,0x7fef5d49778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef5d49758,0x7fef5d49768,0x7fef5d49778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef5d49758,0x7fef5d49768,0x7fef5d49778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2812.0.1998582085\1591318781" -parentBuildID 20221007134813 -prefsHandle 1216 -prefMapHandle 1144 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9cb7e8ef-ee3f-4fd5-a3de-5db0e7371e61} 2812 "\\.\pipe\gecko-crash-server-pipe.2812" 1340 108d7658 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2812.1.307392103\828841304" -parentBuildID 20221007134813 -prefsHandle 1536 -prefMapHandle 1532 -prefsLen 21610 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1cc33771-4500-4b5d-bad3-8cd3f0ef345d} 2812 "\\.\pipe\gecko-crash-server-pipe.2812" 1548 f5eb258 socket

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1180 --field-trial-handle=1224,i,9660393324102186754,3652025813427272983,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1504 --field-trial-handle=1224,i,9660393324102186754,3652025813427272983,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1568 --field-trial-handle=1224,i,9660393324102186754,3652025813427272983,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2132 --field-trial-handle=1224,i,9660393324102186754,3652025813427272983,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1340 --field-trial-handle=1432,i,3685887330824237942,7938225560479633741,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1096 --field-trial-handle=1432,i,3685887330824237942,7938225560479633741,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1128 --field-trial-handle=1300,i,15610096656832511794,4565404894369081725,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2644 --field-trial-handle=1224,i,9660393324102186754,3652025813427272983,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2124 --field-trial-handle=1224,i,9660393324102186754,3652025813427272983,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2812.2.565600049\2015290797" -childID 1 -isForBrowser -prefsHandle 2252 -prefMapHandle 2248 -prefsLen 21648 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c132aa1f-07e0-41b5-89b8-d9e52da2939a} 2812 "\\.\pipe\gecko-crash-server-pipe.2812" 2264 18fd8458 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1452 --field-trial-handle=1300,i,15610096656832511794,4565404894369081725,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2776 --field-trial-handle=1224,i,9660393324102186754,3652025813427272983,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2812.3.1188674936\1679129131" -childID 2 -isForBrowser -prefsHandle 1072 -prefMapHandle 2132 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bf58aa74-382a-47b4-8257-7822df9d0fb9} 2812 "\\.\pipe\gecko-crash-server-pipe.2812" 2224 e61958 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3436 --field-trial-handle=1224,i,9660393324102186754,3652025813427272983,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3412 --field-trial-handle=1224,i,9660393324102186754,3652025813427272983,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1336 --field-trial-handle=1224,i,9660393324102186754,3652025813427272983,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2812.4.882486482\1586280900" -childID 3 -isForBrowser -prefsHandle 3332 -prefMapHandle 3752 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {927489d3-0bc5-4d6d-8861-afc97991f879} 2812 "\\.\pipe\gecko-crash-server-pipe.2812" 3756 1f78e558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2812.6.1989739953\2080429778" -childID 5 -isForBrowser -prefsHandle 4040 -prefMapHandle 4044 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {df60be62-0ae6-4140-9bf5-59ca298bf38e} 2812 "\\.\pipe\gecko-crash-server-pipe.2812" 4028 1f874158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2812.5.449314349\632503304" -childID 4 -isForBrowser -prefsHandle 3860 -prefMapHandle 3864 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {49804bb2-d2b4-4342-b682-34470d2af82b} 2812 "\\.\pipe\gecko-crash-server-pipe.2812" 3848 1f78be58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2812.7.819739317\1984964189" -childID 6 -isForBrowser -prefsHandle 3920 -prefMapHandle 3916 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2208243f-554e-40bb-ab44-0f0ff5323d3c} 2812 "\\.\pipe\gecko-crash-server-pipe.2812" 4244 1fbae858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2812.8.860121214\1225075174" -childID 7 -isForBrowser -prefsHandle 3916 -prefMapHandle 3920 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f0881059-8d86-43a4-95b8-c40144fbcf4a} 2812 "\\.\pipe\gecko-crash-server-pipe.2812" 4420 211ced58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2812.9.1374439758\1399866587" -childID 8 -isForBrowser -prefsHandle 4548 -prefMapHandle 4552 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0ed789f5-3b1b-4243-9b3d-e69f2a11253e} 2812 "\\.\pipe\gecko-crash-server-pipe.2812" 4536 21965a58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2812.10.1389811003\632950733" -parentBuildID 20221007134813 -prefsHandle 3916 -prefMapHandle 4824 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c70c33e6-d3a5-4d03-aaa2-35845cc644a8} 2812 "\\.\pipe\gecko-crash-server-pipe.2812" 3564 21c41c58 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2812.11.1852539937\2113542677" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 2836 -prefMapHandle 4808 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {342aa081-2750-4fca-85f9-ab5efe2e8b0e} 2812 "\\.\pipe\gecko-crash-server-pipe.2812" 1752 1f79da58 utility

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4288 --field-trial-handle=1224,i,9660393324102186754,3652025813427272983,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2812.12.1115813746\391846890" -childID 9 -isForBrowser -prefsHandle 5080 -prefMapHandle 5072 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {56caa622-93ce-40f5-a5eb-ea640531dea4} 2812 "\\.\pipe\gecko-crash-server-pipe.2812" 5092 21966358 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4556 --field-trial-handle=1224,i,9660393324102186754,3652025813427272983,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 142.250.187.238:443 www.youtube.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 142.250.187.238:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 static.licdn.com udp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 142.250.187.238:443 www.youtube.com tcp
GB 142.250.187.238:443 www.youtube.com tcp
GB 142.250.187.238:443 www.youtube.com tcp
GB 142.250.187.238:443 www.youtube.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
US 8.8.8.8:53 m.facebook.com udp
GB 163.70.147.35:443 m.facebook.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
US 8.8.8.8:53 facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.35:443 facebook.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
US 8.8.8.8:53 fbcdn.net udp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
US 8.8.8.8:53 fbsbx.com udp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 142.250.187.238:443 www.youtube.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
GB 142.250.187.238:443 www.youtube.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 accounts.google.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
GB 142.250.187.238:443 www.youtube.com tcp
US 52.24.144.241:443 shavar.services.mozilla.com tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
GB 142.250.187.238:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
GB 216.58.204.86:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.204.86:443 i.ytimg.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.35:443 www.facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 accounts.google.com udp
GB 163.70.147.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 216.58.204.86:443 i.ytimg.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.187.238:443 www.youtube.com udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
N/A 127.0.0.1:50187 tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 172.217.169.42:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 rr3---sn-q4fl6nsr.googlevideo.com udp
US 172.217.131.200:443 rr3---sn-q4fl6nsr.googlevideo.com tcp
US 172.217.131.200:443 rr3---sn-q4fl6nsr.googlevideo.com tcp
US 8.8.8.8:53 rr3.sn-q4fl6nsr.googlevideo.com udp
US 8.8.8.8:53 rr3.sn-q4fl6nsr.googlevideo.com udp
GB 172.217.169.42:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 rr3---sn-q4fl6nsr.googlevideo.com udp
US 172.217.131.200:443 rr3---sn-q4fl6nsr.googlevideo.com tcp
US 172.217.131.200:443 rr3---sn-q4fl6nsr.googlevideo.com tcp
US 8.8.8.8:53 rr3---sn-q4fl6nsr.googlevideo.com udp
US 8.8.8.8:53 rr3---sn-q4fl6nd6.googlevideo.com udp
US 173.194.24.232:443 rr3---sn-q4fl6nd6.googlevideo.com tcp
US 173.194.24.232:443 rr3---sn-q4fl6nd6.googlevideo.com tcp
US 8.8.8.8:53 rr3---sn-q4fl6nsr.googlevideo.com udp
US 173.194.24.232:443 rr3---sn-q4fl6nd6.googlevideo.com tcp
US 173.194.24.232:443 rr3---sn-q4fl6nd6.googlevideo.com tcp
US 172.217.131.200:443 rr3---sn-q4fl6nsr.googlevideo.com tcp
US 172.217.131.200:443 rr3---sn-q4fl6nsr.googlevideo.com tcp
US 8.8.8.8:53 accounts.google.com udp
GB 172.217.16.238:443 www.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
US 173.194.24.232:443 rr3---sn-q4fl6nd6.googlevideo.com tcp
US 173.194.24.232:443 rr3---sn-q4fl6nd6.googlevideo.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.169.74:443 jnn-pa.googleapis.com tcp
GB 142.250.178.4:443 www.google.com tcp
N/A 127.0.0.1:50219 tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.169.10:443 jnn-pa.googleapis.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
GB 88.221.134.155:80 a19.dscg10.akamai.net tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 216.58.212.238:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 216.58.212.238:443 redirector.gvt1.com udp
US 8.8.8.8:53 r4---sn-1gieen7e.gvt1.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
CH 74.125.173.169:443 r4---sn-1gieen7e.gvt1.com tcp
US 8.8.8.8:53 r4.sn-1gieen7e.gvt1.com udp
US 8.8.8.8:53 r4.sn-1gieen7e.gvt1.com udp
CH 74.125.173.169:443 r4.sn-1gieen7e.gvt1.com tcp
CH 74.125.173.169:443 r4.sn-1gieen7e.gvt1.com udp
US 8.8.8.8:53 www.facebook.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.187.238:443 www.youtube.com udp
GB 142.250.187.238:443 www.youtube.com tcp
GB 142.250.187.238:443 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.221.35:443 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.35:443 www.facebook.com udp

Files

memory/2256-0-0x00000000005B0000-0x00000000005B1000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{DA65E471-C61D-11EE-B908-CA8D9A91D956}.dat

MD5 620f8a663bb27dd8edc7e8a85d563d5c
SHA1 74c847c4a69416f62d85643cb491b81bc3a921ad
SHA256 fd8f1d1aec35ee5f7396105a55149b72461f1c58c35adedbba0b7b52341c4ca0
SHA512 e15a42a1d3557d04b36ff1095345cd3c5fc0e6e572ad43f83fc6256a1190f60e02a0329a3059ddff74a170e0ad1df4d3ee35c5789d31ae42e5da2a3a011134e2

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{DA65BD61-C61D-11EE-B908-CA8D9A91D956}.dat

MD5 8fc06141e0ec07e2228d14318c0c9ae6
SHA1 39756e53aea7d12da19e13f25bc9457a4f7c90a3
SHA256 f94c219ff54c8cca612f4be4d5d507cf89aa5519325fb42ce29942af51a2d698
SHA512 3e6bc3e2988023e20ce3c54335d296ebfad3796640c06f406e2f133de628ec9afa116829cc24871c242f350dcbdfbc2964c09e147083962c59fd93954ca8e04c

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{DA65E471-C61D-11EE-B908-CA8D9A91D956}.dat

MD5 beb3a74aaa3e899b11b4e2323969be1e
SHA1 1c878433fbfac60bf5266c1bf5e3666ff9b7c978
SHA256 1a2691f844072e031ad8ee0b4368970de872364e21b10c7b644506b8f1316ff4
SHA512 e58a0d29a0d811bb5c3305c5af11f6b951f7e3bfc68944a8588b6ee88b86b3bcc0f113cd4a147ec47b669ee98bb7cd7e1235df67602bca2e716a3eb665506775

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{DA681EC1-C61D-11EE-B908-CA8D9A91D956}.dat

MD5 7a17947bebb34da642af13b5eee314c8
SHA1 3489c1995cbc06c60bb05eed0237d4ef477363e2
SHA256 d6423df4d33f061272c35678551b6986234cc455a105da2d4ab074b2c8b7607e
SHA512 87460e9daeb2aa99166ec66de18b4b344e6281fe3df67142af3349ca247f1892a99a536f0e8d0e55921fdfeb378f2db3b936436faaadfb04c7649c33140903fd

C:\Users\Admin\AppData\Local\Temp\Cab204D.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 67cb083d571fe5a2297df237a128b164
SHA1 9b013cb066b8438107147a95d19b17c6fc6e9f61
SHA256 4470aa43b44fa36a76c410b37a16aa9b9ccc6efd919a738a7e52d45653dda4a6
SHA512 2567a828ac643417fa4b84b29792790b524e1944e4ff0ceff562d650206989a84bee76b06751924525807faa87c1e0244b1d0ff511f00942ca4087dfbac3d62d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 267f3fbb231876ea1b3de1b8aaea1917
SHA1 df0843fb7137e7e81e449ba3c05168fe892ffa78
SHA256 5157427e4c6e429f14a19cec39e30d37b17040ca86886879c0315d157e7b90d5
SHA512 dec882dbb4505cce10525f935a90c2a87552ddc08701e3faa8de7561dea23f4c029142154b6818e0a50599a2e3341fb12b5c4554d06a0ee5f2ab07941eeecc61

C:\Users\Admin\AppData\Local\Temp\Tar216C.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 eec1d0f11e8875b206b2f05b1d3222e3
SHA1 9c9dd06ff60b484445615be8fbb4c994c380030f
SHA256 6c6ebfe73c9bceed9b1948dc2ab1a26dc95822c2bc37797c950d1b2064a80168
SHA512 2f412125544c80717101861d03bce4d68106fe87db5ec9c1e9595db9ebfbb8e87de40253d667247ba9d8611940d4f5e488650301268df5e20fb85bd8f24f6d53

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 f52fdf14127fd329598c885f914f98fb
SHA1 447e08352499ab48a94cf1c4cbc518454815a610
SHA256 a746de7744ff4387a4a722caa0957941639e3443f223fc0e2bcae400e6808b58
SHA512 cc304007f31ad26096e2dd902e1633fd96ac474adc796fa8560415bc96fb798370375ff82329e3f75b79a215998500bca3fd817f7c185f9d4cf68cf8c9e526e2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a3fc8f40eca320ca1e1e0021b3b7568d
SHA1 fb5b2e38b386ebb49c16ab70f4a5f9814e79b955
SHA256 7d1e390f2d51bc9f020099b4ca917c9885f47681bddf5450d235b2b6fe1d3de6
SHA512 a9379b649f36d3f1b3cb9aa929d622a2cb5491ba730630027062d4aa98363d7e14101e06f7c9bf3c5d5c4cff8068a0b6fed5f5a3a1f348edf2d3ce6f141c7300

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c1f1c7c1574a2b8f61fc59ace267b11f
SHA1 b7d58ec7d7e6b3c439f55efacd0d21c9c4000f60
SHA256 2d46292e93852ec870f948c0967feb748e8a79cbdef5b091279f4464b3e201d9
SHA512 a7998d101257c207efd4012e77fd7a2eb6c14bf4353de5b69e4256b14c0a3708f07c24fa9a2e803e230098dc5abc2b9dacfe9e33144a2b6622c26b0a0f290ee0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 48e70c119972cecaed0dae7384b0f7a1
SHA1 f09ee218495ae1a2583c60d09677e4d5ed624c8f
SHA256 04dc5aab024d121e455335c966d15db0c5e7ff075e07a80ec818f8205707e226
SHA512 ddbf08ec76237b23dff5f203253c20f6c1abee2e1db7ead6d9c3f170f622724359d6deba4596eda4c950403c37d3ddb3805eaad48bd8c6b40cd878a4fdb1e800

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 cad81fad2ab96418942ccf7a83132c26
SHA1 c97d85bfdc74d42801b06f07cb49abe262d2f549
SHA256 343a22ce1c80b7675588c481445158ef298b35eba0c69ad47ef95ef77fbe9969
SHA512 a50c96f39626de958c7216425f52293cdd0af6635044346445d26e1f4e4985aa83c4f31f83e447ec9bc388c254755cfec083e71bfd28c4a04bbd70a82007a717

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 39a19b4168cb12165e1d1b3683efe2a4
SHA1 b1cc017016f3c951530a5648d53b114710e0c5e6
SHA256 f65c50634e344f1dedbedfb69bf4bdbd7bacb9a7458de5b3c77043df61e3ff42
SHA512 b3b812d731edc853cfa6cf3eb44a73dc9eca970c80f730f604d984d1011b1a00f6b8da152afd4be12a829a12d8e61d2b5a2c3e1b8b4338dbf94bbc15e2cb4ee2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 054bdc3cfa5e7cdb36528335fca02925
SHA1 275b85bed21efbd8f5cf2b3d9dc3e2b5f6789f71
SHA256 8f4ece55be9cf962d333fa874fae6fb671c162fdd1a433eb2207d0e7d3bfc109
SHA512 74696bd713fba8eecb9885c5a4339bd987e3300c37663f3b09badc21945627579a59bef5c24037838aa01766b306a162613be6a36985b55115f673452ace6f49

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 ad3f797a50f49094cd9a25a0ed12457b
SHA1 f00ede79b0aef3a571369d5cd435acb07f977457
SHA256 c9e115faec2154c05db14c1690bf88412f8a99be5e9be5a65be7811a8caf70ca
SHA512 34756c6b935ea9dea61c85de61bcfd076bf6c680c991b91db1f1c98badaa51db005b7c5dc6c4477ef9d55f3c7551a08202451c71608779471499d515829d7048

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FIEDGG3E\favicon[2].ico

MD5 f2a495d85735b9a0ac65deb19c129985
SHA1 f2e22853e5da3e1017d5e1e319eeefe4f622e8c8
SHA256 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
SHA512 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\b5orqwt\imagestore.dat

MD5 b3cd9129a6a358894a76f9daf952cb2b
SHA1 740a03ab04055c49b55f5e623fa2377d1166989d
SHA256 677fd3d638c38443cb349b96688622653c566e53e7c28a66d62875cf850aac05
SHA512 117aca45007d921435ce2fbcd46c8c2450092ccf4b49be26a5dee241fd703019123e813c9b50acef3a525ac901782c5a08036f48e56a34697a7982e7ab79ad83

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\98NA747G\accounts.google[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\M2IM359C.txt

MD5 12f265eee080f092bd9ce0d114001020
SHA1 a4e0762f3ce2706c9249c0789ee0f12f1efe1aee
SHA256 fcf84172c8e4e858f10384a6fdf52b919f38eb4f9b24c2f98c0aea49c8a671d3
SHA512 75750bbb013ebd61ff12ed5d87e3dbf76d88655e7cd9f6707e87e1380f39cffa7fc2153a16bb617970f3308eb9e7f9953efc03d05926d106cb7f2d3521326110

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LFLWQ602\gB76kJXPYJV[1].png

MD5 389dfa18be34d8cf767e06fd5cde4ec6
SHA1 47b751cffab47d076816c63ce08d3e84600376ee
SHA256 3c45ce612f41b1e7936e7cf5b235047344fd3146d1630e342f186d1d1e8e00d5
SHA512 c4db18f636ad85e87f93a208fb4b02b528659ba367e51cfa6d7826ac1159f445a85fbca8d12ac67556e8fb5208dae24ae309e783d50feb088ef0e9f47ac19430

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\b5orqwt\imagestore.dat

MD5 daaa513b600a8fe3c8456a570a0533c1
SHA1 3526f79510dc1b72ce53f8faae3ddf3011098279
SHA256 b3add44d19a7b32ad74402e3481a00d2d686e9090c3fae70943bee8e13baf9df
SHA512 2f64acfce4ea5904abdb59a8c90ff582d554536f4541132ef63b1be7a823df7c410586d759392d84d1ee4d8c3883f460c56c6de50624b6061bc37a49ac465ca7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 bc0cd685752afe0c38084fbb5292ee98
SHA1 35194d4343252fe2c6947d62fd67457efb79d7ac
SHA256 7fdc7579c3b8cbd6bd686d660635eadf254e8fd1ee3e95fd8a2f5ac422dcde77
SHA512 34cc441012ae1fa71d1e9178021c308988b5ff2e4ae4a9c6a6f17c78ca0bb1c38e70c4fd67bf7cd84c84f20eaf12f702beb30127788fecc2f75d07c9e93ed397

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 1854e54daa440a7da6a26c44a31876e4
SHA1 6b1a2d91d032ab4a3dee60b3ba591fac8b67746b
SHA256 caa1c734031d2629740944d6cda4fdb3eda1cb4151b2e08b94eff68e862973d6
SHA512 4838a83fd3fbdc9f16cc55b793c68268c818de8b0e53b4cac2e5c2161e66c93da2aa25b27c9c3fbfa7d877be8e12c3bc159de14897e6d196d0b14aa48b6ff4c1

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LFLWQ602\favicon[1].ico

MD5 f3418a443e7d841097c714d69ec4bcb8
SHA1 49263695f6b0cdd72f45cf1b775e660fdc36c606
SHA256 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
SHA512 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\b5orqwt\imagestore.dat

MD5 546ad6aa7510bed40cf51125f058f10b
SHA1 bdc732a72b4b9f27ff8895e34fdcb08757963d74
SHA256 cdeaa09e58e78502810c56f1a7f118d99b7330caf72182f74a1bb0fcde1a01af
SHA512 62212fcb1210191fbe187a8fbd4061e6f6b087210e2cc8a522232d583611ac5ef359d437505465a860205dc9fe188b2a5910f063e7089df82419eceafc7066f1

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LFTKP12M\favicon[1].ico

MD5 b2ccd167c908a44e1dd69df79382286a
SHA1 d9349f1bdcf3c1556cd77ae1f0029475596342aa
SHA256 19b079c09197fba68d021fa3ba394ec91703909ffd237efa3eb9a2bca13148ec
SHA512 a95feb4454f74d54157e69d1491836655f2fee7991f0f258587e80014f11e2898d466a6d57a574f59f6e155872218829a1a3dc1ad5f078b486e594e08f5a6f8d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a6cc6bb1aca466125e4d0a4890ed1278
SHA1 350da5b4c1e1ff4781f4b67e71d705c7936d3001
SHA256 584876defcec947966d95d77bbe269a8fcbe935630f967787c2d0bf1e6e52b3b
SHA512 f959463e0787e531beb9889d5a3faa8eca7424bd8dd06715ff16a8c18e6950f76332ed2b67364ab80e88015b44ea87a42b3a1d970875f5fa23b9d8e1ed5ea627

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ec6ab4f5c9bd876b4c4978a5d3862113
SHA1 16a4516d05dd2553de1fa1b22aade7eed4b074ad
SHA256 e35aa349e68fe6d1a10aa609f1146aa00d1ee62789b739eb961b15f76261cb80
SHA512 9cdb00231b5d953db7d6e74d665c1aeae2f30576db2d9b31a3d56390a1918c6332955e9e6602e46f3605eb8e9f4b5754a54c80f83fc79328ecfd2a925b658678

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9e0a19eb3162d6d098854a8de2970ee6
SHA1 cc1062d88be0e0dadda3d38d77764813d946b19c
SHA256 b913779552c2005b92de92fc1325c45c4ab966d1a09435668f6725781bff69ae
SHA512 11d6aa581b5fa453fd3c5dac9c60c776a34d0669ff776ba51fcc4fe231dfaaeaf6071d628bffa261e2e1e0ae2af96c00f4159af2852df9c7b91db6faca5377f7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a47c49bbbf7d6ddf0d8b857102ac4f9a
SHA1 f403b5b90dfd68e28ab28b725a8caaac4946d8ef
SHA256 97aa24b5e516b330780d0b24de925a28f4d96faf794658f61e4346d1c4588533
SHA512 308e271d62800c4ec2ef2f20486e2440b874fcf7a2ebb91c3d38f7c27b1931631f29107d968c4186308492f3b6b841e50a37c433cb245e2f717f7440b90a093a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a9cdb0ec8458b33a112f4642668657fc
SHA1 923d5f45884244378968a38a1753677044a8e920
SHA256 fa8e0e3743feefd8b2145e47c409f567d00e15d102a71f4c53721f092089d6b5
SHA512 472ac30aa17680ba145bea576f09d37bf6c3747299f1b96c9394ae098af74cdaeb4bd3f0634385e5a8e845b20cf0111b401bdc5bb6bf97105bb605f19d2c4e25

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1ac11307b22194c25deef21b71d4f44e
SHA1 81193e626f7892c51e37350e3d4b8e16b19a7430
SHA256 1046d0c6ebc0d4ce7b067bd050189226d90c588ba3948f3c6da4c1cf4ae22e4c
SHA512 45aed9b465ca7d7fa6794c408372f43b9adef89860f14444c6968704898f31633336906b0befd33527a35ad3b66da8c6af247b1d4c00bb4075344fb64521c4c9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 77ce1e4fc9dca349b9cae5f14f36b471
SHA1 e96299e9420547ea01a5870529b7236c8f814982
SHA256 bad22d90c583181f86103bf5cdf5fa2873e51c15cba6a92a391725b57825ce58
SHA512 ad96d25bf10c45ec16cd5fb5bfda8f5d734a7491722c3c9747b784f62dab5826c7de4cd330f14d80443f668c62396970eb96c26d753f9b4db87203e3476f5908

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 dff57df5209c156b7ef50f2dd69654b5
SHA1 4e5327054d9c341a12fb1f2c6dedb4db55441de5
SHA256 0dfb740e795e1835d37651eceeb940f058ba1510da8ccfc295cee8a72ea5c6ea
SHA512 ec9ab6a7f4cd1e8a44da0e48399eb5463a22992e68147373cbfde757aba0eb00c7c08212b2eb6c7897acca62b0fea02df88f690486420ac4b5a7be6398a8a6a1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 09eb54b79939053fa807bdd5838354b5
SHA1 2780bf2df6de235ceccbe81b34e0468d412c44ef
SHA256 517ba56606ecce02dc46973ad8790b93b148a575c960cd0d167756395f00bced
SHA512 d0caab4bee564fc9edb4e9bf8b7e9ff657f32090b44210bb36794856f774e71251a5efe3e124a164901883665534894a57eff8b1ed2df15d0c27eaac347855e3

memory/2256-878-0x00000000005B0000-0x00000000005B1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 6664877f87a0f00a2ddeff4f3c4fb482
SHA1 2b63c85ab24903e01fc46deef1329e2ca07fafd1
SHA256 c802fef97b5b8677af9c4e7c55ee296543878fd972aa3c5a0455f088adab73ff
SHA512 3ee4cfb19cd3c1739237e6fd744903ca0788f749719f924af2db0d19cbb036989d34e534387f90232dee3a22955e4d1de1d784a12e0aeeeb17902aabb60dbed0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

\??\pipe\crashpad_1576_SFNTVMUAQEOGHCOE

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 8549c255650427d618ef18b14dfd2b56
SHA1 8272585186777b344db3960df62b00f570d247f6
SHA256 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512 e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\0a588f60-e59f-44ef-84ce-107848a2da7a.tmp

MD5 ad2d868b633257099d370fc38a96f475
SHA1 a9ba752b4be652ac60864b8ae94308879580ad5f
SHA256 c8c6c6ae09a5fa76a8025c9b977af14fc4176f10cd66ad5e4997eeefe2533276
SHA512 c316e48a8e4905cdaa89c6cc2fdb1c9c419e86057d57425f5cb01c08082b3f6d4ad171f6f7f48f1ae1c34229ca6d54d56430d2698e974a8da579153f7262d87c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 265db1c9337422f9af69ef2b4e1c7205
SHA1 3e38976bb5cf035c75c9bc185f72a80e70f41c2e
SHA256 7ca5a3ccc077698ca62ac8157676814b3d8e93586364d0318987e37b4f8590bc
SHA512 3cc9b76d8d4b6edb4c41677be3483ac37785f3bbfea4489f3855433ebf84ea25fc48efee9b74cab268dc9cb7fb4789a81c94e75c7bf723721de28aef53d8b529

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\6451e173-90bc-4758-953d-876ff93b4d39.tmp

MD5 1bb5c692ff88d53ded1c83daec8f9d59
SHA1 c941e5e9e08f0774422c91de3c06e43e527e162b
SHA256 4127419f36d25442453cec352b80a02724d4483d462b73e8c18f61b67046d208
SHA512 8582069b6d70fa6ededa5f619ad521e4e454917b8d1040b3a39b1443e7412d67401692253c1645296dc3963f704a26826f0fafd3e4d9df3634ba065d6f75934c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486

MD5 b079bb55d22cefcee13770880c1432cb
SHA1 8507ef101cc4471652dd88512990a9c1360559c3
SHA256 f80de1f9b8ab5a10a275a21389b2dcfe166b01fc8a560f276aaf024d34799ee9
SHA512 ac9619242d028c168de40146f054a78c0dbe4c7ea98c0c9c8b8d3b1674fc5b4fbf79ed86aecaa76deb0f3377edbd129b0ee351ff335226a74e6d6aca0b3de845

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486

MD5 9b74b0902fd68f03de39c2e4254dc14e
SHA1 214bf9834dec328ba71d39eb8875b94fbf43a950
SHA256 249600a51edb9496bb447a6dd5343174b859795dbce1abd8d6b54fff687c339c
SHA512 4d69eac73ec73887e7be050845145a4f921b8f22913d8373bcf00f95161932dcc54c4dd84f2209f412888bc70841155b9abf6a28367374a02b5c52cce33a333b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C

MD5 6adc5f22436ac1e80482b8b3327d4099
SHA1 7978fcb52879ee3ffbd083c0b2668a3342118b5d
SHA256 43f6df58c1e97c5dd083d810972586dddc2b511b35818092fdd4a09d554424b3
SHA512 5063f398d0256dc55e88fda9ab5ee1c3c6bc1808d96506ca6b086120b48e598416565e2506c9558ccf6daff5e39d41aef9c50e30bc6e9723c011d3af1f0ff00c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C

MD5 b7c5617f82819b006e60f5b799bc5bf9
SHA1 8383fc1cc5aca3c42a9756bfa0fe64e73a4a1677
SHA256 1eeed8fedddf1fed124785e9b69eadc44ec061c57aa03ce2fa603e916b0f030b
SHA512 a7e2942cab70a4c57db7918ddf631777fb4ce2727c9eca408e2acd4ca2ba5f02974f577756a43214698aff8812f701a68012f5fbea768c052b827d51eafdd4bf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_5DF872FD70B73DFE5D4C6BC4C26F7C22

MD5 8833ace222b15bd8ee8fa0d859c1c0b0
SHA1 94b53265a53df41029efb5d640f8c3bcd9468329
SHA256 f4af621f1529425ef7f196c3bd180b269b7884290d2c6501f9937890519f5fd6
SHA512 41494718f904b8d0f844d0f6a0b7ce190e3e5d2a9c26f2e4068b530401d996f8c9c30cc59fccc950eb2d8b222a889bbb36bab20583905d83b281aea6d8531c97

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_5DF872FD70B73DFE5D4C6BC4C26F7C22

MD5 37e404b38e5d13d94335f6f4d6fe0a1a
SHA1 091d8bd3810e8283dccd227b493cf31cd15e5659
SHA256 206278d71b6f3647b5a1d78209e05db68b624883f3ea65971c3a47210fb410c0
SHA512 e3b003071db3d651b7a77165c5947f528328f8d50c627c88a6e0fe8c34be33f170c121e7a623c6c6b858e04b2db81e4f642f7633d3d510b63d055067f23c436f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 fb908a10ac0c109f344b7c11dedc2ffd
SHA1 8af77beee499f2b26dbcbaa5ccbe49b33fbe1adc
SHA256 e66c3986512a7e8988bda191e407e2fb395603bc88d64c626b34b0fdae398642
SHA512 dbba53551eb1d128f6e754481221cd6085885211f566a75d4081087864d5b6213bfa8b062f80b10f8f788e0e82d3553dbe1bea055ade03214851cf575dbb4b95

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 af10c6c43f6df253eb4a1e87abd4cfab
SHA1 f5898faa3199f4831a7edfd4f6e3ea9b031e61ca
SHA256 8ea2615637f4512288d24815f8f51391527c76c8b30a096aff7e55de90ac5f1b
SHA512 7d4a8f2fe473a50f719bc33510a00920f4187777e0bceb63d305e2491d01882adec1b05fcb2b31b6508d84e4dfb6733bb3c17c29c1c0dc8eee3969e84bee9854

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\datareporting\glean\db\data.safe.bin

MD5 d8918fe82379cfa96725ece860607b35
SHA1 d9995e5031385715620dd9ad9dbbfcf705301453
SHA256 caa1d7c80e851515cfed67e0c3531d88761febf31a3fa306fa10f3f699142c6b
SHA512 6805312cde64ac3afdd7ee4630d5a329c59a08541138983fa8b80c4bea293a9d2c986be0e5e14fb02f8d7ea6b3e0ca6ecc7bf3d9b076e76b37668046b32f15e0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\datareporting\glean\pending_pings\cd71eebd-cb32-4e2a-9633-0d4f6cbe0ac2

MD5 61ac25c39a6642ecdd1d8bfcf846dc73
SHA1 61afbf12008ca9414aa001e149ae9af353940ef9
SHA256 94460c5bd112e797ba1b1fd3fc7c67317c047ca40e0e1163f15ec3f4c4055ebe
SHA512 b271439e174eb4c79291c3405bcce42010a139c0668f5edb27be2eaa311914c3693e678c7b07092a4c14b98f7ea3b397d5770eacdafca606f86a0887831904f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 e51eda7108584002236f977eb9bd8f19
SHA1 178acf6e9a55c32a2330762c22f1d69c9980355d
SHA256 4039b24854badf5b8cd769f2bd7d0a9926e900885fde5e0c4b02755920e8e73b
SHA512 cfa8af9456cf336ef635f2a85b067842cead74c55ec474e76ffd21b81a2cf5ab018ae811e74f47edf55ca3afc3cdca2a114adb39cc9b3ceb9c31e31f21be24ac

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\prefs.js

MD5 b4bcc330521b769901917cde7dca7d6b
SHA1 b31e262fb7c8d07f2c1751bc59e55ecf6498869e
SHA256 118c1dbe65cae02e02a80a6f1deec335509bfc2881ddf6e7b7f21bb6cce86e3b
SHA512 e4462e785b70551f5fb57b604091b2920e66dc73de4b43a8893e39a37f858a343b58bbd45e71c76dbbd6fc7cf86d0b69b692c549107309932ef3e2b7bdd21c98

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\prefs-1.js

MD5 f3f8de392c9d7cde871ade4b60cd24fc
SHA1 e49409e04128dc0ac06e407f2e47e250f48993b7
SHA256 3d69dd9f349ebdaa8cedea6171f6eccaccf9396773da615f67843641b61efb26
SHA512 816c0e5cfc22c1fea4cc7ed7b3a3f17dd18008d283f29266351af69f17196481f2f91e02cc0920d0640e366015f1fc912fb9551818dc92287c4b507d61e80faa

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 1c4a581c249851f203399c34e4ec9279
SHA1 ffd4f427b21153cbe38f874ab53d6d6c2480cc31
SHA256 f1c0480ce5923a1c2144542871baeee5f5891920bdf29c4c8ca6701ce27dbf16
SHA512 a01aa8927a533cfeda89ab40da5b0d54c0b154ee7dd6bb80db6b13f2ad6780b4d96d7f0c9f39c8de34608d7212bbbd1537b930246d997ebbdfc9fb2129a9ead8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf76b329.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 7c60000e4d42e4074feabe74dd717ec8
SHA1 d319bcc742aa2296f5761df227c5c92353282b04
SHA256 bdc9b627cf4b17f1bf35bd2dba2b6aa67ac806e045871621ee934f64cf041060
SHA512 31630eba56bf09ef482f1889c7fc17e7ef312fcca2738cdcbab2fdca148cd0f628a79ee5bbc6de7c41cd14971a28148dd2a6c3eb530e434bb92494ca7c8d92fb

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\storage\default\https+++www.youtube.com\cache\morgue\57\{a19ffa89-20ad-478f-b031-707be6c41339}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\storage\default\https+++www.youtube.com\idb\2316114499yCt7-%iCt7-%r3e3s1pao.sqlite

MD5 af97dc2ad983d1950745c8eb15b3a652
SHA1 76bc515afb0c032c1e4f744a09ac34395071c9d5
SHA256 da9351bc0e7ea482f0e64c1a322b8b7295c9f6119eccbe169f0cea0151b3bbbb
SHA512 11814791de1312d4185fd195122c97a661c626371fc79e3d589c293c027c8ac4d7db2934999dadf5e0dd1cf0d8eccdaba8ecb626cc1b06d09018c93c82ef6aa2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 58fcca1e75bed02d596e3aef71c1282c
SHA1 48101ccb8ea2322dac30abe7eb2cad1dcb812d01
SHA256 adb9ddf7100a2777dd8cdbbb80c4c8b34aae913b5a9d824cb2f4c21e340eb84f
SHA512 d326358bc2d1e3a477f0f174863b8d626d75cfc3a318568275759e3929ecd31cc8fa594b62bb08f7a954501d265902360261ef691c38d171a6ee93ad24ed6149

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 99495fedc2cb7042b69bd76f3a231fcc
SHA1 e4acd85b5f1093e2f6b7f1f7e196bf8dcd391ae5
SHA256 d4a072cec70852e8c34fc08875a5514cb618391fcf3067a92e52b60f4ef4fcf9
SHA512 69a302098fe3f83ad03603a0df573ca8c54b69566cc4c7f25343aa58804b66985e2eee8ede24e8968bf1f17dd552b0eb6cebb0136b1f6c61ad71012bbacb558d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\prefs-1.js

MD5 960759a3085d5ddb31f2b86b3c7d3ef1
SHA1 6e88f459006b70d6178e90e553aeac93e53423db
SHA256 4088eec121ea4e1632dc19d857613dc5c204e83d2f4ab7eec9d003c5a168f905
SHA512 31a90d7fafd95101dc095706a5d6ceef9b2599499e2df8d281e621f0da473edfdaeb750333baee5ced403f12b1930ccef917eacfc372099938904b213863d48c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1e123eab486efcb9fd6205280b81ee52
SHA1 0e2000538d7663015290adbd33e00903cdb83dc0
SHA256 70e3847ca69e81f6dc533461566dd088dba2e3aaab21d90e2bb9c353b6cbcad2
SHA512 6e09b182644a3a22287af7d11eb1ebf47343cc65653321ce92225acb6dd01d3798f467aa7d268c7e27e8969f02150a0b6cb14d204d30bc5ac7c186b41e742b59

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ca06ac30fd3d0923292fc3082dc81c60
SHA1 bc505c2d5a721fc60fcaf89a032e1dd41a5d6361
SHA256 78e94aa8f7bd75b6f97d2e0e9af4868ef0ee18e448088cf0b1b2a9dc1a9a421b
SHA512 3d4e5f967efeb54c674e7c965cfb9fd5177d3a6acb3ff9a61d43997a489f3ea576dd701d53a132918bf813382c2110747732caf939ef81361c8aa2357ac23afa

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\prefs-1.js

MD5 7d7640bb2965e82f5dbb86dc29fa905c
SHA1 a67ebd0b050233f10a8ae73f9158a063b4fa1083
SHA256 71708d66d6f9d59791ff9e1f1ebecdad7c010d8094265a518ce9662b06997a11
SHA512 e5849c3554583bdf612269b3f439f0b03ccb20ed6c9e8b702ef4094ff6fa94e85ec44816200ff5611748cdeb2c8a9e5572eaea71ee5a145447b8b9edac9ccd86

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 dedb25498d3766ab502d3aba352ea0d1
SHA1 ab6d3e2f2536f67be444f0cc3d5f280b5bac1d75
SHA256 a9a530dcd0598ae61b68736af97020daeeb810a9b36c5c3c146a66b34f1032c5
SHA512 9340b4c9a1835bf52af294d824356ab08ffcd3cef932037e05b1bf2fa307fad6d8618e028f7316701829c5f00403613b4216dd5f91d4efac203d826a91f3eb33

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 9c49deacc307de8b087e0c42f3d94aa7
SHA1 1673ab968f4e50850223af7333c8ab77772f25e3
SHA256 eb4b1402f48a7d77205e76cfd9bc317f1e0e6cda2541711d484651f87865a858
SHA512 621dbd9bab867e3b6ad259e7ff1fd16ceaa6ca8be7df8ec4b0560dfe76346f1101856119b2aec810b5076b13b16bbd8b80228d4bf731714b42f34423eeac8c4c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c6b10fe031ada8c00725c904019b2c3a
SHA1 5995b24ab099072eea6c3bac3ffbcb77cf2fe073
SHA256 704719ab08a318f845741f42c72e3a2bbc913d44d48f0d7455b931314eb50197
SHA512 3ba153ca06d0ce003b8d7fc2cc71fabfd7121850b7f5becdb5fe629cc5733603f6936edde203e08d951568cf4daef41e4523b6e23b5d660a4980978a7deb30b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\67f00abd-a746-46a4-bfc4-5ddc82a48419.tmp

MD5 cea2ad66be8b286b36ce437b36854cf5
SHA1 55ecdef187dfdda1eaf80a2f3305764954dc4fa3
SHA256 8d7af92e893a7e5927d58df5460f4785546486f7f793dc92135cd49d09f72539
SHA512 434e598e7de9250fb515e90b4d24dde5220fa615aefb005d7e124500d96113b25021da91e44c826fdb47d69045fa9842f7ff37b07b1dd5a6acf1081ffcfd0d58

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 41dd59bc0a62abb504a1d6ce436c6d8b
SHA1 b0b924456aea1538322249b6595a9724987e3491
SHA256 a9b3480b41f4d4ec3ea122967101bfff0bd62ce542b6e495fe40af2e4d907ad7
SHA512 4b4288f456774b4e1e71df48b86f5b6a6d320298354acefa86445e209f9da2c3765a5cb1dc0b91c85ba9d062bdc76394a56e950d086f9df425f9939f936b43ff

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\storage\default\https+++www.youtube.com\cache\morgue\197\{248e3311-2c88-4ab2-abc0-1f84a96983c5}.final

MD5 51bb0fe00991a2ae6707b3aefc583918
SHA1 21ec201ebf41ad57faaab02f7961ce5a746e6dbb
SHA256 97dc140355b2b45b54c3dab1ac66b951afae0bc742402cbc342be117f4424e0a
SHA512 41863cc0f1252366a5514dd62a06f4bba493029b8c7a35e19173b6d7f9114e7098fa35d284623b6641d28f7d7bee1ce99064987afc985dbf0354368f71f9a39b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 541f2cd0c5bb6610f83028b4826066c0
SHA1 888f0a99a6704c6ec691f6a286754a9f7967ed74
SHA256 369e29ecccedc02acc3824352aa6807cc063c77ca62d052d90cdb5e9c8549092
SHA512 022b8b70c2455b6597f1fde0a77c0e8c3bdb362b063a7f1f7dbe6230b6906c76ad22c1f91f119c0617bdfca57ab70acca59a079ebf86b2258bcf08aefd4479aa

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\storage\default\https+++www.youtube.com\cache\morgue\58\{e40b90e2-fc9d-403a-a3df-fad5f9535c3a}.final

MD5 5b0f165bbdb71faa1bb5b26c4f022e96
SHA1 704bbe81e0d8370e675246e1cbb347bf8599aa45
SHA256 b95a445bd9d295276e8423f1ad3fc50c740512a634f2115364217544bc87d44f
SHA512 6c521b2c55135ec98f79193bf9c62b73cfb1801cdeed03a9871878f677aacea46cae165a4290682768ca1c1192dff2e87b63c39228164d72d2c7abbe732f8d20

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\storage\default\https+++www.youtube.com\cache\morgue\238\{294c0ff4-8a46-44da-a453-3f94758a6dee}.final

MD5 45e25bb134343fe4a559478cd56f0971
SHA1 79f18ad0b7e3935c3231ced0edd8ea3c7997ca93
SHA256 dae4dd8e56ccc952312b3b238a1db294d4d7ad4f532c31cd1c2e5f9dee881678
SHA512 9b32b125c4183fe992630bc6ce9a511157959556fdce53f8264aba2aa8fb7b0e53b408b505da2cc96cdec771470927e74cba3bbd6eb71a5077e9f933cdc85292

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6c5cde69376353657d85865817e591c1
SHA1 fc38475bf5da0ffa8932e2fd025f9e7c646da1c0
SHA256 598af4e0847c51e110cba81f8b13cb49c2c1c1a965c2c2bd0fbafe36e24a5b33
SHA512 123f7c8b9a33a246df6000c18216b14d7312f931de51627b637ffd0ef6d0079c51946ce26468eed98851c2e0b839f6b7a8683f0acd4606dd5af85b8c5384ee36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 a3e3a33fc275acde3e031bc839a37e15
SHA1 4cbee9f417d00e66d2d85c900710881cffacd1af
SHA256 6ebb7b77c68d8cb412f5754919eb076699dc1c34ef22107ac918917c6aced93a
SHA512 2cca81bf71c9ee815db4364043452aa4f23955e6b4efede7a80c46a62ecdcbfc83d80c65aa8baf2500c8df33a9dc02ea3b7b7611da9ce10a6b23bb2332ff244c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2c9f5e5aa82bc90ffa1c9b543f906276
SHA1 1d460485506d9a848750af1ded4fa785e2aa4f8e
SHA256 5fde6d6ceee196791707808ba7d1d24a1a9b8a875b0a4af8fc0d8a0ae59f8b9d
SHA512 815074cbb011dcc9652657a73e268e41a497a1acb7745b01b6d20740a061ac5371756013ba381f1eda2c97e270bbaf4a0ea8f4b2fbeae2f509ddca6017bbed0e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 7b742a77ed3f46ae6690b546a9da66ee
SHA1 b0ad9f07089b8da19f2c407487a898f4e42ff060
SHA256 df9082bc83dadaf93c018d5e09205a4b32048bb27bf5c7c158fa918516845b0d
SHA512 1014081f2536f45b61301d0bbec73eb967bbb5b7f7b1bee67315cf997d681e31c95654f3bdb4448aaa68ec593e4b7a19fbb498e36fd947cbb3ffd29d9ddfd11b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 154edad9875bbdae9a699d813f5ce3a0
SHA1 23adb9811fdc8ba0447874adbea2e350dca7aa67
SHA256 161623fcc81413a453af0cf8fe58e3bb1c5ee7bd70846d451938d17f0c3392dc
SHA512 fb5d91b340bc25f8abbf5dd6e2d67663d5e759d18f47831bc5e33cd67094d994064d197869437cee98373d7539ff6ff0df2465d934ed9e0a25b46232630654fa

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 5a1671fb9e72927a5b157306fa5f023c
SHA1 195851ee3e3214632ba9c62c836f78239919906c
SHA256 a13f0f683ef45d2013bb65a39bc22993f88bc3573d7ed63285ae6f9704799f83
SHA512 906d31de1e3a04d321575a939eaeac3c46115590522aaa94341291303f6e3b8dd30f82f131e264a123844fb80f240bb02ccc131da15df73b77b46e16cb390d3a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6e873838088c31c069f0ec79a6557e45
SHA1 88233ad0d851cd24fab5ab76374c22d493961b26
SHA256 19ee14f84eb5cf872cae4fca9095629869ae0ba72d134434ed8fe8b04e2f27d7
SHA512 bbcaada0365e6b79f9ddcf9ef368338d3b2b3ca00ace8b067dd4c40cef940ae15441a0b82e14db4de07894e9fb5eebdcf6fe73690818e013ab5805beaf230a37

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 d842c5ad13912beedae4cff917240376
SHA1 41e62bc9a8bb0c3beeeeb19ac189448f02dd980f
SHA256 d9a8f54bedb59fa9314624f5e19a9a47a27e1b414c7bf5b996e360d722fa0914
SHA512 34d3cf395aefa7dac3016781c7da4146ff503a8e71c82dd472418d3d2b28c6589e54ef0a2fdd439de770fef5c11f6ef0a0556426ae669fecdebd3e57d04195c1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f34a307038e6f4452adfa2586b165cd9
SHA1 20341dfd5434d5f40189511d570849a0320d18a0
SHA256 b5ac97e3136edf0b564dd2a8202be19bf9282cf4ca33cefb0e9cf0711e757722
SHA512 938d88e1df9204798f2e7a5104fe47e7eacf166ac303606f9202086cf18ed2ab0856882bef3d90ae4bd294b59d10187e6ef8e286627c0200a8223d713dcf67c9

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 aa3976de6724d6213a635dead4bf75ae
SHA1 a7a71945373f1ed25aba08067a4846aa01df1795
SHA256 98a54e29ab67b224f565ed456986259bdbec2b2b41f3bd78abd042f0a03f06d1
SHA512 04c496230e16f838d2d489c7be5fc379967114aa34ca52e69c27557a8613c2b9104ed86a567c06921742e158b8fa7d27cf36fa95e7234c5bccdaa66d02757be6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 286f800dcd27137437d7b172938a68b3
SHA1 657904a28b55192b873cea4911cdb97d426bc42f
SHA256 5068e6083e423a4e1c76c5439e24aa60d5c1f33012853d6079d1208b8e9a65f8
SHA512 9022faf6d487ccf35f5f7d19c40f345c5ab9d52f18dd7b192b0ac250bbe8502190ea4ac5a59972cd4b01afc35b52fd65974192f00798578ee157d5b218cf36e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 115ab20aeccdf844d46fe5f18cd97d8e
SHA1 51648a9c2e27c63d722df1f966152cfb60cea804
SHA256 ea47eff5db097e57d16f747703850b32064949df193d579e8ff8ddb59000479e
SHA512 81490e6edfb655b26625ccad07e47496056054873ba21c899f9c5a73781337e742723ab56b4e993681d8168731066171c6fe91ec5aa26bb135f44df3d82820e2

Analysis: behavioral2

Detonation Overview

Submitted

2024-02-08 01:03

Reported

2024-02-08 01:05

Platform

win10v2004-20231215-en

Max time kernel

150s

Max time network

154s

Command Line

"C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-996941297-2279405024-2328152752-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-996941297-2279405024-2328152752-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-996941297-2279405024-2328152752-1000\{18CD8C9A-F83E-4361-A3AF-61730BB3E5C6} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-996941297-2279405024-2328152752-1000\{37ADE3F2-AFD5-476A-8A95-86577A3EDB4B} C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1004 wrote to memory of 1236 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1004 wrote to memory of 1236 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 4128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 4128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1004 wrote to memory of 3192 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1004 wrote to memory of 3192 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3192 wrote to memory of 4308 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3192 wrote to memory of 4308 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1004 wrote to memory of 4668 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1004 wrote to memory of 4668 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5012 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5012 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1004 wrote to memory of 1568 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1004 wrote to memory of 1568 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1568 wrote to memory of 4908 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1568 wrote to memory of 4908 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1004 wrote to memory of 1496 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1004 wrote to memory of 1496 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1496 wrote to memory of 4652 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1496 wrote to memory of 4652 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1004 wrote to memory of 4260 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1004 wrote to memory of 4260 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4260 wrote to memory of 32 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4260 wrote to memory of 32 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1004 wrote to memory of 1040 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1004 wrote to memory of 1040 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1040 wrote to memory of 4804 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1040 wrote to memory of 4804 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1004 wrote to memory of 220 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 220 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 220 wrote to memory of 4920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 220 wrote to memory of 4920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3588 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3588 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 2808 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 2808 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3588 wrote to memory of 2760 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3588 wrote to memory of 2760 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 4828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2808 wrote to memory of 4828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3148 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1004 wrote to memory of 3148 N/A C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1236 wrote to memory of 1920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 1920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 1920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 1920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 1920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 1920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 1920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 1920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 1920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 1920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 1920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 1920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 1920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 1920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 1920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 1920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 1920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 1920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 1920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 1920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 1920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1236 wrote to memory of 1920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe

"C:\Users\Admin\AppData\Local\Temp\a7c7b67dc813089881c4e470d5ce09a3c6d83009c4bc7a0c3b5f778bac488d77.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc9fa046f8,0x7ffc9fa04708,0x7ffc9fa04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.linkedin.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc9fa046f8,0x7ffc9fa04708,0x7ffc9fa04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc9fa046f8,0x7ffc9fa04708,0x7ffc9fa04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc9fa046f8,0x7ffc9fa04708,0x7ffc9fa04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc9fa046f8,0x7ffc9fa04708,0x7ffc9fa04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc9fa046f8,0x7ffc9fa04708,0x7ffc9fa04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc9fa046f8,0x7ffc9fa04708,0x7ffc9fa04718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc9f8a9758,0x7ffc9f8a9768,0x7ffc9f8a9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc9f8a9758,0x7ffc9f8a9768,0x7ffc9f8a9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc9f8a9758,0x7ffc9f8a9768,0x7ffc9f8a9778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1888,4648730829739815526,14233148768449284485,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2712 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1888,4648730829739815526,14233148768449284485,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1888,4648730829739815526,14233148768449284485,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,10590775128270161774,5261483977805832773,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,15923065236071183919,10216146926344193855,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,10590775128270161774,5261483977805832773,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,15923065236071183919,10216146926344193855,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,4648730829739815526,14233148768449284485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,4648730829739815526,14233148768449284485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,18419073694348059224,9560684369780905515,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,4648730829739815526,14233148768449284485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3956 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,18419073694348059224,9560684369780905515,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 /prefetch:3

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3944.0.1507922307\1269183970" -parentBuildID 20221007134813 -prefsHandle 1880 -prefMapHandle 1872 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e6c76f69-fd27-4c38-8f96-a17c44ee3068} 3944 "\\.\pipe\gecko-crash-server-pipe.3944" 1980 218663deb58 gpu

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,4648730829739815526,14233148768449284485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,8914058351624510560,9002897198901847113,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,4648730829739815526,14233148768449284485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,18316698922351170243,11592376032971498789,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,5089356235322548873,14449888647324365074,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,4648730829739815526,14233148768449284485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,4648730829739815526,14233148768449284485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4764 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3944.1.837461948\719163158" -parentBuildID 20221007134813 -prefsHandle 2408 -prefMapHandle 2404 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ccdac193-08ac-4d71-9e7d-4c4db219f82a} 3944 "\\.\pipe\gecko-crash-server-pipe.3944" 2444 21865b4f358 socket

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,4648730829739815526,14233148768449284485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,4648730829739815526,14233148768449284485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,4648730829739815526,14233148768449284485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5852 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,4648730829739815526,14233148768449284485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5736 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,4648730829739815526,14233148768449284485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5616 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3944.2.1407288245\790472832" -childID 1 -isForBrowser -prefsHandle 3576 -prefMapHandle 3352 -prefsLen 21668 -prefMapSize 233444 -jsInitHandle 1048 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e833b0e2-a524-49e6-804f-a605f041c08c} 3944 "\\.\pipe\gecko-crash-server-pipe.3944" 3856 21869786758 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1644 --field-trial-handle=1896,i,12166277303918635546,16734599450273926616,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1796 --field-trial-handle=1980,i,7900192070722823172,6416292589470191915,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3132 --field-trial-handle=1896,i,12166277303918635546,16734599450273926616,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3820 --field-trial-handle=1896,i,12166277303918635546,16734599450273926616,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3808 --field-trial-handle=1896,i,12166277303918635546,16734599450273926616,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3124 --field-trial-handle=1896,i,12166277303918635546,16734599450273926616,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1944 --field-trial-handle=1980,i,7900192070722823172,6416292589470191915,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1916 --field-trial-handle=1984,i,18222757972077595212,17368592063310918760,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1784 --field-trial-handle=1984,i,18222757972077595212,17368592063310918760,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2136 --field-trial-handle=1896,i,12166277303918635546,16734599450273926616,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1896,i,12166277303918635546,16734599450273926616,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4904 --field-trial-handle=1896,i,12166277303918635546,16734599450273926616,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4888 --field-trial-handle=1896,i,12166277303918635546,16734599450273926616,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3944.3.1963420488\289279324" -childID 2 -isForBrowser -prefsHandle 3576 -prefMapHandle 4056 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1048 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6facb585-1bb9-44a8-bea8-04f12630b2b4} 3944 "\\.\pipe\gecko-crash-server-pipe.3944" 3876 21859767e58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3944.4.2129556335\1935768765" -childID 3 -isForBrowser -prefsHandle 4308 -prefMapHandle 4304 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1048 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {79c69c37-1a98-4b33-b4a9-968adbc264ff} 3944 "\\.\pipe\gecko-crash-server-pipe.3944" 4320 21868452f58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3944.5.1002868333\1459290069" -childID 4 -isForBrowser -prefsHandle 4560 -prefMapHandle 4168 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1048 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9167e229-3827-4dd6-9d7b-f954f5c710b3} 3944 "\\.\pipe\gecko-crash-server-pipe.3944" 4480 2186b7fa358 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3944.6.987437253\1155540362" -childID 5 -isForBrowser -prefsHandle 4560 -prefMapHandle 4476 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1048 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {948f620e-f667-497c-b4d3-2f67b833f3c1} 3944 "\\.\pipe\gecko-crash-server-pipe.3944" 5024 2186be46058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3944.7.1943949331\1355997194" -childID 6 -isForBrowser -prefsHandle 5224 -prefMapHandle 5032 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1048 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9e00872b-740e-4498-902d-b251c6789d91} 3944 "\\.\pipe\gecko-crash-server-pipe.3944" 4936 21868452f58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3944.9.1570014884\1210418679" -childID 8 -isForBrowser -prefsHandle 5924 -prefMapHandle 5928 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1048 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d2f11aee-b366-45d1-becc-cb2afbb83a25} 3944 "\\.\pipe\gecko-crash-server-pipe.3944" 5916 218687cb258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3944.8.93753639\74854321" -childID 7 -isForBrowser -prefsHandle 2908 -prefMapHandle 5708 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1048 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9b910dee-fd55-41a4-8cd8-168293a00b5e} 3944 "\\.\pipe\gecko-crash-server-pipe.3944" 4548 218687c8858 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1888,4648730829739815526,14233148768449284485,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3528 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1888,4648730829739815526,14233148768449284485,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3552 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3944.10.158587061\1930271782" -childID 9 -isForBrowser -prefsHandle 4820 -prefMapHandle 4344 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1048 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {41e9b0ab-0702-4eae-b564-bb01da9f27c2} 3944 "\\.\pipe\gecko-crash-server-pipe.3944" 4824 218687c8558 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5980 --field-trial-handle=1896,i,12166277303918635546,16734599450273926616,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5544 --field-trial-handle=1896,i,12166277303918635546,16734599450273926616,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5540 --field-trial-handle=1896,i,12166277303918635546,16734599450273926616,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1888,4648730829739815526,14233148768449284485,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7496 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3944.11.1471744581\1666639265" -parentBuildID 20221007134813 -prefsHandle 5424 -prefMapHandle 4320 -prefsLen 27337 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d8c45940-cfe8-4bb5-8d10-d1b370622a07} 3944 "\\.\pipe\gecko-crash-server-pipe.3944" 1732 2185975eb58 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3944.12.1885563173\496804202" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 6248 -prefMapHandle 5424 -prefsLen 27337 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {49bd3286-19a8-4d2c-a035-0769851acf04} 3944 "\\.\pipe\gecko-crash-server-pipe.3944" 6260 2186cab9c58 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3944.13.2009373334\717784053" -childID 10 -isForBrowser -prefsHandle 6632 -prefMapHandle 6628 -prefsLen 27337 -prefMapSize 233444 -jsInitHandle 1048 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {087e0ee0-d0f4-4428-86d0-ace44069f614} 3944 "\\.\pipe\gecko-crash-server-pipe.3944" 6644 2186cc21458 tab

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1888,4648730829739815526,14233148768449284485,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6460 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4824 --field-trial-handle=1896,i,12166277303918635546,16734599450273926616,131072 /prefetch:2

Network

Country Destination Domain Proto
US 138.91.171.81:80 tcp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 4.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 www.linkedin.com udp
GB 142.250.187.238:443 www.youtube.com tcp
GB 142.250.187.238:443 www.youtube.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 35.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
GB 142.250.187.238:443 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 example.org udp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 79.121.231.20.in-addr.arpa udp
US 8.8.8.8:53 detectportal.firefox.com udp
US 8.8.8.8:53 prod.detectportal.prod.cloudops.mozgcp.net udp
US 34.107.221.82:80 prod.detectportal.prod.cloudops.mozgcp.net tcp
US 8.8.8.8:53 prod.detectportal.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 82.221.107.34.in-addr.arpa udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
GB 157.240.221.35:443 www.facebook.com tcp
GB 142.250.187.238:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.187.238:443 www.youtube.com udp
GB 216.58.204.86:443 i.ytimg.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 86.204.58.216.in-addr.arpa udp
GB 142.250.187.238:443 www.youtube.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
GB 142.250.187.238:443 youtube-ui.l.google.com udp
US 34.160.144.191:443 prod.content-signature-chains.prod.webservices.mozgcp.net tcp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 52.10.159.154:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
NL 142.250.27.84:443 accounts.google.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 35.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.204.86:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
GB 216.58.204.86:443 i.ytimg.com udp
US 8.8.8.8:53 154.159.10.52.in-addr.arpa udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 23.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 134.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 216.58.204.86:443 i.ytimg.com tcp
GB 216.58.204.86:443 i.ytimg.com udp
US 8.8.8.8:53 static.licdn.com udp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 88.134.221.88.in-addr.arpa udp
GB 157.240.221.35:443 www.facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.178.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
N/A 127.0.0.1:55810 tcp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 8.8.8.8:53 209.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 216.58.212.238:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 216.58.212.238:443 redirector.gvt1.com udp
US 8.8.8.8:53 r4---sn-1gieen7e.gvt1.com udp
US 8.8.8.8:53 r4.sn-1gieen7e.gvt1.com udp
CH 74.125.173.169:443 r4.sn-1gieen7e.gvt1.com tcp
US 8.8.8.8:53 r4.sn-1gieen7e.gvt1.com udp
CH 74.125.173.169:443 r4.sn-1gieen7e.gvt1.com udp
US 8.8.8.8:53 238.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 169.173.125.74.in-addr.arpa udp
GB 142.250.178.10:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 23.160.77.104.in-addr.arpa udp
US 8.8.8.8:53 ponf.linkedin.com udp
US 144.2.9.1:443 ponf.linkedin.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 1.9.2.144.in-addr.arpa udp
US 8.8.8.8:53 platform.linkedin.com udp
GB 88.221.134.88:443 platform.linkedin.com tcp
US 8.8.8.8:53 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
US 8.8.8.8:53 127.144.250.142.in-addr.arpa udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
N/A 127.0.0.1:59114 tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 rr3---sn-hgn7rn7k.googlevideo.com udp
FR 172.217.130.200:443 rr3---sn-hgn7rn7k.googlevideo.com tcp
FR 172.217.130.200:443 rr3---sn-hgn7rn7k.googlevideo.com tcp
FR 172.217.130.200:443 rr3---sn-hgn7rn7k.googlevideo.com tcp
FR 172.217.130.200:443 rr3---sn-hgn7rn7k.googlevideo.com tcp
FR 172.217.130.200:443 rr3---sn-hgn7rn7k.googlevideo.com tcp
FR 172.217.130.200:443 rr3---sn-hgn7rn7k.googlevideo.com tcp
US 8.8.8.8:53 200.130.217.172.in-addr.arpa udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.212.202:443 jnn-pa.googleapis.com tcp
GB 216.58.212.202:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.212.202:443 jnn-pa.googleapis.com udp
GB 216.58.212.202:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 202.212.58.216.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 e2c50.gcp.gvt2.com udp
US 35.212.16.125:443 e2c50.gcp.gvt2.com tcp
US 8.8.8.8:53 125.16.212.35.in-addr.arpa udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 beacons.gvt2.com udp
GB 172.217.169.67:443 beacons.gvt2.com tcp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 beacons2.gvt2.com udp
US 173.194.70.94:443 beacons2.gvt2.com tcp
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp
US 173.194.70.94:443 beacons2.gvt2.com udp
US 8.8.8.8:53 94.70.194.173.in-addr.arpa udp
GB 142.250.187.238:443 youtube.com udp
GB 142.250.200.14:443 www.youtube.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 157.240.221.35:443 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 142.250.187.238:443 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com udp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 12.173.189.20.in-addr.arpa udp
GB 172.217.169.10:443 jnn-pa.googleapis.com tcp
GB 172.217.169.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 10.169.217.172.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 beacons4.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 8.8.8.8:53 116.32.239.216.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 146cc65b3124b8b56d33d5eb56021e97
SHA1 d7e6f30ad333a0a40cc3dfc2ca23191eb93b91b2
SHA256 54593a44629eeb928d62b35c444faabb5c91cd8d77b2e99c35038afeb8e92c8e
SHA512 20f1d9ceb1687e618cfb0327533997ac60ac7565a84c8f4105694159f15478c5744607a4a76319e3ff90043db40e406b8679f698bcd21ffe876a31fd175028ee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 eb20b5930f48aa090358398afb25b683
SHA1 4892c8b72aa16c5b3f1b72811bf32b89f2d13392
SHA256 2695ab23c2b43aa257f44b6943b6a56b395ea77dc24e5a9bd16acc2578168a35
SHA512 d0c6012a0059bc1bb49b2f293e6c07019153e0faf833961f646a85b992b47896092f33fdccc893334c79f452218d1542e339ded3f1b69bd8e343d232e6c3d9e8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 4a66d8fda6d825c0521d53c98dc9c340
SHA1 0b9a06071ee5b9a9b974dfd79bf154cea1929027
SHA256 6cfb9071b4745b2744e673f57a39aaacc9719825c5f6e83dc5ce9b528c7d88ee
SHA512 c8671d2e51d7d992c330a487a1f7159fd55b1d9b18a0844edd1db6b90b69e9006ee1c4452f619b5cc2cb706236c4de0a06034fd4ca008cb379819ba0fa40fb1a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

\??\pipe\LOCAL\crashpad_1236_UHLYEUHKYDNOKUEM

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c0080ead6ada74dfa7bf06d3a8e645df
SHA1 70ac45a3278200ea11e2523bb6c9e520468970c0
SHA256 4f5be7cdaa0d92331b37fba61d8184b7901f158f11bccd99a4cf784e321eb3f6
SHA512 96ee362b170df97c31c59ce8f98d20b1365d98e874cca59af83e0a9fd0c6b39d4c377b9554bb10bfd0096ea601563513f83761470185f8bb37f456d15990e944

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 d8a8d53cdc1226514db01e787e23205c
SHA1 e341c298c20c5c4ff6a7b38836e1ff0a2107bf5a
SHA256 53f8eb3886fcecad9ca2dfcaefc46ffc2d0ed19ca8cb59530ef2c40dc3afed6a
SHA512 cacb54f3f6a31557cf351563c651d66495786fdc4163221ba92982bf9944efd08d991b707dc060b77bbedf7e8e5142c7514ca5374d38bb5a6a244fc58ba808d7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 5fd9a42ebcc93b871c50cbc46790702b
SHA1 6555ce1d835931078d61967510ddd2bc692f8828
SHA256 378c57db7158561435609787588416612c738bddeb8dfcc070ba468c51db93aa
SHA512 ec96f086ae25c83c83c4954f23a2a02670fd5cf8fd0eb8aa321e6a416f80111843a7be8cd089afc9e02a25059e55cc897bc6059e5e6372f1fceedbda09fc0f5c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c013ad59dfa81977ee09e1987e6454d3
SHA1 e4fac51fca0ea995be3d828edc581c780b541bbd
SHA256 7288fd2e1523c7736e5151ffa324dcf7ffebd9a3b864ac6ba0eb0e879ac4d397
SHA512 326d16be1816b68a53c53c6f072d5c3a8e76f3a339c4f2d762ffa662e8a313b317e6a0503f4c490c71d4a2fd2dd517b1935f0c29a808c1d434010699041c901d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 b0d05aaea03d4c3b22eb68c6ec705687
SHA1 95fdf34cb657b19d12987cb2deeb4705895084ea
SHA256 ea83468214b898d3bcc4a9bd02031f69fca16ae621c86e6e5ae042ba81b2c86e
SHA512 99f87f4cf8a3a87d22f846d4ece99022a41a5005134c879ff17d5734d92b44525f95133a6848ed5a54db12f61f09de7fe4d70e3effbac80b4a254779a51d694e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c75501437be8c8a4256d2598b797a206
SHA1 8a61e22566d59b41cb7286b5bb3cb0b1816d968e
SHA256 261e497975d24f40a1d181ce778830965febf33a0c3792e25a77564faee25753
SHA512 5768878925c921df70dd2cd416e8a32b04c396c8bc76917235177d58dcd34f41ef89866a2806b45da9c23b4586156cb2fc474914eb5090e13b253dc62ff08fa8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1e0a301150817c5f0c52eadbae710d9e
SHA1 d6f46004fba5bc8e1c9d8e03ffdb2ad9198b63ca
SHA256 7e157f7c537155020b592e962b54e2f3565869a2269fe903f1bde015eafd3773
SHA512 1f5be3d7e50163bc2ee1de9052aff1d087d5456a72df45c39c7cf6057b40f5e6e01f5d85784129033033a8fa83081267e66ec974ebbfabbadad9528cf13e1349

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 8549c255650427d618ef18b14dfd2b56
SHA1 8272585186777b344db3960df62b00f570d247f6
SHA256 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512 e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 5de14dbaa790ffedf91e1e4b859fbd4a
SHA1 5b0f5f057507f8dd7c254860aa043c8ddb79420b
SHA256 eb835911d8f290e4c7a3949ac18b1e31fbf2b1f887038a731002932c40ddd6f3
SHA512 cf08059ff1bdf66ba008e354bc1da456bce55aabc40f7b1b6cc5f1b48a51b4dc2a1951f9db60fe8426260410a2fb91a3f8218a4ea03e509d8dc1464278260220

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a0dfbcf6b75d95b339fe35f3daa74f53
SHA1 87d9c6d1ed7732586f62263e523216ffcb0316b9
SHA256 eca83c0f987207dfa41790596540bfd1ba65778d0c9f1f8d58d3872e00795333
SHA512 92775fa7a9361d35d50d2c174396ececff429736a4592b871e8fe256383666a65885892419b0244ea864ad8c064ffe3195d6286f5fc6ade95bf66a90a14445f0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\datareporting\glean\pending_pings\f95a9c99-436e-44ee-9003-68eb9212aac0

MD5 0ee67f948c62eab691c4bbfb40447fe2
SHA1 b0a7ff1cfa7c636b683e4ceefa089fea943472ac
SHA256 36dbfc7046eb80473a06431f09ad404eb7eda1ff84ab7be6ba86bee416060aca
SHA512 04002f5db53afea1979a59ab2742684f75b2a154477e4b720e230546e173ac6bdf74adca60b00b5096c61cc974bf46dfb546be6dc846168c833cccaa3d33b50d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\datareporting\glean\db\data.safe.bin

MD5 d57914bd7f91c2d1af2aa518a253292c
SHA1 ef68fc01e2e1808b853d7d1bf7d5435d6a234e22
SHA256 5787b5eefd5a960bcb0154da9b9e695197ad533e0f56b55d6b8aa19665503e02
SHA512 c76e9d2e6681a73ac087817a70ea26780b5a0b27e80aa67ea99bbf8b47185dde9b147d350e43d32d1f19f5ac94a3babc9b14d68fdbc1bb1c9af8f4c99982607d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 1468178429e116eaac7fefe94d91abed
SHA1 da44dab4b4c359349652c127eed1b2481001aa39
SHA256 5963a566e0607a71f212fea506afdeb6716bb5b4a2a2329f17c297be628b7fcb
SHA512 37c2e64a27431c1d11813d26e36c63e09c62d86c62197b166d2bf1e7dc7e55195d1d6ac43efd341aba461b5b6aacc731bc22619fe6b33cf3172c3922123984e3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\prefs.js

MD5 0f4a3d83306362306d2b4dc008863e0d
SHA1 c5f9a627db48782c2171f59b8d32ddf0c4c4747d
SHA256 aefdc574abce9444707cbb8bdee10d78d90538598b1d49b9bfb557becf02d25b
SHA512 97489bf6b270d03cec902c26b2b23419dcdc24fe27cef84e3b077d5ad46b26e6708519d732cd47100867c25176ffeaba223f37be2b2316726c3609b002d708bf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 800cbea30cc9f60696a15794b3279f57
SHA1 874feccdb55e04fa2bfe420226149ecce7a9cf77
SHA256 bfa4faa837c79ff743c6b3ba592f72e9d94f7ae4848e7d1534bc7d2c6ae3039e
SHA512 08098c59743b6586745bd1b65abe79c7e04ca410ee05a7cb20e59fbf73cbd01a699e30a01713d9d213b73540c9a3501d4787788e66aa53b024467a921932973c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\sessionstore-backups\recovery.jsonlz4

MD5 5fa5b2bc306ddb81f00bb9d873d16815
SHA1 2e1f3d6983cdc3bdb28e6432101b781dff3f58d1
SHA256 b424fc4e03363188cd894f1b9285dfbeaa5ea85fa9e2ed99f47b11db0c12bdc3
SHA512 9ffdd9e41a7fd03f471de69427d9c3227c14f0fa0328876e22052c06d7cce3230d508ca86e0c53e256c86b975a282be13d4ffbf3a8606c0f074caa5170c9e18c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 fd2e6963c23b83b94db9fb0538e93c04
SHA1 e0b418a85376d76eaf9ebc62b0dc28b1d916e4bc
SHA256 7642bc99f16e8ce1aa088c5639ac7c15778d27226eabad9c7ce63c62854d054a
SHA512 32bbd440a44957615adbdd1e76504b73dfa3471b4dc2c2c8367fa015c06e77d857415ee0678cd03b0362f23446984586fe6023197e556c6cba720398ed71c7f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\prefs.js

MD5 b680f7c38ed290646c27ecec264583bc
SHA1 caa70d48c03319efa85b24792d8860a2dea2b6b9
SHA256 a00c7df996126a4dd74730d5403655d68e1012b7f4e3fd5cd99bc455fef1dc9b
SHA512 eb2881cc2825725c5bb689a7b5f368ff0268ae4a950579413c93570fefe0445fa43b0408960d47a316d62b3ab08bc4112f4107a825c699d40c9107f19f5b61bc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7beed9ccf43564ce1886b8467ea86900
SHA1 4b0e0e25b80d6a4fc4856f7f5b00f4f00faabf46
SHA256 a7f9434a97d935118d3047741b16c5933d3201c5d289f628d5217f35750403ff
SHA512 b13b47d79ab65459951ec6da22510d936e2ff9e258fb824c287d59770dea772e88fda659ac02d6d663287aa5850cb5b278924461d67dacd31361bb4d9ed7a9d6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 2bbbdb35220e81614659f8e50e6b8a44
SHA1 7729a18e075646fb77eb7319e30d346552a6c9de
SHA256 73f853ad74a9ac44bc4edf5a6499d237c940c905d3d62ea617fbb58d5e92a8dd
SHA512 59c5c7c0fbe53fa34299395db6e671acfc224dee54c7e1e00b1ce3c8e4dfb308bf2d170dfdbdda9ca32b4ad0281cde7bd6ae08ea87544ea5324bcb94a631f899

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

MD5 7a204d478c8dfe822bf86f9103bbd9b3
SHA1 7114b36ea1588d9372d730b2ee5dec7a3aee36d1
SHA256 d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb
SHA512 f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 990eb25d13c59bd19a9255c8a88a73cb
SHA1 b6657f98e00a0d9eff94164115c2696f56a7c950
SHA256 8ad05f8afb4a49045eabfb1a7e5bec6ffd5fa6dfd747cab7b3e3ee3e343c5524
SHA512 d8ae800c518fa2f0338eb70ababc08fd7a87a47257652548912eb8fc4e18abe922a8d3fd7c97c8512e02974a926e5cad12e8f7628601cb1a08cb3ddf4950ff92

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 48bb0ca4183bd877ba18f69eac15960a
SHA1 de7da0a6b0a2fa5818284028155cdbcb0bde31c7
SHA256 549a3b7a961e49592cffe4e51e6efb2b7b507ca782ce7338c6e70eb1698116ce
SHA512 6c5a2a425103640d326540c83321dd475de4c0f2db4daef01158c49a461595a95c6a88cc8d8f576c54824f65b01a964ba41048a84a359dacb540014997396652

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

MD5 10abe806ba936e5b1a3646f86ca8c953
SHA1 a26ed286d26bb9be7ccef8f0d3b021eb632c457e
SHA256 ac1f2ab73bf7b9ef4d63e606b6bc16547165c17632beabe93634ee5446ab6f25
SHA512 8bdbfc3d02b5feb2dd49b51ea7cfc1fb92593cbbcf06d9832ca8a95c5cfb795ccfef07cbd937e752b579a597ebdba4e9a8dcdabff966d2d550456e46bd65ceaf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 893b02973d765aa61cac44c2e513e210
SHA1 8d67d73270cdac73f4185d2f24acfce5ad6aea64
SHA256 7ae10af8fcb14e23316965808ed8cf3fe97690ea53745f02f38480ac65d78ae7
SHA512 0eabc2bde000d985ad4360f8d705574ac10e6d45d15de11574945ff99a1456ef6e96b126e475c400581191ab7c9a98b57222f92a90052c096c4292bdfe1bc7a0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

MD5 f1c735d28ebc5fcf333421c87e21eec7
SHA1 79bc932b980cfe015a0fbc5b1ad686f7ac8a32d1
SHA256 0154099a7df1b8ba0ad767e24894682d12535b351d654fa8aa197eba58a1838a
SHA512 080fc4827854b14c8c8ed048e71c8fb5c7656897a587e7ab787e120a2d4af2f12ab624f7c766a1371f312847ce41728d5626cadd6996a1680d9b4e39bfbe752d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

MD5 09669771a406b60b62b161a198e46566
SHA1 59b8fd31bddaa4b535fe4c13768bca3dc023d3f0
SHA256 71ad351ad4c777c29f07da3a383b9f450f8fd390f18e6a23605d72d5c848786f
SHA512 f1391aa207abefbbf67465f0d65b01f0ec89ce5bc5e7907efd4077e24e1cd384b43c0a1bebb9360770f63eeefd9a3eec94c216f394ebc873597f9fa25d265dc8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

MD5 9fb21e187d8c983b26e8e667b5ae59b2
SHA1 025b4baa4c98ed5ef58d690b455b12da46bfb185
SHA256 7f7155023d4658ceb04ddda62a09f4402991d792c701089baad4a539b0904a1d
SHA512 191c4286688f394ca8eea6490f534ab9668f549ec683531b31161618243d04d1293c74e97347eeedddcbfe261cdbdb958d0be4305687b7beeec537ccfc53e472

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

MD5 e5b06df620ab1b4de3756b4e115c7572
SHA1 0434fdfe944dec5031d1e61350e53f81ae85c6a2
SHA256 149d5f39230ee21e74db3a449705cd798eaaf032a5ead56086ff51759ffd8bfc
SHA512 11b664d4e2ebb916300f030ae0a8981f83869512185645b827bee74d86f3c882766b0fdaeb33a02158b85a5dbce7264198deb77211165bc4741d73f4dbb65fef

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

MD5 02ce533b44e01a3656dd78ecbf617f2e
SHA1 03508dd1347d05f64dd44a1fd55e0f81ac406258
SHA256 34aea36d44cc448b84d9ba1890f9125d52e6ee75dfbd726080c1810babecbfe9
SHA512 ea19a56ce88462196a8d5ea55fe7d006b748928b39260777b787a933af2cd53230512e77d40898285bc5d3fb87d3ead2d21500382881225272ed4eb2e3eb6a7b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 92c1a75e44c7006e1666383bd2538b2d
SHA1 af87ec0804592aa3d84ebf011b756ec604859c87
SHA256 f483e3a3e8541540eccfc6676291a7b7a216c3deb4a5acf6e6b19f057f33f433
SHA512 c8e0154dcc36d088e0863dde3aef20a4338d2c38d1b5e2c2b114cc8bb7ac97d970fa910ce8de5cf089a550f5aee7ca7a38f8e45b51dfd4d71a7671c01e20efde

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 ddf820f3977b4a66ca54348976172cbc
SHA1 6d4d1f20f70e5a5488b7002b0e9053a7e518be73
SHA256 1d8656c5248336db462c188369901f4b0353792cff1430a81ba86a91ad03dfa6
SHA512 720bd6fa11fdf8df86bef5046c3e4fd94bc1a6a5650bcdce080df6a78f9d39396a94e73501b138f9d28b889ad29bcd518b7ebe7669ecc6cee312e50b6e2926b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 46f142e67520a5d85e9e35459211a46d
SHA1 35e2f736216cca983b3f52c84217d041cce55860
SHA256 5ce498b437b99d3380211cceb192d422ab6de982b6e21d7e91a5e2ec164b799d
SHA512 a8e7ed170fa6db1c285214c8dc1ce0aaa724ad57df0d4e54f55a5b41c274ff7c5be7abfee8f5b65c0b79c84df611185284b928e1ef87a26225c7d25a49ee87ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e791.TMP

MD5 0750b7c755cab7a2611eab5d045c9a2f
SHA1 8a5864674e13a32755a660683e9f810184da7134
SHA256 d23bce40cd37106e4ac53b6e166f403ae8d25e2a9a934fec850fbc598fe98651
SHA512 5326d82c1b9d5389c23adc57d4ef9020f88f9bdf65d25accc87339f32ec8bc1e86211c7cab0b7e27646ce8a07827acd022f85e74a354d8b96a7f6ccd317c8e55

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 88dad377e869ffd8472963d58bc61537
SHA1 5bdac3c2811fe14741bafa46d3ab89ca98548a7a
SHA256 f93432166975f9668cb44a912e1cf61dd6b5b3917674f60dd3b26a66078f681b
SHA512 133e86a23c4ced1449f4aa8bdc352c0268fa469d8f5e214c3f77fbba8acd6943ff068e6819d4f3ffa05412c4121436c06ee549806b0328ab6da36277159e440f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\sessionstore-backups\recovery.jsonlz4

MD5 2ebf8bea263aabb1819083fa5d1a093f
SHA1 15a224a34fb6206bfc9dfbcf3e425eb2f4db7c9e
SHA256 5f9b759bd18c068b5bc665360f06e414b59fb5b6b16eab4cab71c6121045e9eb
SHA512 c627c7312ca90b773a1bc092d92229be88bc46afdf07b1f21422d5d959b9145300640a7504aa69d7c8cf47dd88b2b1becdcf0ab490ec701141552aada80eb075

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\prefs-1.js

MD5 7b87b8b6e891d1af8588038aed58df10
SHA1 9889e9c08f246dad6fa4848bdb482706e7a35954
SHA256 2430c01380cb6004368e09b2f665954bd1de896e471b5cae1e698767407498fb
SHA512 db1a02eb43865b3041fbe98209c6a03b349f2a19e45c6ae880e1bb50f448cbd281a7b2afe852f0bcc8c721a290212941cf4c3e737893a57c4237e8a9089b9b19

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d5ab3e405c1393d1164ac208f4d548e3
SHA1 00be1e20dcc199a1e59b6cec5ffd76927afda819
SHA256 2a1f19c08364d0bf7fb8f13644b7de2cc7440ac0a140cddcb6e84e63cacb4c2a
SHA512 f6d1ffa78589956fb52b00e5b98bb9d04f0eff4af27dfd4e4654d8008aa1544bf1e6a151c54a2161f66a36e7d29bf2f0e2f633c6e68c443ae42716d7e00a4d6f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2808_1990187069\Shortcuts Menu Icons\Monochrome\0\512.png

MD5 12a429f9782bcff446dc1089b68d44ee
SHA1 e41e5a1a4f2950a7f2da8be77ca26a66da7093b9
SHA256 e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37
SHA512 1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png

MD5 7f57c509f12aaae2c269646db7fde6e8
SHA1 969d8c0e3d9140f843f36ccf2974b112ad7afc07
SHA256 1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f
SHA512 3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe580a0d.TMP

MD5 420c98fa6f36608a3f6bb0891d8560cb
SHA1 e5c58d446bc63517ae8850f6ce0e6bce7d5dd168
SHA256 542bc68e6781f619193c63e123d71d176870102ff3ddb1eb032748aafea73824
SHA512 dc79df4b7e07c2d66904cbb17453675c3b933298cb13114eefab9c5335db05077e4a956ba2c1c4c03100d0bdb551dd065860a5f54cd3a5c846811a2894ce99a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 006a6b21f3c30b4d6fb7fe275101ea32
SHA1 77ef0381b03327424d1dcd91f788f12afe402035
SHA256 02dee903daeae753d5a3e2bd2b22cb6b99fe0fb2c59b6db46f5a297259b003c5
SHA512 7112e54262a18c339a4c154f168371a141a2c52fc720a31d0ca9e6d1d7820d26beb097251e3059866be6d9ae6b9b72722e795f5fdf43eeed2e00a68b5f03f181

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b63b5c15ac33cb3ca772123858462042
SHA1 8b9db90e29787292c4a014bca53d1b38ed479b34
SHA256 d98a6c7574d432b4c042ac16a4d29e0d50da65c1ead96b096bd7c9e3ef709b2e
SHA512 6d53efa1c686fddcb10cd7228de2f755ed9c418501633a2681a66d59d7476176e9cae8acd1b16abe351c44850a2e96cb32257433be3c43cc7e6b21d9bb18d625

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bc13875b0ad997f803a3a53775863173
SHA1 38159eaa263cc3e1124f25ed434bb0010a64db72
SHA256 b40e4c6696448d5600343134c9a254bed8f2a9432e7009e4f2e8315d543ca77c
SHA512 738a29ea62d553c52487406d335347bb690b860383d8121603aee53bf755da81a357b21d65f4cd2d8006b10b40fe92a5902ab43f4a8554dd4005228063d9ae5c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2c57fecc6d4c205f369756fb29ba0e16
SHA1 89972b76d8c50ce92d0a06f57c4800226ad3db9b
SHA256 dabb8ed63e7cc5911e83b0cdde47b5492976f951d743a5fdb7e83a846f87b4b6
SHA512 72caddbd80e2924928d1fa1bf6e8dbf71c7ab1d3d784ba644fbc6bb7906cb96a4a69f1c5c2c7bb5d9c9a797a9938e30b00c7fb2074b0b3fff09931979fced8c2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\prefs-1.js

MD5 709facf16434a353f617ccfcd78e99df
SHA1 bbb3cc22237e2a836445a2078224c9628cf1ab88
SHA256 588ecf9503dce44311d817e9b20113cdff534c267de0372a24e3b02929eb3eae
SHA512 d02af2dbf4fa4fd43bf9a79aaf7996ff76a70ac36c198b97558248b64f3e3d5b8cb7c97735ae641c3c746db215810d68e4248a8a8300bd9a4050677a5090fef7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

MD5 a0318288dc558d26022c275054485b12
SHA1 62a5b007c872909c4588bb598a4f34216a363464
SHA256 14d1d1946c5546f82cd6da49238db10945b37d2b75461fd8b322bf8afaae0a7d
SHA512 2339b8046f2a754b31395c5d3826d6787627e5cc2f057728511972537a731764e37db73e57cd07bf0cad82b7598c30eb47a52206bdbab53abd4a4f178142ebe1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 c63bec64fc055c82ea5d9075e84b4a3d
SHA1 ddc5092e74979853571675f62c288d39ab89c837
SHA256 376f4514fcd9a35001a036efb550ac1fcd3a9ba8e741bcd775be3a8e4036dfc5
SHA512 86be6e1059a270c32aa4e0dd2b0db2d87828f0a9a64091d3d606b56963b78631128c6e994bdb66424c12ca6e5a1f4c181ac75669775ccc5f340700e4b34ec751

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

MD5 4c39438f7c048bb46c218ed97b19794d
SHA1 57b8aa8589975c2c401d6405935c5ba58ceb8c70
SHA256 da1a928318aaf194ea43568159e627466b96461bc0882b966639947ef2111bb4
SHA512 f9e5205c2e9fafa3c136d4449052e918c3b6bed85497104ba00cfae55f8222cf989e4bc1f5215507bf6a77c3f7032a8e2b2cbf3010eee240694ec793613ec301

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

MD5 40565ae77bdd56c5065c3040f299cbd3
SHA1 326505677956a0caa2d8c422b300e510a0c44099
SHA256 a366a1cec37da47e00204083349df8c8ab365b666391bad9298ffeb692539ad7
SHA512 630930aff08acd9b76e3267597fbcd35cc74f4faf0180d8b164896b8ea0fa487f92cd054f0ba3382dfcfafd8a29d7b202ba4c291c6be3f2900cc4f64963d62c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

MD5 b65693482680d902651207e585d54754
SHA1 350b7500a9b255669d38a6d6ca0cf808038c7767
SHA256 4c60d0e17bfb7fe53b6f4881cb5f92def77a64ea36fc7b5c0522498f0dccbb67
SHA512 399c4c77b4bc79a08745dfabd19f2e9978099adb2af42b1fc8fa40506a9151950d972ef71c0a7e4797c3a27baaaf67f0fba75b136595dbc253cbf2e2ca378083

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

MD5 df4674fb2cbe04d435de09b8718d2206
SHA1 c639c65370de35d185ebf1f932a85dafefe22976
SHA256 9d220099005c25460295bb5b2c77fac5bb759ac276a736caaf7c3aa5bf7c2bcb
SHA512 4a8ea5fa810de8f34cb53ea281d2b58676de6f5e44b14141b16b4b9b3e4c2207ea7cf0a3841b0188e130d9add137ec677d558893eb41ac580383dda44e1cc641

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

MD5 0fe9bff34999d5057c1796aee3fac7d0
SHA1 99c4a70b4fc37ba1a20b8c4104ab8762643bc683
SHA256 ca74d4478e3cc3b666ba80f583f23578e029f0e994d30edbcf8f7fff60d85ba6
SHA512 be99eef9b258eb8a173438f1ba4a58813f8c640c880a5c62aa1a960e799d83e5d16124179b16f1171e8c2c5a8e26181ba917378264298decfb7cf085573a7289

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

MD5 c48ece6248398a3765efbe7ffac658d8
SHA1 f85ec59824398e4644abea48a94a93eca1be26f2
SHA256 953bdd9528a2914339661f547421a4386d0c729cbea0ebd5b96aabb4b798e931
SHA512 5cb36c505c01831f3b0a39c5975488712e83d95e9ccc6645ec487801f062fe11062a0c999160dcd1f0212116135e2c1ce94e29105cc69da93f7c1090432f3bfb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

MD5 5944eaba4087da01c31efab06692f901
SHA1 d17ce6b1331847706d92dfe076f109303e292815
SHA256 e619181abcf27d51966a6841870e0d251d1f3c35082d0b2079e993a73feb9342
SHA512 26f370ff875c17c30f5267dca52a59986efa3a9472ca002ee3e84740c91cf2069207962490cb9991d6a312d80f3efff89520fd108bd92c8062b71cc7901b2440

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\sessionstore-backups\recovery.jsonlz4

MD5 78c40a1d512ba13a25c6dca19a31124d
SHA1 8c111f183196bd53f6378632351c19fe596c397d
SHA256 c48bb0574f9c34a6971300975bea8d86ec1aaf420425693276350215e7e386b7
SHA512 5b688ae7981d983758fd3fac615e1e50959d6f9d936030c6a3332aa618c761d974069fd86940059651fd3a732bc80881b724a810a7fa9a1d1d70cee3b514d7ef

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

MD5 7611185685bd3d51f1f6a5a2c01b1767
SHA1 11aa48a6137c11356546bba4d3de8d395be52866
SHA256 10273a73d9c28cb0f4a148124da57d6094b0cbf33496449042502cb1253c10dd
SHA512 38366263905421d8bfae7e29db06ab74e307e2c7ef5330492f999d0a61956a7083465f4ef389ab0ffbdbd6e0fc84351eab6d593456f5b4999250960be3a39e5c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

MD5 8f4bd41786c69c3cf1db25535618cf92
SHA1 8b8d661beb765bfe795350e0317158e6f074216b
SHA256 82ae70a08a59b30df4ff65ce007d617ae80ad9f147d0a20e302988217817cc45
SHA512 58b48e8a9c65a141617b7d133076e1ee788e64abf355475cb7bdf90b6f6f1617be55b74ff50005cbbb41ca5096fdaae2f6b1e2c8aaa516778da75a56c57544e3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

MD5 221404bfd6e9087de912579e2c6544fa
SHA1 1722a5e59090ca56c3614f61bd3ae5c1f9c8e4a7
SHA256 0b099973af22d95dc995109a6e226b8d37d76bc47d201b45568c253e361e2ce8
SHA512 433c96dc215442d0b114f17e43549d527251ac2cfd0595d02e7705b2dc1922b574cd3986999eb2312bdd622447edae9cd2ed902371870f5c7d794c7b99b6ee98

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b5e4a023023a0c36cef10aa026a21758
SHA1 db8f0238865ee80456fe2eed0fb92b1a0699ec0a
SHA256 ecfb9de1e6b2297d291521dce32c8530871f4ef588c56312ab5100d961b87180
SHA512 5256a4946190bd8ccf4432bdec70b5d427420995aa1c2d0b5f0ed38db1ffc2ad958a5ca5403fc7c8094e1a418eaa1ed442f5cc1c4a6549e7de1c798dfac580db

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 800b56c6a776c90be57183c38d5fce27
SHA1 872c9bee38e35943a9f3bc81558e6f823f7dcda2
SHA256 6d65b89ef06c4e009f7707a669f373602b00f5141788ad9b3439ae389078d980
SHA512 7210568f5606d68329a4fe25475cff2e9368509c661e062845ea12a3a97a49bc9ad210af673cac6a302d6a08a5fa48126e0d6978af55cefc75c65014d96e2d2f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old~RFe5836f9.TMP

MD5 a01e9c09b04209fa58f16a4fce512140
SHA1 062d1481d6917975be4105c0e18b7484ba062406
SHA256 37a1365bdf26f71295446676024d153617ee1353aa1424bb88498f4e4797f066
SHA512 5244db75ecd9e3e1758b88f9c39528ecdee7a811f6671e709b9dcab3949c5aa362cf8fb0be1807b5196b4f5e4c9e13ce3675a88719f87e14a381c4e6dba7c427

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1b135fe9f0d125954bbd9197aae21b47
SHA1 47f298241b526a907f3a9c62414d11d2178b49ef
SHA256 ad6e6885450aa8f440ee48a7477386b69828e34c57f4de89c555f72cd69864d9
SHA512 d4768e29c92ce20f76127a12c7d78a14771e42083c5c26995a654456314293d4d3320377b648f96a29a6465f35a9d3cbfbe4331fcc1fdbd4f41c7829da1532f5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\7fe63c2e-d18d-49a1-b082-c40ba6b73226\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 2d1a4f4e2b879db142cbfd565f16db39
SHA1 4c7a1fed8d2ed2807f8215f3f3749219867e6b3f
SHA256 c561860aa6782e26aff56f8d9413d2bdc34f955919e4fbc70bcf1bad084fe59b
SHA512 bdcdf996adfc71375900affefe03a08a047fc350fbe2da101f67d6cfc846bdba546866f80fffc12db0d9a68ce85c48d9f2f148a08d77889269c34dc52e86e029

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 3655394e60b53ec9ee9efff867e6ccd6
SHA1 507529b49b5106a3f34efbe4f8fcb332efa614e5
SHA256 205a94dff32762cd686add7fc459cbcf8f3e71184d8a3ca16aa60b015ec1815b
SHA512 8ecf37e397783108bcce96bde417e6ab3bccf14ad5e8a96f3abdffb3eb28495b40342ec81d4fd1f9939a1001bd53b7ff7add0324b9a88421902cec8bb6a0ea5a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 386b373ca6d993cac8978139e2e42c0a
SHA1 d37e32c3e8c532892650deb771224be8d7a6cf18
SHA256 80436c89c2911b8bcc55474fe1bc9bbb2d4a67a50a756e19fa932848bd50ef85
SHA512 0a193580ee2212302ef1686430fba8efa61e130ce729c536d2e274e7d8e5dea649d81b1dff8c8abdcdf2ba26763e9b52a559028f40b9db04b0902ceb043082fb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 2e7a2e10bfb2aeb6891c5c8055636ec0
SHA1 07785c3285d9082529e4de534ac650497995b0d7
SHA256 186ff44fddd8587d6ac9c34108e56b587e339b8b7a47040925221caf324162bd
SHA512 644397e4e514e7fec39535cf72e32b54cc665973fec26b9fc4d3328913c63ef6d6f13dad854500741767afc338ac01385ebd8f5177361a6c146e7cb18684cfc1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5e6a2436e609aebb70b73a3301b1e541
SHA1 8ff29cb7ef19000bf8e9689f42999bc52626c647
SHA256 a870471273ca7b8a259b8391d633096257b77a1c07156b3f66af83629b31892b
SHA512 311a4054542739704ddaef2d36826a95bfe6c751ed25fd592763a287abb05eba24b174d000ce0ce74883e5f32c48ec19e21b1f70143428715196db7783ac414a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 bf3d79c0aaf23516acc8233d871d7e2b
SHA1 cc9c74e652e62f18c910a96d10ab275d479dad93
SHA256 f4190911caa1a3c57c16484e8cf32151e3cd9ca4746921e473e867478357e4e2
SHA512 a043f23c31b2d1a100e2a0a48066d36749670583dfb5a59be50b7348e63ace513fbab6c1ee6ef97ca63918db69ff0895aae1c8917226352d95514aa3e3728531

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\storage\default\https+++www.youtube.com\cache\morgue\83\{4dbd7161-6c9b-49a0-aac9-25da1ff4b253}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

MD5 81ac05c6d01d84d913a56c11909cdc7d
SHA1 55f6bd5429c5a35ed53caae2cd50d856edcb7883
SHA256 b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5
SHA512 0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\storage\default\https+++www.youtube.com\idb\420626915yCt7-%iCt7-%r4eas8p3o.sqlite

MD5 b841bad037cf093fb0b47234a4d95df4
SHA1 8bea03dbbb7d831299693f4e71d2413e1a24887f
SHA256 9912557c90d2bece220001a00a18809422184d8873eb690aa16acb0a4a9c62f0
SHA512 fea30d79dfca3324b5a12ba973708c48a2b7d14c38fad973c747595dc857b0a8f62fb8ae0bfbaff4a8c199229e66ce61e94ee93d64ae4b2493fcba5388b43a37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe585985.TMP

MD5 e18e0a816c4ff7150c36b7ff3d05f152
SHA1 e6b6207779769d631f61a84ac00aadf8f41e5f1a
SHA256 229cd2e000f039d80bb5297489f555446b35750b873b0544027596bb24a25cfa
SHA512 b197254f54ebb0b2224ddfd9302520ea96bb4effd60d9d9678763035949bff9f3752433e60d09b61542120a0f607e2ff095748c03b3c17bc2f926a78842cddd7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 5e5fe50d1ac1641c21195d74ec6c89a7
SHA1 3ba78883673a505dfc5d861c63cbcfcbe43d95a3
SHA256 cdfc6516b47ea12b4a911a6bb1c0bd8ef2c312045e38d509a3b814808c1ea4e0
SHA512 28608948c90b76b35d2be263daa7f9bde9a8d475b39e5152615acc4440c652ff5b1115b4a6bef1dd885171dcc0ced8833288a1405208e608a6309803ff24051b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 fa5a5ecbb14211111262f8571ff1af73
SHA1 1fb99d1fe4038eed28189535606fe8bfd88fecab
SHA256 58afeea255d907f15389379f347634b570b2a83861d18497ffd55ad81dfde3b5
SHA512 89b14b43af9d9880c0e5a7ee67ca2d55a48c38870c881a03be398fa7f7701bf13e1ee855985253f0777e9e0fe8066a1b738acd0cc5d273910b146f19a808718f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\sessionstore-backups\recovery.jsonlz4

MD5 c7904adbec5bdb5c0fc87a63d35a511e
SHA1 9397c4eb00979acdadd922405db740a146323e46
SHA256 cd319de64006d631eee751d9a9daa87626d3840694aa9515614ca4907f6b5b7e
SHA512 19020c4153260dc23e07e1035d795c1a6e625bd4ef6d9c670773043e372f7da9c25618687176cef4a7d8d1cafd6c7a38f97534c3f9aeec441f0dc58620b66bfd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

MD5 3b40598a735a304a93194868c712d563
SHA1 6ccfd7117bf97966c78900872119f749873e5347
SHA256 e8b23f654dc1dc41d425a7ba52885933403e1ee55867aa52f18b641e93a8cdd6
SHA512 4e159ca9cfb5ebe7af0e847923f82d4219a467121cb51be9a0f0f6a2345067e234df5ef51206e71c80e5727333a5917e0aa1ca2fbd7ba72f280b69fdb9acb3df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 4e08eee044c91ace0ad7a46cd9542a0a
SHA1 b542dc6b9818c8c1e07563d3656389c67b3ed5f7
SHA256 e5602fcd6ae093bef4648c93d192f79d4d6849d783096aecfdd2f53e3ad85982
SHA512 72851bad9b83bfff6a47141bd5ad47bf1a2fffc7c8c62e611606b06208f5daa3c52ff49f60945ae58884e22476069b99c7a7f44f1ea8d624cf2ad4f4227d3b59

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 37015173d71f03b908d36bf78075c0ec
SHA1 be664185d2b52c8b0c5d4695994f4290e4d29b57
SHA256 340c38273150a3ae0fcc30b5d1ce9787ba49e8acfe92749afabe075e76b38546
SHA512 86b09a99cb164132bf0cdcd27cbc6290495959686b5fbbdebd80eda312f926e5633bb01e478ba97fb01f038eab4dbab4ebe7477a117c04b3eabf5c1b7a0083d5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f9e84a14bd5b945651b6a32903222da0
SHA1 066d550ee471f519287bbb20b001e272e4d59ac1
SHA256 40a19cad765d0925e86af53f5062438c959f57a172bf01a3ecc2c681cd50f46e
SHA512 c569e1106983b1ef2302c369f3d1948a65c044abad655b0c83122df6fcb43a3ff799f2bf9d6230fc6d43dde3e0b898f3856ae71ae1a950ed33fe3356d23fb029

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f63557b5f493639556227f569c61e78d
SHA1 da5ef9a41902128db3668b5df41fa29fad45cb49
SHA256 6ea5195a9bba983561906eb5d20b7e5eca523539b89590ca4387fd9d783e9c17
SHA512 769a200481df5548ad121d6a0c388e03bafa952dca54b633e4c48a99c477948c7bf9bdee431f23270edbde55f8f3b1579c8b18a6c5c06da43716988e8b63163a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 916b9db114c8bcf6e2bb7fc64ba6b299
SHA1 b00ee22a7e399b1f9c1bac65066d048b459b0924
SHA256 d02348c387a7ebb49cec8d8814a793e16a08e843f990a0cec9a1d247771392ce
SHA512 e1f2d0de458866ded448cdd67e74ca9c97108806026802860d34071614ffc648d9b70c9edce97683cdbacb961dcc8d29d49082ced0233a6e4b4d1e1d4a1f901c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 644cd96894cf4a4f8bedb229ea8a02d7
SHA1 c9874c43ea14f57fedf99a5a65adde82d6d7b4b4
SHA256 c7d5cbcec9b73700cdd1f2223efcac936e82de8d50dfdf02441d84a99df35586
SHA512 df690f9f84a9e8c7b36050322475992fd7ee2dbbf8d6ca8312191470d3cda08b66aad7a68bf53cde5007bd90424790da1c15021d5561cc1b7c75c58bb80191ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 20a9045b454a9ea02e1ef23f99e1c9c5
SHA1 8e13d954bde1d63a41cd0d1aee688b0cd9b00360
SHA256 f9438d32e1a922846b975e71e9d604c633d1b62ed822454073b4269173131691
SHA512 7564412efec658316b68916fd4c5f57eddd79840ff852a8bd69ed40d82d823b1cc72101f3ce3eef557f943a90a0c05beedee01ecc96387f076e347b3718c0466

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 12c822271e57d9e93a0eef47747cdcc8
SHA1 dd13ebe327ad2f18008a55ef5abd67a499f82696
SHA256 450602c88331e7b63b78884449a517c8f6007f6956a77a2e525c1c06ec7f01e0
SHA512 044aed4aadcc91b279cb2f2513091f970caac6858936c62e0b59082d6c6a05fdefdd43f21f0653984b3aaa12c9eece54131dc9f02f4fecc269825bce8aea9937

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\sessionstore-backups\recovery.jsonlz4

MD5 d425d2eb0568e20a563eb39885954bd8
SHA1 4c4cb5912ccfc4d19495db8d5ad75c0c9888500a
SHA256 82d35857f07aa7e8080005a2bd44a461669317d774ac9e9e9bbd0f80986e59f1
SHA512 93d12f14202325a8b70b22cf431706d62829311b6f10fb866427737080f4a8b5f4eb9b5ce0da9b8e28a9d8fe8e992886a8202a05fa0262d57a3e49a422006ab1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 f27b05fe82fa9eb05ab45c3b0c72973b
SHA1 8c2d11964d932bc9aaa115ab7d935ce7890795a8
SHA256 62292f2a5ccdcf529104bc54c27666cb1d5174aea1317534a0ddf53f32085595
SHA512 14a24d28fff808e2c68ebc1c8d4b879c966ccbffd25862ed219275632b491efda13849daa052ea0c9a28ea2f11bdb3789e49b3a5a07673826896215ce1ffecf3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe589c7a.TMP

MD5 8d17ac23b7313c688418645d286efbe1
SHA1 617d06f8f39d88507c6e56a2ffa0cb86b328d9b7
SHA256 b812637360e2d503a0ea9d3bccd0a3377a8b7a3ffaa323f46b67d09a404b8931
SHA512 3e1c73c8802e0f2a95430d42c4abdd2be457d49869613948450564ce8f3911f15d9a76bbf6592528c4716050c6bf8e3f7addf77276aa9e42b2880130438e24c0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\storage\default\https+++www.youtube.com\cache\morgue\33\{3eae27e7-7bea-4895-a370-fefa1a197121}.final

MD5 7981f433590b9d8b8a3ddcbd9d4a83ed
SHA1 58944a6101a8cd3e37574d26f2d03638c0fe2b2b
SHA256 097ca92e3fe122231764cb6d23deca18894c83cbd4128b39e925c88c061096b1
SHA512 67e541767b07de4f4a1b88b13c5ae2f0b0df41c09b22648d8681cd7e7cb2cc7d0c15f685f8d6165317fa5956687f46731867892d3e811b78a9b6df2eb3565d4f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\storage\default\https+++www.youtube.com\cache\morgue\81\{990e8969-edeb-4d7f-a34d-36ada060d651}.final

MD5 d0d1672cc7d147f9f802ebefdb01e914
SHA1 22ed7eb147f695ec1df8ae6f43cb7787dd0ea652
SHA256 62efa98b135e5ef8779b99489ab8200b60026a5b1000ff3c997f3be230febe2f
SHA512 7f8ef8af3f57a6aab90ccda6ab1079e43630de11d14a780786a1b0f1ab057d7cfd5ab512b53ecd8ddd1bcc669fa56a0c260b2df421db64e3855dee7d63251a68

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 bf36fd78c7522d82fe65d2599ad5b9d5
SHA1 576df5af25b8f12377f6184fcaed93e56bd98024
SHA256 caceaacb72ffd641d3443b101f2ff49779e68d0708210f126e9a8b27e0066251
SHA512 03244600263697756d4fe9a62fc5cc946b0e0d29109d6ec0a04fddf1724590fbc1355698b84042f7c782857bef311750357c702ec3026c78cfcd7d0b6d19f04b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 e41e74740527262a8c5695b09967f4e7
SHA1 6016243fd621eae4d9465fcb83543c0bd8b89954
SHA256 86b6b1b99c010d36c70a8ac70dece44a1e35d03032ddad48d14d9b936d603bd2
SHA512 0c7a0ddb73b10e168575337a760f8b006c320d71bfa0d51604345fc49d868afe52911e3bd597e7b57c5fca1b875fd29a5f0c870e73e15c06cebaf093b6019ac0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 54e87cf99aaa266e47cc978d77f761f9
SHA1 1c9547eeda8b7220b883bef1eef6f391d24db0cf
SHA256 5141e7ad2420af57d452ba7d5a3ddf3fe3d17bbed924c63b210a3aa786473cdf
SHA512 d156c77589691ad2ad84b465feb2e2c4dec369dfc5f276e966ffca1d232e7d26664bdfe72b4f8279b3aa24e3173b9f7969d82111fc74cf4eff478c31afedbc9c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036

MD5 aac9daa9fbd0a896f415cb631da7f954
SHA1 94e7321a4d9cb4f42d662f5685a36920807c8c38
SHA256 c9da818db49a51bb93b938ccaf2941b1b3df40f0d1a8e8710cd14284b5c01715
SHA512 2dae89fdacc8c85ec21603c7ebe3b4f0d8362ea3678670c079745bde82737757c110f5d66ffe53559a8331a49a809005813e12b830941f0f72707ed43ebcc4b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037

MD5 27a05b77e7bba6c2b279f1a67cd6acef
SHA1 3164de3d460475f745bba673aecd9f7d799d7509
SHA256 71aca97ad43f1a016bcc6a04f90587cba90db71a03358130d686acf042e00f83
SHA512 5cdf58d637dc70be10b36d7ca7230404ca4cd58af53028183cfc28335dd8d3ccb24f0653c0844acf67deb18f8b529dfa83ecb2af34dc1129662dbdf20c0bba06

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 7f263e2e838e7c6d7a34a993479e5054
SHA1 bbb1ee61fb9974e3e50de6b34dfefb034c5e4549
SHA256 1f8c5ea296463d25fe6fd411ddbcb43bb2dbbf2b33033f93d074674903106e88
SHA512 78af4f55d8c7e36d7636632faf96e3525adf07f988bab4fc52700698a93e16eb1e89ef87087ca2e83594152dba2dd50784cd3ff7767b1e5747207bb8a9d96d1f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 55a9d806cc17b3a8aacc65d99cdfa020
SHA1 6cb79c64a3e27fc7af99f2ccf6023454689f5307
SHA256 d3f895758f9d7fb515819aa98e0fcb9eb0dd16895f68e5a68908f97afa8a230a
SHA512 c358127093d73f602726a7802c42c7a6ea75365d189b340e67cff9e1385efb56033e694be61d600e92758ed735ff7338c5b43dfa3c7f2dedf9240e529238dfde

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 c1aa2cc00321dbbf4dad103c085c92e0
SHA1 3a0b081dfdf28f79c3d62a14abf6b87d13c1fee7
SHA256 8b512f4b3e2dc968fdfc51a140be6ef3fe91c8123f3093068de3df2415c0c401
SHA512 e474ba4e45a3e2c37ce9a9bde50b3136ecae6e5f734afc7dd4e95349996db3226b7eec9373220855da8466f53439b7a918ed39bed89b2922e6ef773c2b7e8290

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 baf062ec469f588eb0c0acbf3439fe16
SHA1 9c68c3502c78f289d6f0008702a544e9187921ea
SHA256 f15501c759d33f1b3eee50288723851edc8c102a03ea6df2c00402474f278ebd
SHA512 91a6fa5e341d84450f7ed506b7028b9f034363d25615d4608686a47c34d23f386ee01f54c9d44beb27a679c53f498692433dc2eefaaab257c19edf5b200259df

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eypn1lcs.default-release\sessionstore-backups\recovery.jsonlz4

MD5 2448adf0bebf29e3cd609ddace11ca36
SHA1 9d5af676d5aa36a244c29105a95e62969acd916f
SHA256 1aaa3400a469b6318f8cb8e2a0ec53e75e6d7a6ed0dfac46cc37626bf82bf402
SHA512 a2ae5c2ce40c449c7b636372fdff9bebdb8669071752b1e9529c7c4b67e53448feeb870244503e13cc40901b19723fdf3e642765bc942daed923a162fea522e8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5da5700208dc6e1cd92a6fb3f3a43812
SHA1 9dec79805d02016f45ab8e290329ead2df76a2bc
SHA256 00ede4c2c1ad3c945558ef96b38e93e0934aa0ca3313ff17611691900bd9050a
SHA512 aa35e0476e0999889c06b53fcb898baf8e421d2fb48b58a2ef9ed4da59d1e8387fb5bd57be37710f7943927397d744f560af549c33a46ebaf212c1a3c32aa60f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 a86a020a2c1a1a3b85cf118a09db03be
SHA1 54bda192c3054e11e9029c1da06a8bc4d890e88e
SHA256 671a53ef11ffe99abb093dd190b4d9803092d3f747d4e51bd120ad65a81beb49
SHA512 93589bac5b2bb7a6318cee55c4090146f1c90720f79e2ad8a7e06b73614e33b61a2c594fa451d2e260546eb19356eb0add5e99e9bd9eb2198585b50180e6a229

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 1a5691e1f99742e4d581f067931126c6
SHA1 37539b9d8b1d3ef9c9d82a3f5a86a7aa90b20f58
SHA256 7536d881f18c2fd6ce400f51964ebdf2010d3d1e00bd880fa7648e23bf3b4b06
SHA512 454866cbbf78d29f2ef2878f48e344c92059bd3510ebe598ff0f6d4fff1064cad661d20ccb3233ea84495f17a4f56232f2f7d8e880d13c45e03740902169a2a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 efddbef39979739f3f1cfbc0a978dd08
SHA1 7877249bcacb1b0b7dc5d4b780c10f7407594b06
SHA256 17010bd5571502ae89e9119fd9d4eed2573e7139d17222997c93f08853534b2d
SHA512 359e9c54e299e99105010d0abcfbd8b05e845c9378be56e67214b5cd541fb0427fa3d4e113f7491124680000318cbfd9b6e270b49271a7d0a93a9d527efbdda4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 f63e6c92aae8dd9838f8d0e4c08e6011
SHA1 2f2840cdcfcf243b8da7bf8fcc1afd218ef2007e
SHA256 2deba1aef4beef413d953b27285eaa9fcaffd1a0fa5ec805d0d97d29119b35fe
SHA512 79611c99803f639b18f13715ce7461d2443d7b902d3f34094c11df7fe1e85ebb0f093cd2484b7bde5d52b54bdf85af4dcd5dc8ce658fc2addc168dd6013bd867

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 2584f8151986ca3c5171edae533a380a
SHA1 bfb48d6183dbd053e555bbbcecb5467dd7be1757
SHA256 4ca434720152501c59843e10ff2b53db69e66fbb376fafcb225f38f44cf88e9e
SHA512 5b90a941932e96d3a96322f0d0d89c1de539a632a7394c9075f6d7268835e816c5b0632336c6cccf61ab00423fb1707c2bc49e35ef6d0b6299a8acf4472ee9c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 33f9774b612146365779518cd8bb8b96
SHA1 47fbd653611b32281efd0600832fa2afb136a06e
SHA256 63863d79dbdde5107c9970c552deefc3a817d0a387cfabb35f05f6286cb05621
SHA512 c0c2bbcb27af53bf80126b6cf4179c303f9f1cfa0b371e0481467783774557964818c333eaf459508f87b77f38fc19518a15cc0a6bea9a19b125938dae2f940e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 09f14ebdb42ac0c204779f05075472e3
SHA1 57adb0e402a97024ba181b949b9e86956f5cc40f
SHA256 724595211101a51321db8c5f1da6b9da7d52cae9b7f41006440557f5e8652a01
SHA512 59583caf70c19b069c37df4e66ab6f0fb1ffb104e8b0ad721433cb7e568420e98f64beb78cc724ba130a391b6bd58478bef8a943db58ff2872ecd7906818a733

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d2434f105dc20a0ed63f171e90b61aab
SHA1 c7c27d35f915861c675a2d39754dd4415ae42bf9
SHA256 f6286f23afd5359a86079739834f12585fd97928fe829afef541b46b1f34a200
SHA512 0353628c9b6857d2a3ce9e513654fbfb476b7fdd4026dcf1a45ba3bbea54d9e2ae04dc8d253e5a838bf9fd48ae6afcee5d2a68b1224b21fb2cae12096db410fe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 9574b15e4d46f0231ffa8a7a9d200d16
SHA1 061b322da2a866b8fa3fcde35b98cf32ce92c425
SHA256 c0c736a4e286bdc220c214a6d8056c81278dfed3d4730e7e7db6a4daeb9ba7d8
SHA512 f8019f9ff078bfd85ab0e52ee48b2fd02083a21648771f4262e72f0891d9aa55c86f66f9b3c1175291435f4cf21ae11bcb25556d740685c0a957ce1f20bec31b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 0d2ab915a4a518ed2f4cb9a8c5872900
SHA1 9efcb301d540fd96301a0b0b94d6b7954cdf9696
SHA256 58184c21dbc9ba48fd9e511c60422053ebf368924218b920ec5724d035c6b464
SHA512 dd4e36f7c190f1dd61bdd3415291bb3e254890fd88c1789c25d0dbad98294bf47f06d4d5c85489d6b8e52bab0418c4634c02a9e42a43770b22c5dafaf187c508

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 df9e0707842f740f2a1f0d29f9005554
SHA1 6e07f57e6f72e20947fa660a310e7683f1b65380
SHA256 a8ddad1a04fd6060270d274f109116dd1325359cff1455a84798add5845de4a7
SHA512 25be03f385659e3dd83e4620a0e134b4415d1fabb8f038589b4b1cdda01f8d1de824df2a512b56e74eb3a512ce7cd204ea06df43921284bc868d536e3c79db8d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 3ca0c26e4ee4eda495ff1789532e29eb
SHA1 76c3407569f44a3fb9e466a4895dce4923bc7e73
SHA256 6b5d4b8fdc46e81ba70c6cca585dfa48f8b64cecb282c50bef69e1e52adce825
SHA512 ee0d0b70913b8d80b1421ca5d5d91244c7c2e3840ba79eb6033b5edde9c8d54817c6acf44bfa4b12c673ff258f71c5e758f8990a1da17bd183f0d9405d9148eb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 93abbcb8ce326d5c0e65b9f687b94c41
SHA1 98ea8b5d93bc9aaac067e935cf421e647ed2afe5
SHA256 22524ff2108729348bace3c7ccfe29183766531bb536b1ed7e75da49a15e5e03
SHA512 da62ee0b93fb132d8e1221b66b8e866d4d3a5e6a71b5932033be073252fc991b8ed25a59edf1649256bbcdee074eb9f29d414860ad29a7d59352bcca67e89a6a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 f7a539cd69f421820b18bec6174f68c0
SHA1 c8b1d4f2eff188fa97ab81e014e1c2976022ed3d
SHA256 c58e6957c3fd333a8c7a86045ea8f401e80e10c4d570326dd817137e10e161d2
SHA512 ec422909ffa27fb6da861c59fa1c5794771ec298b3eec5a210b040c3e4db740de06bd39171ba582dc3bf22e0befbe1d3fcc44ea096f197f3783e789d8a4a0c92

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 cce6f51869aad8e19658805d9a12d646
SHA1 cc3d192002fad7b88eb741714a4b0e327e2c8fd0
SHA256 62d8f8144b71519df151c7c84ad2740944125f3af9e06ea35c2f0072ce13c938
SHA512 2b65f75d178db9c8c4f647e24da55d8ade0596e76f9ee7bf5259cc7c23439212029013a58597b09c80695c2be926bb7fa1033ef2d9c365e56798c22e55928874