Analysis

  • max time kernel
    152s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08-02-2024 01:56

General

  • Target

    cf1c6c9cd6fe79284928b6e3fbe50e8382f486fedf5e0f982156c1807a8f341a.exe

  • Size

    897KB

  • MD5

    9304ea2d54fa282616673ca9b7c76f2c

  • SHA1

    14c9fae7bc84a342e722d0d3d0e3939178b625a8

  • SHA256

    cf1c6c9cd6fe79284928b6e3fbe50e8382f486fedf5e0f982156c1807a8f341a

  • SHA512

    89441b3608ed3f0b71869d66f3449c9ff377e799c44d2cb12b74ff52b07f944a050540efad9830116ca0037459b9dc9f4a75bb512b407375cff45b50d7873b67

  • SSDEEP

    24576:hqDEvCTbMWu7rQYlBQcBiT6rprG8aA1w:hTvC/MTQYxsWR7aA

Score
7/10

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Checks processor information in registry 2 TTPs 15 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 10 IoCs
  • Modifies registry class 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 22 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 61 IoCs
  • Suspicious use of SendNotifyMessage 57 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

Processes

  • C:\Users\Admin\AppData\Local\Temp\cf1c6c9cd6fe79284928b6e3fbe50e8382f486fedf5e0f982156c1807a8f341a.exe
    "C:\Users\Admin\AppData\Local\Temp\cf1c6c9cd6fe79284928b6e3fbe50e8382f486fedf5e0f982156c1807a8f341a.exe"
    1⤵
    • Checks computer location settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:5004
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:1464
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcd6bd46f8,0x7ffcd6bd4708,0x7ffcd6bd4718
        3⤵
          PID:3900
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,16533419864584725301,3540458426899126945,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 /prefetch:3
          3⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:2604
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,16533419864584725301,3540458426899126945,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2
          3⤵
            PID:1300
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login
          2⤵
          • Suspicious use of WriteProcessMemory
          PID:4756
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffcd6bd46f8,0x7ffcd6bd4708,0x7ffcd6bd4718
            3⤵
              PID:4168
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,15899636780829134684,8704520275974972380,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 /prefetch:3
              3⤵
              • Suspicious behavior: EnumeratesProcesses
              PID:5556
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,15899636780829134684,8704520275974972380,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2068 /prefetch:2
              3⤵
                PID:5548
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
              2⤵
              • Enumerates system info in registry
              • Suspicious behavior: EnumeratesProcesses
              • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
              • Suspicious use of FindShellTrayWindow
              • Suspicious use of SendNotifyMessage
              • Suspicious use of WriteProcessMemory
              PID:4796
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffcd6bd46f8,0x7ffcd6bd4708,0x7ffcd6bd4718
                3⤵
                  PID:4720
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1444,9023524402925342049,13728034994988841136,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 /prefetch:3
                  3⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:1612
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1444,9023524402925342049,13728034994988841136,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
                  3⤵
                    PID:1496
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1444,9023524402925342049,13728034994988841136,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
                    3⤵
                      PID:5576
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1444,9023524402925342049,13728034994988841136,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
                      3⤵
                        PID:5564
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1444,9023524402925342049,13728034994988841136,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8
                        3⤵
                          PID:5216
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1444,9023524402925342049,13728034994988841136,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3916 /prefetch:1
                          3⤵
                            PID:6304
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1444,9023524402925342049,13728034994988841136,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4120 /prefetch:1
                            3⤵
                              PID:6624
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1444,9023524402925342049,13728034994988841136,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4300 /prefetch:1
                              3⤵
                                PID:6856
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1444,9023524402925342049,13728034994988841136,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4452 /prefetch:1
                                3⤵
                                  PID:6904
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1444,9023524402925342049,13728034994988841136,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4600 /prefetch:1
                                  3⤵
                                    PID:6956
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1444,9023524402925342049,13728034994988841136,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5296 /prefetch:1
                                    3⤵
                                      PID:6852
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1444,9023524402925342049,13728034994988841136,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1
                                      3⤵
                                        PID:6864
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1444,9023524402925342049,13728034994988841136,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6904 /prefetch:8
                                        3⤵
                                          PID:2904
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1444,9023524402925342049,13728034994988841136,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1828 /prefetch:2
                                          3⤵
                                          • Suspicious behavior: EnumeratesProcesses
                                          PID:7512
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com
                                        2⤵
                                        • Suspicious use of WriteProcessMemory
                                        PID:4444
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffcd6bd46f8,0x7ffcd6bd4708,0x7ffcd6bd4718
                                          3⤵
                                            PID:1864
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1972,9235475479113620054,163549490867890608,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2
                                            3⤵
                                              PID:5360
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1972,9235475479113620054,163549490867890608,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
                                              3⤵
                                              • Suspicious behavior: EnumeratesProcesses
                                              PID:5368
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/login
                                            2⤵
                                            • Suspicious use of WriteProcessMemory
                                            PID:4480
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffcd6bd46f8,0x7ffcd6bd4708,0x7ffcd6bd4718
                                              3⤵
                                                PID:3168
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,5526252487913814890,13835303512019465472,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 /prefetch:3
                                                3⤵
                                                • Suspicious behavior: EnumeratesProcesses
                                                PID:6148
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com
                                              2⤵
                                              • Enumerates system info in registry
                                              • Suspicious use of WriteProcessMemory
                                              PID:400
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffccbcc9758,0x7ffccbcc9768,0x7ffccbcc9778
                                                3⤵
                                                  PID:4012
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1932 --field-trial-handle=1980,i,8356890715741680323,7563792381169030912,131072 /prefetch:8
                                                  3⤵
                                                    PID:7772
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1724 --field-trial-handle=1980,i,8356890715741680323,7563792381169030912,131072 /prefetch:2
                                                    3⤵
                                                      PID:7752
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com
                                                    2⤵
                                                    • Suspicious use of WriteProcessMemory
                                                    PID:1164
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffcd6bd46f8,0x7ffcd6bd4708,0x7ffcd6bd4718
                                                      3⤵
                                                        PID:4020
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1772,16978296588718815673,198725451022757588,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 /prefetch:3
                                                        3⤵
                                                        • Suspicious behavior: EnumeratesProcesses
                                                        PID:6228
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/login
                                                      2⤵
                                                      • Enumerates system info in registry
                                                      • Suspicious behavior: EnumeratesProcesses
                                                      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                      • Suspicious use of AdjustPrivilegeToken
                                                      • Suspicious use of FindShellTrayWindow
                                                      • Suspicious use of SendNotifyMessage
                                                      • Suspicious use of WriteProcessMemory
                                                      PID:4432
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffccbcc9758,0x7ffccbcc9768,0x7ffccbcc9778
                                                        3⤵
                                                          PID:2168
                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1744 --field-trial-handle=1976,i,2709418619633958173,16291422408024395182,131072 /prefetch:2
                                                          3⤵
                                                            PID:7200
                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2228 --field-trial-handle=1976,i,2709418619633958173,16291422408024395182,131072 /prefetch:8
                                                            3⤵
                                                              PID:7228
                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1924 --field-trial-handle=1976,i,2709418619633958173,16291422408024395182,131072 /prefetch:8
                                                              3⤵
                                                                PID:7208
                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3108 --field-trial-handle=1976,i,2709418619633958173,16291422408024395182,131072 /prefetch:1
                                                                3⤵
                                                                  PID:7416
                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3104 --field-trial-handle=1976,i,2709418619633958173,16291422408024395182,131072 /prefetch:1
                                                                  3⤵
                                                                    PID:7404
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4892 --field-trial-handle=1976,i,2709418619633958173,16291422408024395182,131072 /prefetch:1
                                                                    3⤵
                                                                      PID:8184
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1920 --field-trial-handle=1976,i,2709418619633958173,16291422408024395182,131072 /prefetch:1
                                                                      3⤵
                                                                        PID:7704
                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3864 --field-trial-handle=1976,i,2709418619633958173,16291422408024395182,131072 /prefetch:1
                                                                        3⤵
                                                                          PID:7540
                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3944 --field-trial-handle=1976,i,2709418619633958173,16291422408024395182,131072 /prefetch:8
                                                                          3⤵
                                                                            PID:8016
                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5600 --field-trial-handle=1976,i,2709418619633958173,16291422408024395182,131072 /prefetch:8
                                                                            3⤵
                                                                              PID:4028
                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5612 --field-trial-handle=1976,i,2709418619633958173,16291422408024395182,131072 /prefetch:8
                                                                              3⤵
                                                                              • Modifies registry class
                                                                              PID:824
                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2744 --field-trial-handle=1976,i,2709418619633958173,16291422408024395182,131072 /prefetch:2
                                                                              3⤵
                                                                              • Suspicious behavior: EnumeratesProcesses
                                                                              PID:2056
                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com
                                                                            2⤵
                                                                            • Enumerates system info in registry
                                                                            • Suspicious use of WriteProcessMemory
                                                                            PID:60
                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffccbcc9758,0x7ffccbcc9768,0x7ffccbcc9778
                                                                              3⤵
                                                                                PID:5012
                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1940 --field-trial-handle=1988,i,481529178487511222,17703123825162402060,131072 /prefetch:8
                                                                                3⤵
                                                                                  PID:7620
                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1796 --field-trial-handle=1988,i,481529178487511222,17703123825162402060,131072 /prefetch:2
                                                                                  3⤵
                                                                                    PID:7612
                                                                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                  "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
                                                                                  2⤵
                                                                                  • Checks processor information in registry
                                                                                  PID:4900
                                                                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                  "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login
                                                                                  2⤵
                                                                                  • Suspicious use of WriteProcessMemory
                                                                                  PID:1176
                                                                                  • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                    "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/login
                                                                                    3⤵
                                                                                    • Checks processor information in registry
                                                                                    • Modifies registry class
                                                                                    • Suspicious use of AdjustPrivilegeToken
                                                                                    • Suspicious use of FindShellTrayWindow
                                                                                    • Suspicious use of SendNotifyMessage
                                                                                    • Suspicious use of SetWindowsHookEx
                                                                                    PID:3488
                                                                                    • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3488.0.1394636912\1021161888" -parentBuildID 20221007134813 -prefsHandle 1776 -prefMapHandle 1768 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2dbf6b16-97a0-499e-b91f-8f7613cad414} 3488 "\\.\pipe\gecko-crash-server-pipe.3488" 1892 1d84f2db958 gpu
                                                                                      4⤵
                                                                                        PID:3592
                                                                                      • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3488.1.537271613\360599332" -parentBuildID 20221007134813 -prefsHandle 2344 -prefMapHandle 2340 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ab78378e-7b5f-4bbd-8593-70ecd7b6f32a} 3488 "\\.\pipe\gecko-crash-server-pipe.3488" 2372 1d84f20a258 socket
                                                                                        4⤵
                                                                                          PID:6516
                                                                                        • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3488.2.2145412766\958065019" -childID 1 -isForBrowser -prefsHandle 3432 -prefMapHandle 3428 -prefsLen 21668 -prefMapSize 233444 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a6bef902-05cb-4754-a9f0-e2324ba5c99b} 3488 "\\.\pipe\gecko-crash-server-pipe.3488" 3624 1d852c39f58 tab
                                                                                          4⤵
                                                                                            PID:6484
                                                                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3488.3.441359619\756989913" -childID 2 -isForBrowser -prefsHandle 3180 -prefMapHandle 3652 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {04225ef1-9034-448b-bdbf-4b1f9de480e6} 3488 "\\.\pipe\gecko-crash-server-pipe.3488" 2992 1d853879558 tab
                                                                                            4⤵
                                                                                              PID:7492
                                                                                            • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3488.5.1353801947\1293412864" -childID 4 -isForBrowser -prefsHandle 3868 -prefMapHandle 3812 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f19c32c6-89b3-461d-98ec-0992e77e23fd} 3488 "\\.\pipe\gecko-crash-server-pipe.3488" 3856 1d85387b058 tab
                                                                                              4⤵
                                                                                                PID:7592
                                                                                              • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3488.4.1530287012\53860646" -childID 3 -isForBrowser -prefsHandle 3608 -prefMapHandle 3612 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3e1f2863-82cd-4e72-896f-29ff44927fd3} 3488 "\\.\pipe\gecko-crash-server-pipe.3488" 3640 1d853879e58 tab
                                                                                                4⤵
                                                                                                  PID:7584
                                                                                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3488.6.851726426\697369636" -childID 5 -isForBrowser -prefsHandle 4820 -prefMapHandle 4816 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d593ba8d-7f48-426c-a154-ea3ae69ec585} 3488 "\\.\pipe\gecko-crash-server-pipe.3488" 4832 1d85412d058 tab
                                                                                                  4⤵
                                                                                                    PID:8432
                                                                                                  • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3488.9.708369227\1430490604" -childID 8 -isForBrowser -prefsHandle 5844 -prefMapHandle 5848 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {00867e55-b53a-439d-a953-9b2f3c7231f7} 3488 "\\.\pipe\gecko-crash-server-pipe.3488" 5836 1d85626c258 tab
                                                                                                    4⤵
                                                                                                      PID:8456
                                                                                                    • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3488.8.717561504\1659476526" -childID 7 -isForBrowser -prefsHandle 5640 -prefMapHandle 5644 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f698d738-02d0-4c43-9b74-28edc367dea3} 3488 "\\.\pipe\gecko-crash-server-pipe.3488" 5632 1d855e2fe58 tab
                                                                                                      4⤵
                                                                                                        PID:8452
                                                                                                      • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3488.7.1431278468\682005793" -childID 6 -isForBrowser -prefsHandle 1628 -prefMapHandle 5144 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {edf6ea29-e004-4583-89a1-06c94a1e0e89} 3488 "\\.\pipe\gecko-crash-server-pipe.3488" 4676 1d855e2e958 tab
                                                                                                        4⤵
                                                                                                          PID:5596
                                                                                                        • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3488.10.1884368300\1960203721" -childID 9 -isForBrowser -prefsHandle 6064 -prefMapHandle 5848 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {133660ed-3611-4ba3-9b1f-157414e21ca1} 3488 "\\.\pipe\gecko-crash-server-pipe.3488" 5640 1d8512e1058 tab
                                                                                                          4⤵
                                                                                                            PID:8668
                                                                                                      • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                        "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
                                                                                                        2⤵
                                                                                                        • Suspicious use of WriteProcessMemory
                                                                                                        PID:4212
                                                                                                        • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                          "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
                                                                                                          3⤵
                                                                                                          • Checks processor information in registry
                                                                                                          PID:1616
                                                                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                      1⤵
                                                                                                        PID:6136
                                                                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                        1⤵
                                                                                                          PID:6492
                                                                                                        • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                                                                                          "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                                                                                          1⤵
                                                                                                            PID:7716
                                                                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                            1⤵
                                                                                                              PID:6368

                                                                                                            Network

                                                                                                            MITRE ATT&CK Enterprise v15

                                                                                                            Replay Monitor

                                                                                                            Loading Replay Monitor...

                                                                                                            Downloads

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

                                                                                                              Filesize

                                                                                                              40B

                                                                                                              MD5

                                                                                                              a7b4b3c433cb41cdb5fd3c0bfc5f7c20

                                                                                                              SHA1

                                                                                                              61116b9a33c9707a61ef0a0be9f185fdfa7f7eb9

                                                                                                              SHA256

                                                                                                              e9980a3bc2eabd3380ba59ebbd3a320aa5fbb0275d86d3106a72bc4c0052b215

                                                                                                              SHA512

                                                                                                              504f0d29f2a32217eea53e559b4fd52263455157779b9979e208c8da7ceb3895e608fd55680304b469de5360bbb31b71749df0c36521ae199bd6510c26da4ec2

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

                                                                                                              Filesize

                                                                                                              46KB

                                                                                                              MD5

                                                                                                              beafc7738da2d4d503d2b7bdb5b5ee9b

                                                                                                              SHA1

                                                                                                              a4fd5eb4624236bc1a482d1b2e25b0f65e1cc0e0

                                                                                                              SHA256

                                                                                                              bb77e10b27807cbec9a9f7a4aeefaa41d66a4360ed33e55450aaf7a47f0da4b4

                                                                                                              SHA512

                                                                                                              a0b7cf6df6e8cc2b11e05099253c07042ac474638cc9e7fb0a6816e70f43e400e356d41bde995dce7ff11da65f75e7dc7a7f8593c6b031a0aa17b7181f51312f

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

                                                                                                              Filesize

                                                                                                              46KB

                                                                                                              MD5

                                                                                                              621714e5257f6d356c5926b13b8c2018

                                                                                                              SHA1

                                                                                                              95fbe9dcf1ae01e969d3178e2efd6df377f5f455

                                                                                                              SHA256

                                                                                                              b6c5da3bf2ae9801a3c1c61328d54f9d3889dcea4049851b4ed4a2ff9ba16800

                                                                                                              SHA512

                                                                                                              b39ea7c8b6bb14a5a86d121c9afc4e2fc1b46a8f8c8a8ddacfa53996c0c94f39d436479d923bf3da45f04431d93d8b0908c50d586181326f68e7675c530218ed

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

                                                                                                              Filesize

                                                                                                              37KB

                                                                                                              MD5

                                                                                                              01ef159c14690afd71c42942a75d5b2d

                                                                                                              SHA1

                                                                                                              a38b58196f3e8c111065deb17420a06b8ff8e70f

                                                                                                              SHA256

                                                                                                              118d6f295fd05bc547835ba1c4360250e97677c0419c03928fd611f4f3e3104b

                                                                                                              SHA512

                                                                                                              12292194bb089f50bb73507d4324ea691cc853a6e7b8d637c231fadb4f465246b97fd3684162467989b1c3c46eabb3595adb0350c6cf41921213620d0cff455b

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                              Filesize

                                                                                                              1KB

                                                                                                              MD5

                                                                                                              1e47f543ad5b3f0aef9dfe62ed34d524

                                                                                                              SHA1

                                                                                                              3fdc9d6b5f054bf2ad8d055ddd2de10c58243be9

                                                                                                              SHA256

                                                                                                              1132f29d1de9b42d347a4d85c79eb8a6f9ceb6f6d47ac36fbe036882e9dbfe5e

                                                                                                              SHA512

                                                                                                              9fc5bf953d37a46867acc1829d4bbb5d927da450e91d7083eccddc3ce121aab8016c1594ac791dcebe53c72535a28057535df034423dab6b7b46dde9b6c055d4

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                              Filesize

                                                                                                              1KB

                                                                                                              MD5

                                                                                                              8e69c2c132418e285fe78d0fc4e6e9a3

                                                                                                              SHA1

                                                                                                              9cdd8573b65dd610a3e124c7e4358829744a0a65

                                                                                                              SHA256

                                                                                                              ae48848d8d2c0bbc2e78036c4b25f421faf33c55578efd7d42d74bf2e62f3d1e

                                                                                                              SHA512

                                                                                                              748b7aa525c305aaabd2cc5e2f5871f5d8ecfb6cb186745c029bc8ea3bff66d458e39a423942747424af95d2692038d9bbb83a8af6f4dd27fb5602406bf8fc45

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                                              Filesize

                                                                                                              3KB

                                                                                                              MD5

                                                                                                              a49d8c3b69ab20cab8ac0155a26e01d5

                                                                                                              SHA1

                                                                                                              6fc85722eaa75dd469a9a2c290d1682d8da35c32

                                                                                                              SHA256

                                                                                                              c708eb27b066fb75310b80073b3f831ddee7f3f352c584f9f72ffe30a3dd7e75

                                                                                                              SHA512

                                                                                                              9459b292a7f3165d7ac5eede4b5cf8fab9eb544179a6f417d58b512ff89a296fb444024f63cc072e0948b7470d8d7404759cf87ea69c60bdd02ed477937c41b1

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                                              Filesize

                                                                                                              3KB

                                                                                                              MD5

                                                                                                              d96201d01d7f0eab2b95b3b1e25f6479

                                                                                                              SHA1

                                                                                                              1fdaa9c0ccb2b0d73cd7874f5c03326a6e1a1d8f

                                                                                                              SHA256

                                                                                                              8aed3e1d6b6c84dd276964874afdb44f5ee0cdfed7bfa78008a8dc3a5fa50777

                                                                                                              SHA512

                                                                                                              8107aadb00fc2987ea08a42670654250f5fa35f42fb9bb4d5b6d9f1d84049cc2cbb250fdbfcd94a8a98fdd12a79e1a23c5d14c37a6a0da745bdda49500a11e68

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                              Filesize

                                                                                                              371B

                                                                                                              MD5

                                                                                                              d0842c2ff8e2d186f518fe628febc5d2

                                                                                                              SHA1

                                                                                                              4180437a448acfe4b952f0fe52a1957a05ab9020

                                                                                                              SHA256

                                                                                                              1b533c8fb99ed99fb8721e19888772d81315730361993fc1472d23e44754df67

                                                                                                              SHA512

                                                                                                              5b07d4f56bb94605078bdf1ccd7c58933f8b76162d3978fdfc3e4c0429cecc24835a856216bc872bf73f61fbda2629b46955d63b397f0ac4e6ebd96b8c9452e8

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                              Filesize

                                                                                                              874B

                                                                                                              MD5

                                                                                                              988750ed36b4e9657181fbc053f7e6dd

                                                                                                              SHA1

                                                                                                              87217fe604eb35b4dc8838dd77d0b5a7e73bf521

                                                                                                              SHA256

                                                                                                              c321d76e8670e78e9ef297559a04e46f97ad65d5e5e43e4f329ac01c6f980550

                                                                                                              SHA512

                                                                                                              7fa15869743f9974b6e34baf8e10fa47c0cef8ccf78333483417146815bc78cf3256913fc7548166946f0d3a5f15edd20480e16756571b2adbc50a21650cd5b3

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                              Filesize

                                                                                                              1KB

                                                                                                              MD5

                                                                                                              5175d25581de154f5b0dbd56e39e9b27

                                                                                                              SHA1

                                                                                                              5b82c491b81d8630020320e2f0945cf7223e7dec

                                                                                                              SHA256

                                                                                                              9d311239cfae72b2455b1291741ecc1b750ca5e23cd92f086e6c198da0edffe7

                                                                                                              SHA512

                                                                                                              a5c4d3b127c8d119917f72f211bd57ef6de236c0fc5a066ea8505e44df7c96fa7975ac48409f9980894a10bb25204c8edf16ba92550e9749bafe7f2b04b8a9ed

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                              Filesize

                                                                                                              7KB

                                                                                                              MD5

                                                                                                              15652eb4c250bc270b6d14c67b501d1d

                                                                                                              SHA1

                                                                                                              8c19ae49e907929c8244f92fbcecc717c87f615a

                                                                                                              SHA256

                                                                                                              ce2bee20045218b22d50d2bfd2716ba1a76a1f049964868eafe340f2b02e0da2

                                                                                                              SHA512

                                                                                                              3c2135c9748f2877f8aa9c238b42b5cfcfad1aa3d13909c1c402af0cd1d96349421d47ea371429dc889f90f9742aac601efdcc72b9470ff1690888d775fdaef9

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                              Filesize

                                                                                                              119B

                                                                                                              MD5

                                                                                                              2d0302a332743501f164a55c15d9d6cf

                                                                                                              SHA1

                                                                                                              9b49a9e6123f643f3750f483a45e97eeedd175d4

                                                                                                              SHA256

                                                                                                              380de27402a0d0a46f9b951f95dc2a7d4b22563b2713d0b0161883648bb7975c

                                                                                                              SHA512

                                                                                                              da00c7ffbe582fde2fc6fb571961e3da98ea1c73ee0bbd7fe366489b640eb5a84a64db4f5fcd49591dc76a1210eb0aa623d1ea95da2fd567db63956a998d5db2

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                              Filesize

                                                                                                              176B

                                                                                                              MD5

                                                                                                              8a6b52b46cdb5c38d91154b2aabbeef2

                                                                                                              SHA1

                                                                                                              21a62bd3f0ee79fa682336ddc4f7cc39d10ab84a

                                                                                                              SHA256

                                                                                                              f9a05fb6be6aac2a018109907f8c10df44913e4fbcc7beffafeab1b65fad598e

                                                                                                              SHA512

                                                                                                              b9fa55eb07c8247cff2fc1044f7905791e08bf5b8033808a905901a2707a9180bde91bca07e14825b5bb87d3067cf5b82418a57590ec4179d79cef37e459b873

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                              Filesize

                                                                                                              112B

                                                                                                              MD5

                                                                                                              9ba9f375001f1d403a6118982cc47dc7

                                                                                                              SHA1

                                                                                                              42da557af9334c2372e30480df0382d8295c8b31

                                                                                                              SHA256

                                                                                                              e162cd85fcb68ebd217f1cc6736af978443dcbe598ad689dfcd9c2f8d0113e79

                                                                                                              SHA512

                                                                                                              31a9ad71e3f2a37714bd285e41a731f71aab1e1f105e8739fbd65a098a2f36af941900ec57cb8997a33f9f24e6eed7efc039a0d66065e4ee875ed2e84411565c

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

                                                                                                              Filesize

                                                                                                              16B

                                                                                                              MD5

                                                                                                              46295cac801e5d4857d09837238a6394

                                                                                                              SHA1

                                                                                                              44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                                              SHA256

                                                                                                              0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                                              SHA512

                                                                                                              8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                                                                                              Filesize

                                                                                                              72B

                                                                                                              MD5

                                                                                                              909cb769f27920fa34bc6c8867fb62ff

                                                                                                              SHA1

                                                                                                              7d63806ba68b27019a60e27c79931c8595d8105c

                                                                                                              SHA256

                                                                                                              6a1ccb60bd61fb91ab652d6686194883929af9291dde196e3d0cf68c287e301f

                                                                                                              SHA512

                                                                                                              5c199f4e880c94d60ec18b3f0caada4ac36f701ac968930defbde1530c6aed83547f59373791ebe574be1e323a635b3ecefd59abcad0df2caf4568ea934ede8f

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe583275.TMP

                                                                                                              Filesize

                                                                                                              48B

                                                                                                              MD5

                                                                                                              eda467f76596e7699ff8a26c1bb57bca

                                                                                                              SHA1

                                                                                                              66b50d53e984f5f70d6d9bdf9e92545ac9c3f63a

                                                                                                              SHA256

                                                                                                              20ca0b24d9653200a3f4f106fe8cb310f7a0d720f2629f5c55d2453c16ffd1f9

                                                                                                              SHA512

                                                                                                              115cfc98c3332beebf09067260885522784a86c57fc0e0025aeaf447a32b3c95e90bb30fc160fa5cfa68b4f8fe8e5d85182640d17f22a68a6fcf3a1d5b4e89eb

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                              Filesize

                                                                                                              234KB

                                                                                                              MD5

                                                                                                              e736ce566b0ef5a3f9972f468259d16a

                                                                                                              SHA1

                                                                                                              a6018f3ff4d0664e7d83add7d707d2b699cc80e9

                                                                                                              SHA256

                                                                                                              9123b4c6d381f30194086b8d347b7c8fb27e5b01042909230a49b0ba1e1834ea

                                                                                                              SHA512

                                                                                                              eb18e15f2f4e8cc553f3ecc2ffd2bc553036c60f8a029feeddc64e923abb851d9d003bc8af11ec41ac92dbc35786f4a0e908f92d15d5b59da252ec9294a90fa2

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                              Filesize

                                                                                                              114KB

                                                                                                              MD5

                                                                                                              93f266d757527c2487a5a4ebb2fa2fff

                                                                                                              SHA1

                                                                                                              daf3b1b81a5319fc4c755c351116d038e4826139

                                                                                                              SHA256

                                                                                                              31a0b5ccc07f725b1a4fc994886984aa7540837d5d7983e0607e215be830b00f

                                                                                                              SHA512

                                                                                                              a7c853b088362ffab21c43d73aca56cdef36969b037595aa576e863f9883ca123f5a702b80a30a23b417763215d1f4109e20ef01478dff20c27b93523b318f97

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                              Filesize

                                                                                                              114KB

                                                                                                              MD5

                                                                                                              008e59e26eadaf8d6e3682b5abc19811

                                                                                                              SHA1

                                                                                                              8afedbea0001e2fc0c04fcbfcff11f13aa695315

                                                                                                              SHA256

                                                                                                              909335b8a4aad019f4331c5cb3257308682ccaabad81808075f4c9c9703fbf2e

                                                                                                              SHA512

                                                                                                              33020ffdabc07c38a69501cc42096cfd5785e0c1f54e8423d1dbabc7919eeef65a053b566582e66b77887fb861d738a165143813f86b83053ee95f05c01779ba

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                                              Filesize

                                                                                                              85B

                                                                                                              MD5

                                                                                                              8549c255650427d618ef18b14dfd2b56

                                                                                                              SHA1

                                                                                                              8272585186777b344db3960df62b00f570d247f6

                                                                                                              SHA256

                                                                                                              40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13

                                                                                                              SHA512

                                                                                                              e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                                              Filesize

                                                                                                              86B

                                                                                                              MD5

                                                                                                              16b7586b9eba5296ea04b791fc3d675e

                                                                                                              SHA1

                                                                                                              8890767dd7eb4d1beab829324ba8b9599051f0b0

                                                                                                              SHA256

                                                                                                              474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680

                                                                                                              SHA512

                                                                                                              58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                              Filesize

                                                                                                              152B

                                                                                                              MD5

                                                                                                              59a60f67471b83691714b54bb462935c

                                                                                                              SHA1

                                                                                                              55de88c4d7d52fb2f5c9cb976d34fdc176174d83

                                                                                                              SHA256

                                                                                                              b2c8e6719dba039dabcd8f27cd15466e7ba5335d2a87066129c7860b124d2ed3

                                                                                                              SHA512

                                                                                                              04a52ce294c128dc495031e376f3ccb84ccdee6f38e972e3f0d7a10e6db4edbad2381ec1d052759d756ac66761ca42524c83baaf2acfe731e510a022e40e27bf

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                              Filesize

                                                                                                              152B

                                                                                                              MD5

                                                                                                              fa070c9c9ab8d902ee4f3342d217275f

                                                                                                              SHA1

                                                                                                              ac69818312a7eba53586295c5b04eefeb5c73903

                                                                                                              SHA256

                                                                                                              245b396ed1accfae337f770d3757c932bc30a8fc8dd133b5cefe82242760c2c7

                                                                                                              SHA512

                                                                                                              df92ca6d405d603ef5f07dbf9516d9e11e1fdc13610bb59e6d4712e55dd661f756c8515fc2c359c1db6b8b126e7f5a15886e643d93c012ef34a11041e02cc0dc

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

                                                                                                              Filesize

                                                                                                              203KB

                                                                                                              MD5

                                                                                                              b0b439b7e0fda0d849a30b3e9fe5cdc0

                                                                                                              SHA1

                                                                                                              186bb36ea6aa4e966e536fff9df9a4c846addd79

                                                                                                              SHA256

                                                                                                              bad9c84267d924ac86be698bc10af250d433ff1855f8ca7f8f4efca2ef75594d

                                                                                                              SHA512

                                                                                                              8b5e4b3fabfb27e83c63a9b2c0e8eff431cd597714249fabe1ab6d3286955cba2b04adf48be76b72519fb08ffc36f840d53e53a1916c8cd20f9c618b47af40e3

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

                                                                                                              Filesize

                                                                                                              22KB

                                                                                                              MD5

                                                                                                              7a204d478c8dfe822bf86f9103bbd9b3

                                                                                                              SHA1

                                                                                                              7114b36ea1588d9372d730b2ee5dec7a3aee36d1

                                                                                                              SHA256

                                                                                                              d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb

                                                                                                              SHA512

                                                                                                              f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

                                                                                                              Filesize

                                                                                                              18KB

                                                                                                              MD5

                                                                                                              85b2f70f7cca6ac183b1c48cb0198d98

                                                                                                              SHA1

                                                                                                              b9c226a60c83280f96ac76c3fcbfcb7547fbacf8

                                                                                                              SHA256

                                                                                                              c8cdeeebc42c8dd3140e12b64b94f1606d9960af22b6feaf834f4eadf8e1ea33

                                                                                                              SHA512

                                                                                                              79cb317cad7739b3f23988e3f430f8f9ebb4fb42a1fbb3c8672a835fd343c5588e6f912c2831909a1bf0729ddb2c820deed51d7dca050c303975230664570b48

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

                                                                                                              Filesize

                                                                                                              20KB

                                                                                                              MD5

                                                                                                              923a543cc619ea568f91b723d9fb1ef0

                                                                                                              SHA1

                                                                                                              6f4ade25559645c741d7327c6e16521e43d7e1f9

                                                                                                              SHA256

                                                                                                              bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

                                                                                                              SHA512

                                                                                                              a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

                                                                                                              Filesize

                                                                                                              21KB

                                                                                                              MD5

                                                                                                              7d75a9eb3b38b5dd04b8a7ce4f1b87cc

                                                                                                              SHA1

                                                                                                              68f598c84936c9720c5ffd6685294f5c94000dff

                                                                                                              SHA256

                                                                                                              6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7

                                                                                                              SHA512

                                                                                                              cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

                                                                                                              Filesize

                                                                                                              21KB

                                                                                                              MD5

                                                                                                              3669e98b2ae9734d101d572190d0c90d

                                                                                                              SHA1

                                                                                                              5e36898bebc6b11d8e985173fd8b401dc1820852

                                                                                                              SHA256

                                                                                                              7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a

                                                                                                              SHA512

                                                                                                              0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

                                                                                                              Filesize

                                                                                                              20KB

                                                                                                              MD5

                                                                                                              c1164ab65ff7e42adb16975e59216b06

                                                                                                              SHA1

                                                                                                              ac7204effb50d0b350b1e362778460515f113ecc

                                                                                                              SHA256

                                                                                                              d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb

                                                                                                              SHA512

                                                                                                              1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

                                                                                                              Filesize

                                                                                                              34KB

                                                                                                              MD5

                                                                                                              b63bcace3731e74f6c45002db72b2683

                                                                                                              SHA1

                                                                                                              99898168473775a18170adad4d313082da090976

                                                                                                              SHA256

                                                                                                              ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085

                                                                                                              SHA512

                                                                                                              d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

                                                                                                              Filesize

                                                                                                              17KB

                                                                                                              MD5

                                                                                                              2ba277bbbcc8715291613160a997cebd

                                                                                                              SHA1

                                                                                                              e64ee67165bbadd3b8bde989c3e5b1d2540cf09b

                                                                                                              SHA256

                                                                                                              00ffe000f78ae3c8c8d5557e3ab0089e29730ed10b2a190bd2b7a569812afd96

                                                                                                              SHA512

                                                                                                              c0f7840f181ad991c45ed1be0fcc0d90be100f8bbf36c54418ebe66f46d776652447eb5b7eaffbd2eb07c04455841d8e5d74f404eddf3c22daa34269d842435e

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

                                                                                                              Filesize

                                                                                                              16KB

                                                                                                              MD5

                                                                                                              9978db669e49523b7adb3af80d561b1b

                                                                                                              SHA1

                                                                                                              7eb15d01e2afd057188741fad9ea1719bccc01ea

                                                                                                              SHA256

                                                                                                              4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c

                                                                                                              SHA512

                                                                                                              04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

                                                                                                              Filesize

                                                                                                              49KB

                                                                                                              MD5

                                                                                                              55abcc758ea44e30cc6bf29a8e961169

                                                                                                              SHA1

                                                                                                              3b3717aeebb58d07f553c1813635eadb11fda264

                                                                                                              SHA256

                                                                                                              dada70d2614b10f6666b149d2864fdcf8f944bf748dcf79b2fe6dad73e4ef7b6

                                                                                                              SHA512

                                                                                                              12e2405f5412c427bee4edd9543f4ea40502eaace30b24fe1ae629895b787ea5a959903a2e32abe341cd8136033a61b802b57fe862efba5f5a1b167176dd2454

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

                                                                                                              Filesize

                                                                                                              16KB

                                                                                                              MD5

                                                                                                              d8e56edd91e6a8e254c9df3c3619f493

                                                                                                              SHA1

                                                                                                              e5bb299b458c95e5575da0a42ff7b49969b880b4

                                                                                                              SHA256

                                                                                                              8b598d7196aef8cb9eacf393e5b2520f5387f125552e1fefb6f373be30f64e97

                                                                                                              SHA512

                                                                                                              46d3bb6eeba235ed9e2621cf6bf89c10c78fbbee1bec31d59347532d9d242de4bb533911d0981d3c1af85a1d51226ca694ccbcef178adda1fb71e9634820027b

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

                                                                                                              Filesize

                                                                                                              56KB

                                                                                                              MD5

                                                                                                              57ae6558fd495a4c05692113c7315b1e

                                                                                                              SHA1

                                                                                                              edcf35929545ae68664779e0254b67e720e1a0b3

                                                                                                              SHA256

                                                                                                              fc01d1f63650df9b53e5ed7f8ad20f8ca46a194533f72ab431ce862d1f310b63

                                                                                                              SHA512

                                                                                                              51fe9f8eee096ecaec21a1b1ccc72ddefa178627cf8809daf12713c70edc075bd1b03f277a505b2357076a278afd11a4f853132d8fbae53361a36438fd8951f4

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

                                                                                                              Filesize

                                                                                                              31KB

                                                                                                              MD5

                                                                                                              81ac05c6d01d84d913a56c11909cdc7d

                                                                                                              SHA1

                                                                                                              55f6bd5429c5a35ed53caae2cd50d856edcb7883

                                                                                                              SHA256

                                                                                                              b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5

                                                                                                              SHA512

                                                                                                              0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

                                                                                                              Filesize

                                                                                                              46KB

                                                                                                              MD5

                                                                                                              3b40598a735a304a93194868c712d563

                                                                                                              SHA1

                                                                                                              6ccfd7117bf97966c78900872119f749873e5347

                                                                                                              SHA256

                                                                                                              e8b23f654dc1dc41d425a7ba52885933403e1ee55867aa52f18b641e93a8cdd6

                                                                                                              SHA512

                                                                                                              4e159ca9cfb5ebe7af0e847923f82d4219a467121cb51be9a0f0f6a2345067e234df5ef51206e71c80e5727333a5917e0aa1ca2fbd7ba72f280b69fdb9acb3df

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

                                                                                                              Filesize

                                                                                                              774KB

                                                                                                              MD5

                                                                                                              4e08eee044c91ace0ad7a46cd9542a0a

                                                                                                              SHA1

                                                                                                              b542dc6b9818c8c1e07563d3656389c67b3ed5f7

                                                                                                              SHA256

                                                                                                              e5602fcd6ae093bef4648c93d192f79d4d6849d783096aecfdd2f53e3ad85982

                                                                                                              SHA512

                                                                                                              72851bad9b83bfff6a47141bd5ad47bf1a2fffc7c8c62e611606b06208f5daa3c52ff49f60945ae58884e22476069b99c7a7f44f1ea8d624cf2ad4f4227d3b59

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

                                                                                                              Filesize

                                                                                                              31KB

                                                                                                              MD5

                                                                                                              aac9daa9fbd0a896f415cb631da7f954

                                                                                                              SHA1

                                                                                                              94e7321a4d9cb4f42d662f5685a36920807c8c38

                                                                                                              SHA256

                                                                                                              c9da818db49a51bb93b938ccaf2941b1b3df40f0d1a8e8710cd14284b5c01715

                                                                                                              SHA512

                                                                                                              2dae89fdacc8c85ec21603c7ebe3b4f0d8362ea3678670c079745bde82737757c110f5d66ffe53559a8331a49a809005813e12b830941f0f72707ed43ebcc4b4

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

                                                                                                              Filesize

                                                                                                              33KB

                                                                                                              MD5

                                                                                                              27a05b77e7bba6c2b279f1a67cd6acef

                                                                                                              SHA1

                                                                                                              3164de3d460475f745bba673aecd9f7d799d7509

                                                                                                              SHA256

                                                                                                              71aca97ad43f1a016bcc6a04f90587cba90db71a03358130d686acf042e00f83

                                                                                                              SHA512

                                                                                                              5cdf58d637dc70be10b36d7ca7230404ca4cd58af53028183cfc28335dd8d3ccb24f0653c0844acf67deb18f8b529dfa83ecb2af34dc1129662dbdf20c0bba06

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

                                                                                                              Filesize

                                                                                                              19KB

                                                                                                              MD5

                                                                                                              e337014ceba65092b027bdeddc48b00b

                                                                                                              SHA1

                                                                                                              98ad97b8adbb411d6d4623fab506924aa6772304

                                                                                                              SHA256

                                                                                                              c8376c9fa189541da0b65cbac556fea079eba00755803b97808f79b6d2b07c95

                                                                                                              SHA512

                                                                                                              24dc7ea8954498d7eb926f6ff07d245d82dff98ecbf77093b717351328434306d37c0a95aac208f711c8f3bb901ffa05daa974aa719518eeb14bb844df5e3d6d

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                              Filesize

                                                                                                              1KB

                                                                                                              MD5

                                                                                                              327b794556a52613b235a285a1243af7

                                                                                                              SHA1

                                                                                                              54b7efdd1f47aca7d9a407669403a490570d8461

                                                                                                              SHA256

                                                                                                              0c05b2a5f9ae7da0c53572cfc453e35b8e0fd75685e374142a1762ec991ac805

                                                                                                              SHA512

                                                                                                              ec2e67c75118f9cb17934a253a9ef9ae15b061de95cc7659e85ecaf97cf444e6f88e9c3659472e3b557ff8e5018041e7317f1f56d4f49764db574d0f53485827

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                              Filesize

                                                                                                              2KB

                                                                                                              MD5

                                                                                                              6835b803ae4329092908866d90027fff

                                                                                                              SHA1

                                                                                                              5e77947c82b4af3e2df2fc7c499de73193dff5d0

                                                                                                              SHA256

                                                                                                              221bcc7e103826587c00db03fb3e6473ad585981bf50d4df897d158dd4957057

                                                                                                              SHA512

                                                                                                              b2c1e73ecc440784e2a835a1ec66f17c1db83185958d9dc09faae132b5f126491e7d8e053cf22efd4fe00a4c1e78e5a6b1568b60b8b04e1012b1e0accbbff4c6

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                              Filesize

                                                                                                              111B

                                                                                                              MD5

                                                                                                              285252a2f6327d41eab203dc2f402c67

                                                                                                              SHA1

                                                                                                              acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                                                                                              SHA256

                                                                                                              5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                                                                                              SHA512

                                                                                                              11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                              Filesize

                                                                                                              7KB

                                                                                                              MD5

                                                                                                              e299954a57397728df53cda5f0908be2

                                                                                                              SHA1

                                                                                                              4ca53ed53cbe5fb87301212e7a00fcec878d430e

                                                                                                              SHA256

                                                                                                              2efbd7d170d61fc099222f6bd5c0570385e79b28ccc3079eb84f3c1740908f91

                                                                                                              SHA512

                                                                                                              14c5c89046edc043d0e133192629f552acc1416a93ef59daa6aec528b89020b512794fe012c9a3a8db18b0d843599f71eb524c6a5918e58025a23afd246843de

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                              Filesize

                                                                                                              7KB

                                                                                                              MD5

                                                                                                              e529cd2f416d056549ec3be2e2870ce2

                                                                                                              SHA1

                                                                                                              597ca34997b0537f0b558bffae9d5acf58249b9e

                                                                                                              SHA256

                                                                                                              f3b48ede1b51a157d8c1bf0f734571816e018399d29b1c0ab5ab9cee559f30cc

                                                                                                              SHA512

                                                                                                              bc351fd39520d8228fdaaf1244dbb7ff74a7d0f66d6943e910f527dc69acef8a624c7b77dd6c2a04e05f0fd264dd30cc170a2a3db30d6cba4a6c77b009f5bb24

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                              Filesize

                                                                                                              5KB

                                                                                                              MD5

                                                                                                              a81806e82da1a43d9f36d607b76f0684

                                                                                                              SHA1

                                                                                                              3f42980d114da9a405e0dccbb3daa1352d824b36

                                                                                                              SHA256

                                                                                                              be74e86484ff2966813974d9d4f5de0a8c88ac0413bd5098b9ec114985c0bbe6

                                                                                                              SHA512

                                                                                                              c77a1324e8c07a640182293989a03281cdc7c9d1cf64fc4e05486af89f36c50aa6aea67a2d9b7cddea11f02a325962ffc58e510b2ba598db8dda8bd9bbc721ad

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                              Filesize

                                                                                                              7KB

                                                                                                              MD5

                                                                                                              be965f7f0b2f49882700a796b8870a42

                                                                                                              SHA1

                                                                                                              6aef142409b8236602bcf20fdf85ef843963f999

                                                                                                              SHA256

                                                                                                              2613d4b5a4725eb6a991d225e841737132e150ff3802cda5403a4ed3c869d04f

                                                                                                              SHA512

                                                                                                              d95c1f5f631b405162e20ba3fc763c79863b9ca32ee166cd84b23dd40dcf76553cdb1f96c68b4942031e14d45b59236f62325b5bfd8828d9a1b8ef34392e42d5

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

                                                                                                              Filesize

                                                                                                              24KB

                                                                                                              MD5

                                                                                                              917dedf44ae3675e549e7b7ffc2c8ccd

                                                                                                              SHA1

                                                                                                              b7604eb16f0366e698943afbcf0c070d197271c0

                                                                                                              SHA256

                                                                                                              9692162e8a88be0977395cc0704fe882b9a39b78bdfc9d579a8c961e15347a37

                                                                                                              SHA512

                                                                                                              9628f7857eb88f8dceac00ffdcba2ed822fb9ebdada95e54224a0afc50bccd3e3d20c5abadbd20f61eba51dbf71c5c745b29309122d88b5cc6752a1dfc3be053

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\62b40f92-321d-4b24-9ac2-bddb88204c02\index

                                                                                                              Filesize

                                                                                                              24B

                                                                                                              MD5

                                                                                                              54cb446f628b2ea4a5bce5769910512e

                                                                                                              SHA1

                                                                                                              c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

                                                                                                              SHA256

                                                                                                              fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

                                                                                                              SHA512

                                                                                                              8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                              Filesize

                                                                                                              89B

                                                                                                              MD5

                                                                                                              2b1d82c39b390bc0f0d255e3c20d32a9

                                                                                                              SHA1

                                                                                                              f22f188789b39a7b5573d465c5c1a966520c5c28

                                                                                                              SHA256

                                                                                                              01d0e1ea79e4a9d60c8f885e2b6f89cb6ee741e931f094f674d7c0b88ea56fc6

                                                                                                              SHA512

                                                                                                              6b08ebe3672e23a3bc27fc32d86bdbf0fe2d54c54f07734b6c803afc7830a2fda6ea37632e59cf897dbc593c1bf22e7a74c3b1e6ee8b100d09208d929bc27b73

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                              Filesize

                                                                                                              146B

                                                                                                              MD5

                                                                                                              d113aabbd2a1435c2e028346c31e60e8

                                                                                                              SHA1

                                                                                                              9c54e0c9b8df984f06a2c390437614132ebf3530

                                                                                                              SHA256

                                                                                                              26b14454d4c689200f7c438874dad4d2dd6d833a0a2f4af961701050a512cc4f

                                                                                                              SHA512

                                                                                                              5bd3a73bd5fb011c6a571e938f11b33288d5eec627778c9a67aa8ac5fe9bbd870b34e817c81f2814b0de9b34f5f439c416ae3551d1e1678df63ab74dee57ce98

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                              Filesize

                                                                                                              82B

                                                                                                              MD5

                                                                                                              d3c7d3823545e36872a74da971556013

                                                                                                              SHA1

                                                                                                              342cb7f489f4632522272a96a222ff70d34e6c74

                                                                                                              SHA256

                                                                                                              50d25849f63895e0cae781da46b764ab2a25c919b9e9da02c6dc90f2c6574f4e

                                                                                                              SHA512

                                                                                                              0d083682a18d1684c8adaf8fff7a9024d6a7c03221fb677b1be06300f48cd94092d1c9fbf84ab60a90940e89562475e986bc670a5af3230d5c5bfd4b6e4528e2

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

                                                                                                              Filesize

                                                                                                              41B

                                                                                                              MD5

                                                                                                              5af87dfd673ba2115e2fcf5cfdb727ab

                                                                                                              SHA1

                                                                                                              d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                                                              SHA256

                                                                                                              f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                                                              SHA512

                                                                                                              de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                                                                                              Filesize

                                                                                                              72B

                                                                                                              MD5

                                                                                                              944d83e1148db09aa5513784bf80fffb

                                                                                                              SHA1

                                                                                                              896de5915f9beb9a77902cb01e94b358cbcd1a60

                                                                                                              SHA256

                                                                                                              bacbfab142516362e31cbdc6427414ae1dbdf389209e6d55b93283fb190e6281

                                                                                                              SHA512

                                                                                                              cb60f1fa287604a92ae9bf342f95342072316fc1d9c1207e236516055692ec89e9b9947b32cf4d7b5c30b8749a7f9d4ad5ffa2dddf30e97710dfea4fa8687e87

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58605b.TMP

                                                                                                              Filesize

                                                                                                              48B

                                                                                                              MD5

                                                                                                              0a5994c70a743cc10adca0f6b021a3c7

                                                                                                              SHA1

                                                                                                              421ae6adceb54c0b1885c4e7cf4a931b1e1cb28e

                                                                                                              SHA256

                                                                                                              8ae6b8406135aedff2e41554b7f28f8c02c10dce71856468f21506de19a8f135

                                                                                                              SHA512

                                                                                                              f0f90d5ff452179a2efcb2dd76e4a3ae16060d94a8b9aa1103510ae088490c815913d80295b3a6f3df9433dd20dced98639311501cd401981013477649aae2fe

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                              Filesize

                                                                                                              1KB

                                                                                                              MD5

                                                                                                              5bf2bbb46e116f71beaea11092169117

                                                                                                              SHA1

                                                                                                              14949e6ce8c1b54ba5e61db8aac0e28ceb4fc964

                                                                                                              SHA256

                                                                                                              d58d27893aaf7cf71eb9f48b1b386d46d6b9cb11288c2ea3bf16d3167e6f364e

                                                                                                              SHA512

                                                                                                              5793c83b350cb0716985ac50364cf11ab424d302a1a2f46b6ed9b55651c696bdc533d6452147758bc54231216cd163c6f6fb2c0d86dbad3dbff2ab99a99b2349

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                              Filesize

                                                                                                              1KB

                                                                                                              MD5

                                                                                                              efae2f3ffbc97d849dec418049f10e38

                                                                                                              SHA1

                                                                                                              430b8c0016756e798ffd0646e436a89ffd3dd139

                                                                                                              SHA256

                                                                                                              357e3d6756412b0445523d37bd814698e1ba0ea99744bd5f5bc329e3699d26c8

                                                                                                              SHA512

                                                                                                              099237d1d0e721f42945e5aed33dd90d3cf94916243b0d17b4381ba5d9d3a3458844bfa90d39aef62bc49b6c805b9b8241e4d3df12c0089000986276d5aac0cf

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                              Filesize

                                                                                                              1KB

                                                                                                              MD5

                                                                                                              9baaf0dde84a894ea82a1612f4de8ee3

                                                                                                              SHA1

                                                                                                              cbc8272f603dc3bff5977f5bbb9bf3c121767263

                                                                                                              SHA256

                                                                                                              adfa47c2ff828a2c9411cf9ed5bbfa645349c117689c7073e2966e66da0436a6

                                                                                                              SHA512

                                                                                                              12f27018fe58975a9391eec36c1f5e6549a70e7cdbedfaee9be02a8dc8376bf5baf0a0976939f0c04ed03a8360ca63dfc4ee7972407e4a808caa080795bb12c0

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                              Filesize

                                                                                                              1KB

                                                                                                              MD5

                                                                                                              bc0a2fa12f2589827d4f11733feccbba

                                                                                                              SHA1

                                                                                                              63561622ce0455825d75e86b7c39115068a0f927

                                                                                                              SHA256

                                                                                                              c61aa29a783e8196cfdf9b626c5baa0e1d4609f933bb098fc1f1903cf7a120ba

                                                                                                              SHA512

                                                                                                              a972efb91c75e6816f79b66a50e7cca126c3b956b3adddd1e10bd2fc06900bc632f9a7944bafc608086b8b38cec190abfacaa2bc888cc989a005a2febffaa29e

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                              Filesize

                                                                                                              1KB

                                                                                                              MD5

                                                                                                              329e0dd974547e485231cd38b86f60a5

                                                                                                              SHA1

                                                                                                              331e5b89140d6aedeb960520ef9bdf2219516149

                                                                                                              SHA256

                                                                                                              f7d7dbddffdcb07e32dcd016ae8cf9b0cebacf166be38cf56d4118d4660191ff

                                                                                                              SHA512

                                                                                                              1e9af79e8c8c7799b2fb9a154020a000b03840e8c6c23168c126ad37a08f3aca38fb5bf5b0c6875a078d26c59123d79ef07d6caba74c2bd80138a525dcecff36

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e659.TMP

                                                                                                              Filesize

                                                                                                              707B

                                                                                                              MD5

                                                                                                              30c219a7136e171a633ed5fae40284a3

                                                                                                              SHA1

                                                                                                              94da493fed15e78e29e0d8fa6a38e8b2c576fa35

                                                                                                              SHA256

                                                                                                              82c155c61afac8a8a0695b7c5246c964a4a00a7daddcf2c896860d0beb03b3fc

                                                                                                              SHA512

                                                                                                              b4af04398e7ae49a40fbecd5a8940cba47abe131af0d367fc0f633677f42e5cd34c654bd8312e152d5b7d4ff3c563281675cef404dff159ff9897a9489a357ca

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                              Filesize

                                                                                                              2KB

                                                                                                              MD5

                                                                                                              d094491f495b388b99bfaf7e9fa40409

                                                                                                              SHA1

                                                                                                              eb92b4af045377c02c3e6de2bb1c1be4fc41ae11

                                                                                                              SHA256

                                                                                                              955db8a8dca08f5d26304bf9138c43657c0c9fc9ab7da8db95723a79030a7215

                                                                                                              SHA512

                                                                                                              ae2933bd9ee7a7a8e1813c5f991a4466995f9ac4bff6403e3ec18816218afd17f9fccb7cba12f529528cff09a644fbda3bbac9237db0f347ac7deb4d688a7156

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                              Filesize

                                                                                                              2KB

                                                                                                              MD5

                                                                                                              b3895788796fc4bafca8416da2c60f79

                                                                                                              SHA1

                                                                                                              9ce04326ebbe65f6cd9770db179dfb38ad6cbc33

                                                                                                              SHA256

                                                                                                              7bc8c035a3fc514f3465e8f5692694852287341a147313f4f34a90fc83701efc

                                                                                                              SHA512

                                                                                                              2f10348577ff9e683e643eb44d4e385a7beaa3a6181b4c17182cde375843642693283660ba552cc16d35cb2ae8ed2bea59ffeb8955ea602157afe75ace4f062d

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                              Filesize

                                                                                                              2KB

                                                                                                              MD5

                                                                                                              2e39de51a2f6680d6ff74cfef31f6c5b

                                                                                                              SHA1

                                                                                                              73e1059a12725ab8938ed843c5030251e3990378

                                                                                                              SHA256

                                                                                                              9fa5cb5a35ea397bccbefb348c695b1803dc9a19a2c7228106431213947c0ec4

                                                                                                              SHA512

                                                                                                              73d815126bfcf88006d4a1bb73a8c1369fd1960639b6e54cb41132bb80f858b950b88310b15c3b89ceb6509a1318812eb061f490367f39c3dee8e7d820066fa7

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                              Filesize

                                                                                                              2KB

                                                                                                              MD5

                                                                                                              78d6303889b20eb64148632dffe2eeb6

                                                                                                              SHA1

                                                                                                              5a2d00c9c12841b85e42a7a79e392b72697ae226

                                                                                                              SHA256

                                                                                                              3b00fbc2f8ad173d93b9b8ed3ea8b6814522c7106512b1395b399e8ff2d3f08b

                                                                                                              SHA512

                                                                                                              bfb2c2e07074f8a985cb8c236d5593c64640c8c40e22cb7bf3bbc935e65e5b06b0dc08bbdb8bcedc4e103c4fe2a0157a8fd9114245cf60991b7a9233f6aefee7

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                              Filesize

                                                                                                              10KB

                                                                                                              MD5

                                                                                                              6b3ed6801a7ff0ca094d2c54f197930f

                                                                                                              SHA1

                                                                                                              3f24f1d916e349f685e0f7e1c3a5371291544f61

                                                                                                              SHA256

                                                                                                              7aa43095d5739916817317bb41408e19c2f437ca6ad20df5cc8b27ee9b619454

                                                                                                              SHA512

                                                                                                              432bcbecb446d7bd3f21cc546ff97aa7598532d3e55b2373426d03132d39bc6e3a07ecd7a8777f6d2fc7d3ed6ddcb06923f963cb87635317d0200b4ea4341dab

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\dfbd8ddc-bacd-405e-aa93-7aeffae9f5c5.tmp

                                                                                                              Filesize

                                                                                                              2KB

                                                                                                              MD5

                                                                                                              7132782859ff661eccd18c55cc5a75cf

                                                                                                              SHA1

                                                                                                              f596302e1a7e7d90efa2773bc558ed484331bcb7

                                                                                                              SHA256

                                                                                                              bc4d22c7af9ff60fb7c336045d52156263189ff3693ded0e67515621980a6c5b

                                                                                                              SHA512

                                                                                                              189dfd538d4d1eb192846f4132b133138e4dbc2f5c1a346192555a4fae4ea232632e73f35d70f41ea6cf8e0971ac936627625355574560f9d32a691174e24871

                                                                                                            • C:\Users\Admin\AppData\Local\Temp\tmpaddon

                                                                                                              Filesize

                                                                                                              442KB

                                                                                                              MD5

                                                                                                              85430baed3398695717b0263807cf97c

                                                                                                              SHA1

                                                                                                              fffbee923cea216f50fce5d54219a188a5100f41

                                                                                                              SHA256

                                                                                                              a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

                                                                                                              SHA512

                                                                                                              06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

                                                                                                            • C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

                                                                                                              Filesize

                                                                                                              8.0MB

                                                                                                              MD5

                                                                                                              a01c5ecd6108350ae23d2cddf0e77c17

                                                                                                              SHA1

                                                                                                              c6ac28a2cd979f1f9a75d56271821d5ff665e2b6

                                                                                                              SHA256

                                                                                                              345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42

                                                                                                              SHA512

                                                                                                              b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

                                                                                                            • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eg7x8yxg.default-release\datareporting\glean\db\data.safe.bin

                                                                                                              Filesize

                                                                                                              9KB

                                                                                                              MD5

                                                                                                              dc3b6c54e19c56c522821cb864528497

                                                                                                              SHA1

                                                                                                              0c43da2a530c6934a87621df086763f7b236518e

                                                                                                              SHA256

                                                                                                              281a4514d5dc82dc03a6660bd523583704bd4f7bcd013281314f5491e09e1ee7

                                                                                                              SHA512

                                                                                                              8ce225424681b59feb67cf1bdebe1e8ff32a641e1247dbf30f2ad2c3586109abb336a9ddfda6b7de0c71ecc7811a29454f51cddf79cc6a884aa0a36cdceb3beb

                                                                                                            • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eg7x8yxg.default-release\datareporting\glean\pending_pings\ac25980f-4a29-41c9-97bc-b9e101211f5f

                                                                                                              Filesize

                                                                                                              734B

                                                                                                              MD5

                                                                                                              7f97d3663a02b2afdd5b92f101b7ec4a

                                                                                                              SHA1

                                                                                                              3454a435d905f5b8afb7946428938811555416fa

                                                                                                              SHA256

                                                                                                              1493d0a5bc5590bfffba068db8c2e6c17d683aabc3c9def0c79f6f819c0419a3

                                                                                                              SHA512

                                                                                                              c4b7b539240cf9491d096a3dce36bb547fcff82283b4642231b7f6fe9eaf86f89c070a06283fd0d926b1dbc199ab242c8cd417f43920cb01e3c9bf126a34c023

                                                                                                            • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eg7x8yxg.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

                                                                                                              Filesize

                                                                                                              997KB

                                                                                                              MD5

                                                                                                              fe3355639648c417e8307c6d051e3e37

                                                                                                              SHA1

                                                                                                              f54602d4b4778da21bc97c7238fc66aa68c8ee34

                                                                                                              SHA256

                                                                                                              1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

                                                                                                              SHA512

                                                                                                              8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

                                                                                                            • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eg7x8yxg.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

                                                                                                              Filesize

                                                                                                              116B

                                                                                                              MD5

                                                                                                              3d33cdc0b3d281e67dd52e14435dd04f

                                                                                                              SHA1

                                                                                                              4db88689282fd4f9e9e6ab95fcbb23df6e6485db

                                                                                                              SHA256

                                                                                                              f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

                                                                                                              SHA512

                                                                                                              a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

                                                                                                            • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eg7x8yxg.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

                                                                                                              Filesize

                                                                                                              479B

                                                                                                              MD5

                                                                                                              49ddb419d96dceb9069018535fb2e2fc

                                                                                                              SHA1

                                                                                                              62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

                                                                                                              SHA256

                                                                                                              2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

                                                                                                              SHA512

                                                                                                              48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

                                                                                                            • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eg7x8yxg.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

                                                                                                              Filesize

                                                                                                              372B

                                                                                                              MD5

                                                                                                              8be33af717bb1b67fbd61c3f4b807e9e

                                                                                                              SHA1

                                                                                                              7cf17656d174d951957ff36810e874a134dd49e0

                                                                                                              SHA256

                                                                                                              e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

                                                                                                              SHA512

                                                                                                              6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

                                                                                                            • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eg7x8yxg.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

                                                                                                              Filesize

                                                                                                              11.8MB

                                                                                                              MD5

                                                                                                              33bf7b0439480effb9fb212efce87b13

                                                                                                              SHA1

                                                                                                              cee50f2745edc6dc291887b6075ca64d716f495a

                                                                                                              SHA256

                                                                                                              8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e

                                                                                                              SHA512

                                                                                                              d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

                                                                                                            • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eg7x8yxg.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

                                                                                                              Filesize

                                                                                                              1KB

                                                                                                              MD5

                                                                                                              688bed3676d2104e7f17ae1cd2c59404

                                                                                                              SHA1

                                                                                                              952b2cdf783ac72fcb98338723e9afd38d47ad8e

                                                                                                              SHA256

                                                                                                              33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

                                                                                                              SHA512

                                                                                                              7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

                                                                                                            • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eg7x8yxg.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

                                                                                                              Filesize

                                                                                                              1KB

                                                                                                              MD5

                                                                                                              937326fead5fd401f6cca9118bd9ade9

                                                                                                              SHA1

                                                                                                              4526a57d4ae14ed29b37632c72aef3c408189d91

                                                                                                              SHA256

                                                                                                              68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

                                                                                                              SHA512

                                                                                                              b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

                                                                                                            • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eg7x8yxg.default-release\prefs-1.js

                                                                                                              Filesize

                                                                                                              6KB

                                                                                                              MD5

                                                                                                              ef035d5ee448c26bf0334bbefa7a2600

                                                                                                              SHA1

                                                                                                              5b225369f0aa96f0a4cf39a7b0e0fbcde786704f

                                                                                                              SHA256

                                                                                                              8330722bb6f7924e41606402465916feea2cc49eacda20af0c459115fbf1f2a3

                                                                                                              SHA512

                                                                                                              c9e49f66d3990ee79d7c34f6b6e4869c1d2932a453820f2e86dee57f0b735d7c5e65f2a857bb84347a843f451c7b11c935f0cd22001653b5fdfb606c337dc03e

                                                                                                            • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eg7x8yxg.default-release\prefs-1.js

                                                                                                              Filesize

                                                                                                              7KB

                                                                                                              MD5

                                                                                                              467ea381619b5b18db96ec0613de970b

                                                                                                              SHA1

                                                                                                              ff33c3e614163a03466c9a9cd9721ddeb9ae0cf0

                                                                                                              SHA256

                                                                                                              0005c50b9c2a4e2e6503fbeb799db74ec1ab62cbf476e7b9cbe28ff03e82ed2b

                                                                                                              SHA512

                                                                                                              37b8133bda8350ab839ee70696d97a98408f9b5e586da9adc51b591fb33a478807316cca566b00ac7ffa48f97eeb318a625f542d3b41afcbb9e30aae219f7494

                                                                                                            • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eg7x8yxg.default-release\sessionstore-backups\recovery.jsonlz4

                                                                                                              Filesize

                                                                                                              7KB

                                                                                                              MD5

                                                                                                              43d55812f70fd7d143d5ee8ed7d6b265

                                                                                                              SHA1

                                                                                                              ecc5cdaaba62801bea2a3d494470b8c724aaf5fd

                                                                                                              SHA256

                                                                                                              1bf7d184b04adf38c71981b2dd88ad850729ac0ec54ef79df8a4f8477107ad6e

                                                                                                              SHA512

                                                                                                              d50bfa010b23428fc5d0b9874e78bbf8ca64ec11aa5586e63aab88961a6222ca2475c5ba7207f51998bf8776a8c3ac045ac7cf3b636495ebdfe4632af107b4ee

                                                                                                            • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eg7x8yxg.default-release\sessionstore-backups\recovery.jsonlz4

                                                                                                              Filesize

                                                                                                              987B

                                                                                                              MD5

                                                                                                              f6f17ea47d7b5a6bde61a237a107f649

                                                                                                              SHA1

                                                                                                              fd8cfdd4eac3a1e85929722c8371082e275f88ef

                                                                                                              SHA256

                                                                                                              c3910030e9b6e5170235c5dd90ae9191cf2883b4ee74db5ddb3f13e7369aab4d

                                                                                                              SHA512

                                                                                                              81086bb9232f2b178d6be16cb738c09df694b0966c76180f826cd75de8147c5664dae22cac1781d68f6ca2639c76ad8e40b96849cb313536da57a5806770834c

                                                                                                            • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\eg7x8yxg.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

                                                                                                              Filesize

                                                                                                              184KB

                                                                                                              MD5

                                                                                                              a3051446bf5f67d6ac928c1cd60280e8

                                                                                                              SHA1

                                                                                                              54f270c77a8f0be9744c524f9e98946e1dd0a075

                                                                                                              SHA256

                                                                                                              e23eb19b47097272bcd797d203327bcda62c3899a9f721095a6f01e77424c5e7

                                                                                                              SHA512

                                                                                                              c1d641a8ad94c23129750c1b7ca7a972f7964014f381ee69c449dde069c9c34c9a2852e744fe26b49fec303a576ea3b4ed0620431343df8d9b0e243122acbf92

                                                                                                            • \??\pipe\LOCAL\crashpad_1464_RMIMSTTRPQYRSNYQ

                                                                                                              MD5

                                                                                                              d41d8cd98f00b204e9800998ecf8427e

                                                                                                              SHA1

                                                                                                              da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                                                              SHA256

                                                                                                              e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                                                              SHA512

                                                                                                              cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e