Analysis Overview
SHA256
e3ba572e7264fb83d87f0f0169da38d5d774f56562f13337e1ce164286fc0052
Threat Level: Known bad
The file e3ba572e7264fb83d87f0f0169da38d5d774f56562f13337e1ce164286fc0052 was found to be: Known bad.
Malicious Activity Summary
Detected google phishing page
Checks computer location settings
AutoIT Executable
Drops file in Windows directory
Unsigned PE
Enumerates physical storage devices
Enumerates system info in registry
Modifies Internet Explorer settings
Suspicious use of SetWindowsHookEx
Checks processor information in registry
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: MapViewOfSection
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: EnumeratesProcesses
Uses Task Scheduler COM API
Modifies registry class
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Modifies data under HKEY_USERS
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-02-12 05:07
Signatures
AutoIT Executable
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-12 05:07
Reported
2024-02-12 05:12
Platform
win7-20231215-en
Max time kernel
51s
Max time network
293s
Command Line
Signatures
Detected google phishing page
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff5600000000000000dc04000065020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 0083987f715dda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{A8ECDD01-C964-11EE-9673-F6BE0C79E4FA} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000429d3af34477a14f8b2dd7691733418900000000020000000000106600000001000020000000e3c665f02fd0660458d5ebdf85349c7ef585d17b95c7898f7499527e5f6da23c000000000e80000000020000200000008344d20eee18180f7a056884a877bc35f392576aff29baecf1cff620e7432fed2000000052dba01d5f5a7f286bbf66ecd02f2bcd5dd4682b16f0bd8daf2f4649ace6f75f4000000060a96dd2d570095f87558430b5015c24f49e2e88490e4df288b9d641ed5ca6451841a3ae64477dd8a24db7a1c785f4272036f2cd8b8a6febcf3388ce3fd19183 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\e3ba572e7264fb83d87f0f0169da38d5d774f56562f13337e1ce164286fc0052.exe
"C:\Users\Admin\AppData\Local\Temp\e3ba572e7264fb83d87f0f0169da38d5d774f56562f13337e1ce164286fc0052.exe"
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://www.linkedin.com/login
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/video
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3060 CREDAT:275457 /prefetch:2
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2976 CREDAT:275457 /prefetch:2
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2784 CREDAT:275457 /prefetch:2
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2672 CREDAT:275457 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6489758,0x7fef6489768,0x7fef6489778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6489758,0x7fef6489768,0x7fef6489778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6489758,0x7fef6489768,0x7fef6489778
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2140.0.925624470\174144147" -parentBuildID 20221007134813 -prefsHandle 1192 -prefMapHandle 1172 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {dd29bacb-8dae-4482-9cee-f6673660cd8d} 2140 "\\.\pipe\gecko-crash-server-pipe.2140" 1364 101df558 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2140.1.584865648\1603836874" -parentBuildID 20221007134813 -prefsHandle 1564 -prefMapHandle 1560 -prefsLen 21610 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7130b056-47ba-4ea4-9aae-ecee5a4e3b2e} 2140 "\\.\pipe\gecko-crash-server-pipe.2140" 1576 d70958 socket
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1140 --field-trial-handle=1268,i,352663624165767799,5099845462118338722,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1600 --field-trial-handle=1268,i,352663624165767799,5099845462118338722,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1476 --field-trial-handle=1268,i,352663624165767799,5099845462118338722,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1416 --field-trial-handle=1316,i,10069540174170939077,15938842520733656013,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2612 --field-trial-handle=1268,i,352663624165767799,5099845462118338722,131072 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2140.2.1230557993\1165147641" -childID 1 -isForBrowser -prefsHandle 1296 -prefMapHandle 1928 -prefsLen 21648 -prefMapSize 233444 -jsInitHandle 564 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {932e1aae-03f9-41f2-bbf8-b1dadf7a7f46} 2140 "\\.\pipe\gecko-crash-server-pipe.2140" 1972 19792058 tab
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2576 --field-trial-handle=1268,i,352663624165767799,5099845462118338722,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2304 --field-trial-handle=1268,i,352663624165767799,5099845462118338722,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2260 --field-trial-handle=1268,i,352663624165767799,5099845462118338722,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1332 --field-trial-handle=1420,i,10001711411355604257,8981308083112222105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1168 --field-trial-handle=1420,i,10001711411355604257,8981308083112222105,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1172 --field-trial-handle=1316,i,10069540174170939077,15938842520733656013,131072 /prefetch:2
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2140.3.1797584911\63926485" -childID 2 -isForBrowser -prefsHandle 2700 -prefMapHandle 2696 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 564 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9ff2b120-83de-4a7a-8279-67cf1b0e5ca9} 2140 "\\.\pipe\gecko-crash-server-pipe.2140" 2712 d61858 tab
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1708 --field-trial-handle=1268,i,352663624165767799,5099845462118338722,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=1320 --field-trial-handle=1268,i,352663624165767799,5099845462118338722,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3488 --field-trial-handle=1268,i,352663624165767799,5099845462118338722,131072 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2140.4.1118133743\245727377" -childID 3 -isForBrowser -prefsHandle 3732 -prefMapHandle 3736 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 564 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0d6c5e8f-fc4b-4e68-a77a-a915383a5fd0} 2140 "\\.\pipe\gecko-crash-server-pipe.2140" 3804 1f96dd58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2140.5.939175952\1819772293" -childID 4 -isForBrowser -prefsHandle 3928 -prefMapHandle 3932 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 564 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {163981ed-b0a0-4db5-8a1d-dcd20e1f7608} 2140 "\\.\pipe\gecko-crash-server-pipe.2140" 3916 1f96da58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2140.6.1156324053\1168778253" -childID 5 -isForBrowser -prefsHandle 4100 -prefMapHandle 4104 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 564 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5d74c2a5-355a-4fe4-9b45-2ad26b29bd8f} 2140 "\\.\pipe\gecko-crash-server-pipe.2140" 4084 1f96ec58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2140.7.1748979348\1723417666" -childID 6 -isForBrowser -prefsHandle 4104 -prefMapHandle 4200 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 564 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {31d53cbc-a656-4d31-84a6-533f3adbf5d4} 2140 "\\.\pipe\gecko-crash-server-pipe.2140" 4000 20437558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2140.8.1583759544\655664563" -childID 7 -isForBrowser -prefsHandle 3932 -prefMapHandle 3928 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 564 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e4cd7305-fa76-4868-9091-2f7142fd0b52} 2140 "\\.\pipe\gecko-crash-server-pipe.2140" 4128 2043a258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2140.9.918579046\693331333" -childID 8 -isForBrowser -prefsHandle 4508 -prefMapHandle 4512 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 564 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {faa9d953-fb9b-414f-ad47-40dfeb63ed1d} 2140 "\\.\pipe\gecko-crash-server-pipe.2140" 4496 2043a858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2140.10.624099217\263487275" -parentBuildID 20221007134813 -prefsHandle 4916 -prefMapHandle 4920 -prefsLen 26251 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3cb24805-8cc8-4fd3-8110-3970e244ed05} 2140 "\\.\pipe\gecko-crash-server-pipe.2140" 4908 1b49c858 rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2140.11.749201413\2006213490" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 5044 -prefMapHandle 5048 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1282cfbf-2b5a-42b4-9da0-3bcdd2ed9a2f} 2140 "\\.\pipe\gecko-crash-server-pipe.2140" 5024 2019c958 utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2140.12.2038250356\879197118" -childID 9 -isForBrowser -prefsHandle 2736 -prefMapHandle 2732 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 564 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3fbb89c3-8203-48c8-b270-91a86d506d09} 2140 "\\.\pipe\gecko-crash-server-pipe.2140" 2740 1a909e58 tab
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4348 --field-trial-handle=1268,i,352663624165767799,5099845462118338722,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4524 --field-trial-handle=1268,i,352663624165767799,5099845462118338722,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4176 --field-trial-handle=1268,i,352663624165767799,5099845462118338722,131072 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.linkedin.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 13.107.42.14:443 | www.linkedin.com | tcp |
| US | 13.107.42.14:443 | www.linkedin.com | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | static.licdn.com | udp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | m.facebook.com | udp |
| GB | 163.70.147.35:443 | m.facebook.com | tcp |
| GB | 163.70.147.35:443 | m.facebook.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | facebook.com | udp |
| GB | 163.70.147.35:443 | facebook.com | tcp |
| GB | 163.70.147.35:443 | facebook.com | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | fbcdn.net | udp |
| GB | 163.70.147.35:443 | fbcdn.net | tcp |
| GB | 163.70.147.35:443 | fbcdn.net | tcp |
| US | 8.8.8.8:53 | fbsbx.com | udp |
| GB | 163.70.147.35:443 | fbsbx.com | tcp |
| GB | 163.70.147.35:443 | fbsbx.com | tcp |
| GB | 163.70.147.35:443 | fbsbx.com | tcp |
| GB | 163.70.147.35:443 | fbsbx.com | tcp |
| GB | 163.70.147.35:443 | fbsbx.com | tcp |
| GB | 163.70.147.35:443 | fbsbx.com | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | accounts.youtube.com | udp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| US | 8.8.8.8:53 | platform.linkedin.com | udp |
| GB | 88.221.134.88:443 | platform.linkedin.com | tcp |
| GB | 88.221.134.88:443 | platform.linkedin.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| GB | 142.250.200.14:443 | youtube-ui.l.google.com | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 52.10.159.154:443 | shavar.prod.mozaws.net | tcp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| GB | 142.250.200.14:443 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| GB | 216.58.212.246:443 | i.ytimg.com | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | udp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | udp |
| GB | 172.217.16.238:443 | youtube-ui.l.google.com | tcp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| GB | 172.217.16.238:443 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 142.250.200.14:443 | youtube-ui.l.google.com | udp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | rr4---sn-q4fzen7l.googlevideo.com | udp |
| US | 173.194.140.9:443 | rr4---sn-q4fzen7l.googlevideo.com | tcp |
| US | 173.194.140.9:443 | rr4---sn-q4fzen7l.googlevideo.com | tcp |
| US | 8.8.8.8:53 | rr4.sn-q4fzen7l.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr4.sn-q4fzen7l.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr4---sn-q4fzen7l.googlevideo.com | udp |
| US | 173.194.140.9:443 | rr4---sn-q4fzen7l.googlevideo.com | tcp |
| US | 173.194.140.9:443 | rr4---sn-q4fzen7l.googlevideo.com | tcp |
| US | 8.8.8.8:53 | rr4---sn-q4fzen7l.googlevideo.com | udp |
| US | 8.8.8.8:53 | scontent-lhr6-1.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | rr4---sn-q4fzen7l.googlevideo.com | udp |
| US | 173.194.140.9:443 | rr4---sn-q4fzen7l.googlevideo.com | tcp |
| US | 173.194.140.9:443 | rr4---sn-q4fzen7l.googlevideo.com | tcp |
| US | 8.8.8.8:53 | scontent-lhr6-1.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent-lhr6-1.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent-lhr6-1.xx.fbcdn.net | udp |
| N/A | 127.0.0.1:50123 | tcp | |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent-lhr8-1.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent-lhr8-1.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent-lhr8-1.xx.fbcdn.net | udp |
| GB | 157.240.221.16:443 | scontent-lhr8-1.xx.fbcdn.net | tcp |
| GB | 157.240.221.16:443 | scontent-lhr8-1.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | scontent-lhr8-2.xx.fbcdn.net | udp |
| GB | 157.240.214.11:443 | scontent-lhr8-2.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent-lhr8-2.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent-lhr8-2.xx.fbcdn.net | udp |
| GB | 157.240.214.11:443 | scontent-lhr8-2.xx.fbcdn.net | tcp |
| GB | 157.240.214.11:443 | scontent-lhr8-2.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | accounts.youtube.com | udp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| GB | 157.240.214.11:443 | scontent-lhr8-2.xx.fbcdn.net | tcp |
| GB | 157.240.221.16:443 | scontent-lhr8-1.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | udp |
| GB | 157.240.221.16:443 | scontent-lhr8-1.xx.fbcdn.net | udp |
| GB | 157.240.214.11:443 | scontent-lhr8-2.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| N/A | 127.0.0.1:50156 | tcp | |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| GB | 88.221.134.209:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 216.58.212.238:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 216.58.212.238:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r1---sn-4g5e6nzl.gvt1.com | udp |
| US | 8.8.8.8:53 | r1.sn-4g5e6nzl.gvt1.com | udp |
| DE | 74.125.11.102:443 | r1.sn-4g5e6nzl.gvt1.com | tcp |
| US | 8.8.8.8:53 | r1.sn-4g5e6nzl.gvt1.com | udp |
| DE | 74.125.11.102:443 | r1.sn-4g5e6nzl.gvt1.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.187.238:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| DE | 172.217.16.131:443 | beacons.gcp.gvt2.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| DE | 172.217.16.131:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.200.14:443 | www.youtube.com | udp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.200.14:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | beacons4.gvt2.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| DE | 172.217.16.131:443 | beacons.gcp.gvt2.com | udp |
| DE | 172.217.16.131:443 | beacons.gcp.gvt2.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | beacons3.gvt2.com | udp |
Files
memory/2872-0-0x00000000007C0000-0x00000000007C1000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A8F19FC1-C964-11EE-9673-F6BE0C79E4FA}.dat
| MD5 | 5691a7d66bff2377450b01b8f4e569b0 |
| SHA1 | 90cd5a1c85bdbcf10ffd4cfa05eae301f3049f60 |
| SHA256 | c5200d89f621139024be91ee972f47303b1ba8db7513aa2e25ac40f77c2eb8e2 |
| SHA512 | e927facfcbd15655c65b7be5d7793da1de6e2686e33efcba51452ef3d7db687d55b3254c2f333cacf7266db061f2b6bc3fffe301556ad98626283f04d06e6713 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A8EA7BA1-C964-11EE-9673-F6BE0C79E4FA}.dat
| MD5 | af9bbcbf0013a02d9aefb502b915915f |
| SHA1 | 5d2a287a935f48527df146e689f4f57ee678f44f |
| SHA256 | 28ef8dab01b70b56fd98373badbd72d2e29ab27b6262718eafc71e8e6660eafb |
| SHA512 | 154264b7b404c5a161eaff7d3122f482db69c7e71add56d64357fe532a3f3aac6464fee43c274795fece3ce9bea0e07e414c0fb7ebf888e211136d0568232441 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A8F19FC1-C964-11EE-9673-F6BE0C79E4FA}.dat
| MD5 | 196ac46e681531312e4fdfad4f178a5f |
| SHA1 | 181c490aa16571eecaa64ab4c17144aeb4a5ba80 |
| SHA256 | 22779c6c7c3b074aa2a638b4d4092a122bac8764c8967b5253ad5e301d178309 |
| SHA512 | 4befa6d8445d6e0b81f4457e860abd08fa32a13898c2da65c120780ebd8525cc42b3beecd56a8976667fad800b5c880905b40d6317d67277497b034ffd82f552 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A8ED0411-C964-11EE-9673-F6BE0C79E4FA}.dat
| MD5 | 6409738492a2e7242dcc1accb3ca75ac |
| SHA1 | 673a3ae73af0b830ddc7d0f193c2cc37bb6d71b8 |
| SHA256 | 017f6531f5b5ee193815c4851a353733fc2c1f334be7731121e410c12cfb7090 |
| SHA512 | a9987998ab69b98d067887297b8202b4e42880d9546b2c9ba90f9cfb4b8c394dbc997e6ef908e7fd831cb5524cc77324c2ac4810ec82d38e2bfa164235796400 |
C:\Users\Admin\AppData\Local\Temp\Cab4BCF.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\Local\Temp\Tar4C6C.tmp
| MD5 | 9c0c641c06238516f27941aa1166d427 |
| SHA1 | 64cd549fb8cf014fcd9312aa7a5b023847b6c977 |
| SHA256 | 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f |
| SHA512 | 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | f6d38556e96bdb48719f20d3648283c0 |
| SHA1 | 669b2a387561e11322bfb9a3824671860512ab40 |
| SHA256 | 45a081b2a78d7804f147e4e9e7f362737d40bda2f17f8119dc4fc5645cd0e609 |
| SHA512 | 6103203deb0ddf8307bf1ba06a81f200babcc73b228168b1a3c3309d4b01680c51c627921db0b43b8025ec4b91489a7a8574cccf786299850c387dba0e7f8190 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 1c99b3fbfa1e6ada299713af3f19d90a |
| SHA1 | d44121a1ca0f2a05ab8b9bfdcfe984afc0714c5a |
| SHA256 | 835f5b827b8a578c461f48cc434284ec2a21a4eb59111192a086b1e520befe7c |
| SHA512 | 66507880380256abc6b46cb1417fc3df7937ee3daeed4e3b40376944c2b0b20bb38912d20e16296067b5a4623842bae13b1fcf0074f4c303607b881c3ee7122f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | dd5e8d8d5e4e6024a5d8dd8313039644 |
| SHA1 | 63fdd921dfad38d73983e8b7b34f730b1fa33500 |
| SHA256 | 95de51092c7a9fad6b56481b39a0625617230698a94679c4ff70e2aaf1e87189 |
| SHA512 | 16f934dc2e1487e20ae7ece5ff36295e6bc01cdebc901f31111c5b93b2675969aa4e21f9186d390fe727193c967d93ec6b2530e6a5bb9e6eda11bde20fbc1a7e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1d3cb69445d56fb2bd2fa7e295ff7684 |
| SHA1 | e63e981cf3704fbe6b252dbcb0831745cb5f92c3 |
| SHA256 | ec61395f746f2cdcc53215ef7773aac00d385e68d4faca6410ca845e160fa7cf |
| SHA512 | 096f8912978ce5d78ad6ec57205c27e9aa471b8fad8a4a34d16be680cec134840fa207d13736ff492d52fc45862bab7f390eb53d11955bfcb478167a33c25a1c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | 07d36278e58bbcb327de76964ae5e7fb |
| SHA1 | 98add8bc125da7b178b3f5db3dd82ababe165948 |
| SHA256 | 54e6e40b92e43ac9b245bef2899f913dfab0d4fffdbf2e0e74ebe7780548033c |
| SHA512 | eb4b84aa95bf83a2e1a6867b4f5c775ef5108234511e752062f2a29974388f9150bcde4ad37fa8fc01d6355c64e8845f48aaa9ed76e874c59786fc5ce9295e8b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e8db4b7613058cf966c8892274529d4b |
| SHA1 | f1215608aa32f24dc4c53e2d65396b3c3ded1af0 |
| SHA256 | 461a07094f255b8df887763a733db18e116123fee14f3687e76e54f1e5aa83b9 |
| SHA512 | 5392f1a4c964cb511ff2bcecfc9ac992fbb26da25072f53fecb9bb0b3b904e84bce857ad4ef9fd5943022716b8099c7baa1fb5c36c10b6e75de1325a751e8826 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4eec9a2f2c011cf285215bc22b6b1eab |
| SHA1 | b1d1f8d306f0bf2c6125f107cbcb6717958c6f30 |
| SHA256 | 835d3540ca4bd35821ae79b61d6b36c40e9688e604d4506da08a6d6a21a0e7ac |
| SHA512 | 6045f4e1b523a29deb31807cf47a2411dbaf5587a3e60fa26e98135507d84c57fbdf8fd7f1cfda7519fe3d539089112a0e4713f651084ed408368b9dfd2e3d7e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4
| MD5 | 7deef5b7ffcbfa20a0467ae75e5d116b |
| SHA1 | 02c8688f2e2520897d02d0b3305c2d8c05c954b5 |
| SHA256 | 05273955b75f660f7c1d3e4771d8bf225ab72b80dae864ff905640dfb1a52d3e |
| SHA512 | fe7f9fd07ae24a980037ab93f05cd61e832e64ccdc2b646430acc706373e892dae57c13ef6a3626bdb12e58aa1c4bc48c0407f2e263f57f9d37946fadfd58d90 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4
| MD5 | eeee75adfbfd249f6a89781eacaef063 |
| SHA1 | f6fa5656b2695ffcb262b66ba12190d919f6e7a6 |
| SHA256 | cee2ea5a6e144ed6a8306f26a1feb94b77e3b3d4be1dc6d71ed3833d504bdde4 |
| SHA512 | 78afc1aafa191a3c94ed33561c093d2a8ce081bb51ce5cd757a040bd3acb549ede3557f8a3b7bd7c85bda1d3a44a2ef23a3fe6ff39765b955be6d90876224b01 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2tj7qpw\imagestore.dat
| MD5 | 0ec7331958bdce60dcff0a5640fec6a2 |
| SHA1 | 591c0aee8288911080e5d8d52fb1222eeafe33a3 |
| SHA256 | 991e3d8a6d0c3e40964483c0bf3fb92d3220026edc7c155aa58c352c6de8e372 |
| SHA512 | e496e06eb994d503d6c4dc9c49f0dce5aa8b9283785c7b84dc71f8e93b49f064252b0beec8685970f665793266d1bb22cb2fe35311c1acab149c5c31ab6ef90b |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LAJVCBJI\favicon[2].ico
| MD5 | f2a495d85735b9a0ac65deb19c129985 |
| SHA1 | f2e22853e5da3e1017d5e1e319eeefe4f622e8c8 |
| SHA256 | 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d |
| SHA512 | 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LAJVCBJI\3m4lyvbs6efg8pyhv7kupo6dh[1].ico
| MD5 | 3d0e5c05903cec0bc8e3fe0cda552745 |
| SHA1 | 1b513503c65572f0787a14cc71018bd34f11b661 |
| SHA256 | 42a498dc5f62d81801f8e753fc9a50af5bc1aabda8ab8b2960dce48211d7c023 |
| SHA512 | 3d95663ac130116961f53cdca380ffc34e4814c52f801df59629ec999db79661b1d1f8b2e35d90f1a5f68ce22cc07e03f8069bd6e593c7614f7a8b0b0c09fa9e |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2tj7qpw\imagestore.dat
| MD5 | 93f1a3e08a37a5cce0aff632d3dec4eb |
| SHA1 | d364e71da9723d6e8e46daaca6bade6c8a6ab416 |
| SHA256 | b452724dd2a271543e4ec997aaa66e7f1eb1ac92db9f9db3f77ad163910926de |
| SHA512 | cb1fe722a8593e03c98b85a8db1407bdb715221178751659697aee477a887c15da4ddd10c99271e4df7135c3bd2ba36628da6326e4f3d2ec2db9bc8a30e1c1cb |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\D55AOHQW\accounts.google[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\WKSYHX82.txt
| MD5 | b42170412479e9a3bfe85e42b5877dbc |
| SHA1 | 9d8c63aae151be63eafd9690c3bc8ab49f2730ef |
| SHA256 | 73d4d39551073859e156cd2f4f958c69ac3ef61d53748588933cbeef6f136465 |
| SHA512 | 641c36aa52fff14b87295dfab37837988485688430b7ae547d9fdf865610eecff64671c098f9beb23814bb986240a17974b3b53695e894e90011278a417b180d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752
| MD5 | bed26a7cccdb93460883bab3128b12bd |
| SHA1 | 2cf245777d2195cbc043b2b97e6133599abe3d57 |
| SHA256 | ba0f4e704d9c0c62282308afde7a4f2fdefbac676b2383a781c9a75e7909398e |
| SHA512 | deb8d9aa4f21430d69f88d6d04ffc7c95b0eb657ba9c263926cb7c14803445253e90ccc56b0b299f3f930f7b1db3535a38ea840378e3e2caddb04d0269b95cfc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752
| MD5 | 4fa28049fbb26dd67c13bab9b99f6cfd |
| SHA1 | a59e958ab646941c9ffdb63ff749fec56c3d23d1 |
| SHA256 | de11a0ae691bf3f773db3ce967521e3ddd013fda468b29372778a8573c2ce51b |
| SHA512 | b1e9b361491e47aff922f8b4b4e543895b262461aaa76f33172b2e5f07f9567900b54044443d559f5f20eca7bede1e131aba419872293e14b96192f556ac0cf9 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U9VC31Q9\favicon[1].ico
| MD5 | f3418a443e7d841097c714d69ec4bcb8 |
| SHA1 | 49263695f6b0cdd72f45cf1b775e660fdc36c606 |
| SHA256 | 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770 |
| SHA512 | 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2tj7qpw\imagestore.dat
| MD5 | 4469821559f99e9dcf07db634b7b2b49 |
| SHA1 | 6d34266e753ed5970780026a59276690bef934dc |
| SHA256 | 1c7cc02846660c1e7a6c2be242c9dadecda1b210fc83d6bbba1b27956bd12dae |
| SHA512 | c12e50d3832265fba3870347d116e98b79ef81eb279c7c5b4de5c88be65e518aab2f5dc0052c011828cfff20d4035f78b7a41121e91145467c6fbf21a9d99e84 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LAJVCBJI\4Kv5U5b1o3f[1].png
| MD5 | a81a5e7f71ae4153e6f888f1c92e5e11 |
| SHA1 | 39c3945c30abff65b372a7d8c691178ae9d9eee0 |
| SHA256 | 2bc7a47889c56ad49f1b8b97385d5a4d212e79bb8a9b30df0665a165f58b273e |
| SHA512 | 1df32349b33f6a6fcb1f8b6093abd737fa0638cdd6e3fd90a7e1852bd0e40bc2633cb4e13c4824fb948d1e012e5cb9eed0b038b121404865495d4e57e123db69 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2tj7qpw\imagestore.dat
| MD5 | d847cce0b996daff02c3382760de6a89 |
| SHA1 | c2dc777adedac75dc516938e59db1c2b2d832c7e |
| SHA256 | b7023571f3fef409d233a9576e730dc5d0e80441ac54c64f09e20d9610143043 |
| SHA512 | e03284a9ea67fc56425e6e6d0ccfa5c63e083fcd9d8f24ddc2a260e2cb6469c7a051fbd28a7ef0010dee41737faa90ff85928d38544abfa1fcc943325e5e8fb7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | aab20d6df1161d3eae72b7c814f521af |
| SHA1 | 484b8eb2571b5781c9851228dd6762813b73e320 |
| SHA256 | 0025911ea9c60de7c50f51d45f85c7887504c7f5a4992df09ab0e39fe1a3d039 |
| SHA512 | 6951edb635b0d813eb7507224948d3ed165fcfe68aac92a4e34aaab902c53f6d6832c98d6015fed446f120b2303845f8e0dc4a2d6fd01b406dae6d6552158ffd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c9ffffdb67fd0201894d7990b2843550 |
| SHA1 | db992b7b906b304489e6927740cb482534b54b95 |
| SHA256 | 6b1d4340cde50bf9aa082599016f112cb419d2653569af17391a403bb2bda117 |
| SHA512 | 494efb43af39c4add79ac5d9b17b9b2077a7ed2fe067a808e80e4a11d2a63cf8887a32d2cf01c6af98d325dae823283f000c158c60eb099163a204b8476115ac |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7efce6f92e73bc5c4a26d0379fa9c65a |
| SHA1 | f0c07ec218440e0635f062154da2e2f8239df3ff |
| SHA256 | 8f0c5a95693664ee6155a332ce40eafcc7eb812192d9de1d99624b5a2cba0fd7 |
| SHA512 | 784b93d59d1ba77a3a82e4410e7be01cdd5c24630d3a8ca387634acb9656b5d2e3efaf60f39c2c21a93a114d3df29faf4567b702e3af7d877bfa03a860e200d9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 643ad4a274f646963b38e538d3ef328d |
| SHA1 | ab30254946c9f0eedb7e15f5acc61be7e9a0da91 |
| SHA256 | ba6136895775b4f94ccefcdac9197ff16ec3f0e05ad4c89974766f1bf0f8aec3 |
| SHA512 | 53c24f6ecf405093639e3223f2a347903d6cc07b7cc77c8a644aecb0e23da9903378fe9b6b6452e79a13f2991704b9ae75443308f816fedadfbac5b4e5701410 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1c0c957be72168238eb0c4d3b6996284 |
| SHA1 | deec4494246bd58ac480d1c9feb8d2f82312a128 |
| SHA256 | ffe95146e5b52b173b1b34c12346c4ff7bf8cd4ef3cc09bd04ed9b9e90c22944 |
| SHA512 | 198cbfa034fca82b054c50cf3f6456c3d7a1f51719564dc409534ff3f7ce1d0e205dacd759401568400af7822c465a6c0e5f4d1ea268dda21510461f4895bf86 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 41cf0312433f13a1bf24321159d39c71 |
| SHA1 | e7581d8b1c9cb201783fcdcc3f7e99b71cc54588 |
| SHA256 | 6d53aa1b6816413eb4f645fc7e6cfbfa4eb554cc2c7c7966624e529ca16336e0 |
| SHA512 | 96048bbd3431a5ee85966d2c7582f7b185194074be0c367ee42d979b553dbdff5cfadfa6c3c400ea1d7fbd0c6f4e2c764d34cf5dbdcbbc148d67e11714092bcc |
memory/2872-855-0x00000000007C0000-0x00000000007C1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | c45e0616ec7c6b20d34f0f14282f62ef |
| SHA1 | eb2336c1ba44a8932127f515d4f9e218c5379aae |
| SHA256 | ee6a697a8106b3fac3486f60d6e5f0e42045f873c97455f4644a5f070d029132 |
| SHA512 | 30573e4fdfa88c62f6f3a30b265ed6f794ec5e86a528922d40ce273ad4c5108b56119e63eedd639f7d9c29c36e3634e3e9800a0212d569838e01d10051b666ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 16b7586b9eba5296ea04b791fc3d675e |
| SHA1 | 8890767dd7eb4d1beab829324ba8b9599051f0b0 |
| SHA256 | 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680 |
| SHA512 | 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp
| MD5 | 18e723571b00fb1694a3bad6c78e4054 |
| SHA1 | afcc0ef32d46fe59e0483f9a3c891d3034d12f32 |
| SHA256 | 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa |
| SHA512 | 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 149969ea06f98c09ca097bb7ad206e0e |
| SHA1 | 6389985ff82c89581952ab2148e89b04d695bc35 |
| SHA256 | b32d1d334556aeb6d263b6f2d631423be7600b89af2a2852dea6d4db9c321ebd |
| SHA512 | 8e013c04816b7b7e22998070aa593c664a4955685dad257016f1eb637d6f5d591db38658ef5bd35a82cc57a3fb68eeeb7c2f0876ad95d351c8e2db9147141f33 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\bfd8da92-8d7e-4d4a-aa15-ff61054df573.tmp
| MD5 | f3cca733548bf8cd35821d1f2b18312d |
| SHA1 | 6fcb23e60f6ac3c5725fa5e7e14d6644ef871b53 |
| SHA256 | 6db6da44e5dc9d7a3d3f9a143151fb4738b8d8a6e402801eaab402e4a0781393 |
| SHA512 | 8147a9f91336edef313602806440a47c00c8aa0ae0b2ac28a376a15b3d7e72edbd542d28198a269bed99920f891ebe5e57b7ca3633b8beecfd1b557a0f86db12 |
\??\pipe\crashpad_1952_BAJLBKXBMDTGAXCU
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 8549c255650427d618ef18b14dfd2b56 |
| SHA1 | 8272585186777b344db3960df62b00f570d247f6 |
| SHA256 | 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13 |
| SHA512 | e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\datareporting\glean\pending_pings\d1368565-8b67-4e6c-8323-8e4566934d61
| MD5 | dbadec04b9a8fbcca3dfda61160df3e3 |
| SHA1 | 0d71b69c48e6225ddd1f47de523b5a6deb046075 |
| SHA256 | 9f6cd2f7accab07f721acd95c1fe5e7aa7ec60b2a8d48aa6285f7bc5987aa322 |
| SHA512 | 2b344d02b58461b9dbc815c03f85640c17efd6780cda451e244f3537625afd28e0b2beb275b598d11a5609db693575963dccedeb1fc18eee663ad0de8c943cb3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\datareporting\glean\pending_pings\b51ba231-4697-4f79-b2ce-d3aa4f280376
| MD5 | 85a91ef8e50e89b5e7d3674d991da5a5 |
| SHA1 | 1897b764620a84e93be4ed2fa31fab93c0bef606 |
| SHA256 | 5bd25da199e4ab9a6fc5b2c4651e483aa6f52aa135617676154432560273dbb5 |
| SHA512 | 13b889c022c5f6ee5bb95e023cce00258bbd08493eafe6e04c5abe939b57d2a68abdc99978b54954172743e6676f1d31cea654d8ff6357252942d847bdece44c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 3c7dd803682bd70985d79922a2f3659e |
| SHA1 | 98a094a5f2a2f81cc10c02a6e872a4e8779d54e9 |
| SHA256 | 1f80f4f7cb0ded0ec45851ac88a37e27774c353d028bc9f80a74054f33634f68 |
| SHA512 | 659ea8982aa1bd24de2f91358e71708bcd06e58e4f2b95ca59c9f1d24a238c5705c022e06a8e75e052c510eb665e850161c010cf92bb7375bbf7d1333759d42f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_5EEA01CAD208F75F11898843BE401E94
| MD5 | ce017f9a462b214598474f8583cf29c5 |
| SHA1 | 742eabb5bbfe766fbb7870d7ad7b6f60f3e4606f |
| SHA256 | 646fad4660b59c9b795de2479ca4aded2aac71b9fd2c35913789ce4a7a161d39 |
| SHA512 | 62e21de8acd0e7cfcd7ad685bf83e25e801ad3ecb62ec534aae7c17dd954971eb4a9c4224ba0da1f5a5df6279702778bcedd7bedba1affdb30c4fc4ed906da61 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_5EEA01CAD208F75F11898843BE401E94
| MD5 | 40b956363fb59d1b6435e32953f5ddba |
| SHA1 | 1132d6c07c99127943dbabe1888e843a5b67dca3 |
| SHA256 | 3fd5f30f11f710883fbf266c38857c7c2c812647d36123a7c5937914fe536fbd |
| SHA512 | e9219450f262745fd391dfe99ec32d67696ce4e635125f679cd208c66f204c60a03fa1ad736b98315c4b5145f9880ee8dd48ee1e8410c2bd7bf8065144325339 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
| MD5 | 81e09c972b3b085ffc3005d351b9f9b9 |
| SHA1 | 7ba4211d6beb6396a4bb68c702ee1a0ae81af68f |
| SHA256 | 7e65525060ff33f70737d0fc763328801dc60ae1830055626217347b713573a7 |
| SHA512 | ac13844477a3d7e1dd926869d3295f6fa5cac58a46b286df8418e70632423a5fc781acf7d4d5ad93d2963762b5e71f1d2e555474669f6c61fa9fddf1d14287f9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486
| MD5 | e082e5a87c160d5ebdf801e31dbdd7ba |
| SHA1 | 9ef3a34ac2480e907cbcd1db02bce11817fc1f24 |
| SHA256 | b432d58bf3cc22aede82954c453003ccba729d9787d026aa6a71778f5eb0af3b |
| SHA512 | d8ed3ee1331aecea0f489f929b901c66f7cc3e20670c1e3eefaf5aa768c041d4b083676005ddb58085c2144c558453cb6fffe63e1456fbdf6f8faf7c32e7077e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486
| MD5 | 36e36efafc20bc1b6789371de0b011de |
| SHA1 | 49fc07538f9aafab3bbd46ae8e2267f523b73e56 |
| SHA256 | dd0b60696bd683f87e17210a2d129ff4cf4b8563a9b00b9ef8a838b609207c42 |
| SHA512 | c37f4a507c3049f5366238fc3442c94efc2d6ed48cb0417001d7e2202e50081369f6f685c0128be614d71618ba9b2372fbdc2a4a8159fdbea60eac059543c841 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
| MD5 | 5f33d47b84834651b1fffb6ff8773c16 |
| SHA1 | ed8f666fcca22a110bd4092ca1c92432a33ddd54 |
| SHA256 | f31022b9981bc2de93beed27e9cd4ef2254a0c1ea3384a89d3c7da8507b58ae6 |
| SHA512 | 2e5aa3b2a67f1472eb8944af6355bac1df72cce54e5f9157a829f95d4029fe81418a63b6e382d68cb1d819581a7902149f9ac6ccff99aaf7592dd40a477e7f30 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C
| MD5 | 8679d38dc91801d42851252414082da2 |
| SHA1 | 5ba12a477c265124466f9bb4e8b696888c961bf5 |
| SHA256 | f962c449172fc68b3a275a9e450f1ade40fc6078209f166083600112baa6e82a |
| SHA512 | c613beb4d12f437420af16e941f752359996716ae6ce5697e97371ba48dd1d176d9e8a3aa7648e5423e1c08e577dd0685bf75062e6f01caab54cc9f136ceb6f4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C
| MD5 | 945e2eb367a00459159a231570d09fa3 |
| SHA1 | 8bfb4a3e201a50f47da969ec478fec0b58b1a674 |
| SHA256 | 161e7540ea81b0c2642a39bf4b1d1fd6b1251f683064526e57af2859a6f1ee51 |
| SHA512 | 642632c4b59a3ddc6ba7029496ffdf2a26de2cdada9c22a1e44e51af1a2a1b6bf70bdd60947887bc8abaa252918a036d8cbaa7734c4f01f37ae11a5665715892 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | b7fdfc050a74dfecbf4834ed5fd8392c |
| SHA1 | 3d124888d65f80484cc3e5d9b43ca05d94dc0bc6 |
| SHA256 | 261d7591c1c63892412afafedb0fda9d3180595e256a59e6e1a96058fbaff88a |
| SHA512 | dc685518ae0c203f4f101bdc8477efed869345bed5ad22730babde1ef587680a046bf052342e6691a3412a10a4ec5c17ddfd98224d771f09e8378b36a70f6598 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\prefs.js
| MD5 | 7d1c3d7a22aa1770f5301326d3513e84 |
| SHA1 | 0cfadac16eae2cbddb29e1e5e06fc565a33cc4fd |
| SHA256 | 16dd778296c00d6c0af9755c47685b4bec6e5d20388ac78a132728e9addd8a02 |
| SHA512 | fa1999334bcccf6735feebcfab5977fecbdc6e8ab2a45a8175478fdeae111134797879769b0b8007aba4ec1b2846a4301493fc1d44ba8f89917a7775153c1286 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 746200f9d745bf424f3c3e4ed60cf0b8 |
| SHA1 | a55c827f6beead17cdee53a7259efde5168edcfd |
| SHA256 | 3b66baaebaff7374b4ba6faae06dd8c92495f77cc013b657db118eb5ae417079 |
| SHA512 | f939af267c2cd2977f3392b50a40f6842be7af20622df03f8eb9e8dca3dbeda88ede9ade2c864e0bee22dd70472173ca66c3ec1a2bc80764d718a0f41c4ff8cb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\prefs-1.js
| MD5 | 47c42e0fb6da08bd70de67c5dce7d6ce |
| SHA1 | bc8b734b649b5cca45f4b9205538f97bb98f3015 |
| SHA256 | c3f814b626387f1427507cdd7de97d3d059f63bb8903ef0ad7d77b865c1e480d |
| SHA512 | da7485f3a784b096dbb5f72f25810e2822e71eff3be25cd010e4eafe06d6c1cb15415471da89318d278f9f9acfbfda35710f38abbd16a2c86371c0b373d0d072 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\storage\default\https+++www.youtube.com\cache\morgue\129\{541e852d-c8e7-4411-bd32-1b3b94e46f81}.final
| MD5 | 2a252393b98be6348c4ba18003cc3471 |
| SHA1 | 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598 |
| SHA256 | 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee |
| SHA512 | 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\storage\default\https+++www.youtube.com\idb\2944216854yCt7-%iCt7-%r0edsbpfo.sqlite
| MD5 | 2b3b5bc3a18f7e1f249bdbfa6852cad6 |
| SHA1 | 59cc04b1042d7180d1b1d6bf4c935063dfa04913 |
| SHA256 | d7135cf50eed089a470147858726f4d1d0487995d1b940c253e983b9a4896c61 |
| SHA512 | d97f6a0c1044da28852717f635230182542a5fba128645d8d34a4ac82523d378efb534985baa8de88db887fd8d0f6455e754da0f56a3bc9543140b39799384b5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | dca0398f98e0a0302f96492d88006e67 |
| SHA1 | 14f1daadb5e7868a2c3141a393c7b87c9e0ce79b |
| SHA256 | 12c89d35dff54e7e35e4a2a9ad59aa126c73fc6c1202cd57786197d4cafcf1fe |
| SHA512 | 77c6858da6030bb63da1c813e20e376b0a86711c2d3cdc4050e07927082169ac82ee216e72ec07502c09df3a40adcbb3c51e8980acca97269024903d5f27f0e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fb3ed19c898635cb8599b7001b40e2bf |
| SHA1 | bb5586a5c14e41ab6f5184365c1580006c31f385 |
| SHA256 | 3fcc130a553a3f9aec2fd29547c6d2aa3d7175ec59f317bca70c317c38fe38f6 |
| SHA512 | ddbb3d5c17ff118cab5e1500850ebd47bd6b75e3cc7ad31b8e71028c3e9a2883fc556742ca2eae7ca5044eff224b7b7a2aeab886dd2352841b2939d348cfdc44 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf771362.TMP
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\prefs-1.js
| MD5 | bb692a60f1c6a5b37f7af095b57c5826 |
| SHA1 | 6cc43c65f5b6e34d8d121286eb02fb4a416da0ad |
| SHA256 | 62657472ca41d39abb0e2e7cfcb1f6c08dcd56c4a934dad989a58f0c922e6009 |
| SHA512 | 15b1ba6ee132d5f8f7b5fc4d72ebfc3a2b341e1d5bfacd52f672f2734595e88bc7e998e74e91bf852b3f96688f8ae7f38c6ff37060ea70be54d31d385d93017e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016
| MD5 | e2175cc2ba741482e8db4223ac827364 |
| SHA1 | 2a400f429045f34db9f6136c4403592105ff0531 |
| SHA256 | 0844dc81e0e09409c6d04c2b2c5c5198398d977630593a0150ad2a1fa442f8ab |
| SHA512 | ffa838cca12287e132584832ab96af96bf086a4b35c31ba1e70bc4696cf4528b9819adc3b949c3dad77ac09a211e8d0cb867870019496b34b30f5139390d1fe0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018
| MD5 | e0cfc86d6fee1e4fcb2ca7b79a374092 |
| SHA1 | 1c441e7210b4534b6523724b2c1134e6f8cf274b |
| SHA256 | 07d7adc683a9590cf6582cce94e0425d43a44590adb22f9fd9de54a792ae8562 |
| SHA512 | 9f10d004710526accc20988a118ad9a48b736122a74cc2f18f55bdca45bf631724dc3a582b0e7c9f823f9725870a9078e80ed0be5b3cc7a629ff980c9cb01d0b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015
| MD5 | 8dba1030059c0a051491a85bccad695e |
| SHA1 | 1c19373c7dc5c388b26884b9146095e44070bea9 |
| SHA256 | 5de42bda76cb9cc03487866621cb78532ca595b367489a8f9b392ed0812f0ddf |
| SHA512 | 26ed74980321134cfe68c3eec3232d3f01b162d5f1b074ce669a966b453c5885775015cd41a6a89fed9179c67ac9dd644c6b263da0231bdcb61a5708632f60f7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014
| MD5 | f6184bafee4be4e0179664a6696289bd |
| SHA1 | 5132c2d40587621f20faedd954aba04db32dacec |
| SHA256 | c2c037e92cce291e16693a597a77733b8e2121a02b4394ea9326654d1d76a83f |
| SHA512 | d1fdf95816dae49ff7178f68f92c3e94aec5b6d0e96f300f1763262674e888b4b83950f051471cd41c7974d4c7100e9439be13ddc057a0605da86f88c3f68d72 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a
| MD5 | a7d020971edee484ea885fc4616e9b94 |
| SHA1 | 8886c765643c22961bac6d7b2c3c8ecc81b06bb2 |
| SHA256 | b883ef00d35c211c6e80e81e27765a3a13cdc958461edb8c2c04841a8a6a44c5 |
| SHA512 | 57532c64e20bd6e59771a201e5c35d821092813d6838b13752ea2f85fdcbe02cd22b2d318a4aa0f154e1490f89d6f7e5d20adf7211829c1e052fd5d7ffeb5972 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019
| MD5 | 56e3e875b29a0cae43b48737728bac29 |
| SHA1 | 0a5a802c85eed15d048686b009b1182301cccef5 |
| SHA256 | 71e4d8c5202caf26873b23c9e42e307a159ebf5c6f100359f76c1e31ae3124d3 |
| SHA512 | 8fe62dd500fbc102c77051381916276548c941e9bcf71c5aa7f098eb2d99253b14cdd086bbcc02029b8e17cc706deaa5f796108cd4cb5f6dfa43ca2df9425790 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b
| MD5 | 3996087854deb58bce448589d3e48050 |
| SHA1 | fc58748309652eebbc7caf9926263a86abc90c33 |
| SHA256 | 705dc3ac367ccba0399c7f6f5dd8dd0ec20ef0a83a4833e1fc2b37d7093fae34 |
| SHA512 | 80d1351a99d86ab89e81524f30c01e9b5fc1d4b0eccb2f7549bf05e1a3495e01a5f85bed8d8cb00fe88a8628eb07c30d04c45bd5b204ca3afc25d31aed5998e6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c
| MD5 | b4e7b0611be0c72ef9f8d8cfb44648e5 |
| SHA1 | 25919b50f907e6c2271531ca36d39c967ac52260 |
| SHA256 | 2333ed572e03337e2094f3b107d0238edaac090a39ba8e225c5702d7b82795e4 |
| SHA512 | 20624022fe7bce39aa3354778da856d50197f3e7242b788de51002655e37d3b369185359c9ca47acd1aaff707786ceedada21893b30161fcd0c75d9afff5f8e9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d
| MD5 | 8cfdf88db90ff471a5cd8afd104ad2da |
| SHA1 | d94aa61612b550a34a2838b9980511b95d63bedc |
| SHA256 | 240b24115757561090d8514cae0c5f01fea4de27b1e3c3aca254d87661abb5f6 |
| SHA512 | f4485d545c2017b9dacaeb2a15cd0c91f1c0d53883e9bcc2f622a3ecf26acd12b13ad541780fa6678e150784640875ff22c42a929bc95329b7c7effe676e17f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028
| MD5 | 3669e98b2ae9734d101d572190d0c90d |
| SHA1 | 5e36898bebc6b11d8e985173fd8b401dc1820852 |
| SHA256 | 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a |
| SHA512 | 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029
| MD5 | c1164ab65ff7e42adb16975e59216b06 |
| SHA1 | ac7204effb50d0b350b1e362778460515f113ecc |
| SHA256 | d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb |
| SHA512 | 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a
| MD5 | b63bcace3731e74f6c45002db72b2683 |
| SHA1 | 99898168473775a18170adad4d313082da090976 |
| SHA256 | ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085 |
| SHA512 | d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b
| MD5 | 9978db669e49523b7adb3af80d561b1b |
| SHA1 | 7eb15d01e2afd057188741fad9ea1719bccc01ea |
| SHA256 | 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c |
| SHA512 | 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | b4762e0adcea256a05b8faa8d5334daa |
| SHA1 | 178fdb2acbd60682149899f2dd2d6cd2c8180e56 |
| SHA256 | 7cdfff7575a8e417a39251d13f06f32c86689f7432d1d075235351802724876f |
| SHA512 | 1192ecee7afbd1614065de4128a4a1f06039cae71842f6a65ea0c57be3a009a137ce81dd88d708c9fecc6ca768a2fe56849ca2debc5bc88e53f36b23a2b61b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3401e615ebb1d2683353265dff6fdfd6 |
| SHA1 | 2a9a17877826f5f6497532a6b5bf4211cc9f18d3 |
| SHA256 | 3e98fc78019a258d0dd1a7bd4fa940229a4224ed30ad3c6634a93c716f8a706a |
| SHA512 | 38310350572d08056fc0b8efe2f7da4b3fc4a6f68d5d42d991aaa50b32a3f4f8c2c61cbc432eaf715a7c63ca0b3c960db8e0dce7c888f3976bfdfbb01cabc46a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | e5be1718a7a9071614d1e277fe1af896 |
| SHA1 | a31767ff2455d9a7d1d39a54128625bc84b70b7e |
| SHA256 | 63d40c72ae53de60ddd5ac7053bdaa18cf37847d73afd3f20eec0ad6b4fa2198 |
| SHA512 | b7d989db27b6a189d8bcac9a465dd4ccb7872f461ca4d1f46654e3354f424b791febe267eab7a458f4d32b1ab01ed55ae10b9d73f28c4d2fea4595e08661330d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fab2d322c4c456efae787c6ff95ce2dd |
| SHA1 | 2efd94c06e1ed6d270ea76276ffe83bc3de9502d |
| SHA256 | df39faf211e2726d63b6af666ca313308b5a3a8341dfafaebe0941cbd3ec9414 |
| SHA512 | 64d0af8222b7a76ad2d8e90b8db2bbf70c2ea79bf5c308a2d0994f17893c70ec0fdb1e51b29fab12cb368adfe4c7382fe4df3a8931650ab2f59e1d2aa34d3177 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 580a27352899f64f705c96b068417f4c |
| SHA1 | 4953e1bd4bd3b59247b3cd0225d3942e5ab6dfa8 |
| SHA256 | 8d846e44a1d085995a4bb598458eca112ef9f668e93e37f60a4d48911a53cbe6 |
| SHA512 | 7bc619afaf4eec950f4667ffc931374d3e435578d3f6b858d7be4915860ef2f683264f19aae335c41e1aca427f5e7029c085631e4d090b5d63d26102f61348a1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e2c8e39c9f5e48bf19e4d5d1784dc862 |
| SHA1 | a5b359de9b3844ad86f630a6a0a2550613e35d92 |
| SHA256 | f6ef1b9c42ebf447413fbe8db08531ddf0d0783b65ee82865622923b1271bf3a |
| SHA512 | 0c2d8ac686f3d4fe36e2c071b001bef5e166a8e0c4e1e04345c8e776e5f4bcf8a0c887f5a816e7c6f46dc140336335db2719f1150da033bf5e8f15dd6e6a5936 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\prefs-1.js
| MD5 | c48d2568ea268c644ba23f35c5fbc2e1 |
| SHA1 | 7b1261e4a411c7742ff97157c3b8de43f24a3b47 |
| SHA256 | d5cf5ac9699bb746e37039b16c6eb249a3f7c19d3d519b3fd76af014ade453dc |
| SHA512 | a482fe6f46220a7a29b4fe6194794b59da60dddb181cec6bfb82b78010194a87a660cdb5ae774c54c7be2d431331a08c1f3b8bfb820e4427058994e5556ad4b7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | b4919ed2d29227c4aa75cacbe3c6a689 |
| SHA1 | 4b93e65c11b01aedf921be1e5b87a82d7bae44fb |
| SHA256 | 73367fa5be9271843ba57e0ee560e8fce0a0db71df62d3dd8acc4da1ada75a63 |
| SHA512 | 933d12a5fcbc7c5b1816690301df6ce7fd0019e390c23d50c61867ed4974d97c3e63c2ce7ba2bc9ffbae69f9028a34041920a001abeb10fed2ec3fda78b8e4fc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a4be864251aeeb37eae959116846458c |
| SHA1 | 9f5c33f319c76f7e5bbe6b0abafa44fe96846f26 |
| SHA256 | ef47d0d449542f05cddc5574a7644fd9fd9ea2c81e92827bb740c2fb430c9dfa |
| SHA512 | 620c28e563198538e5f9a65272dc10d491441657e5b8783ffece651bc8e501252d87fb039e21b55e7b5fc4bc62e73537ae044ded4c0e9e2f851710f16f7c11c4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bdbbf653131e545d0e1cd70dfd363e7e |
| SHA1 | b3581827aef30c7b5c52636c06d90f6831e79b1a |
| SHA256 | 15bacca679b61b51dfba77ae3c99b0898944faf3bfe3d470e370016d652a313b |
| SHA512 | 3da3fc2f926b648c219c1fc8288bb2f4bbe270cffda310f08dd64a496135e3d41160c339b1000584e50103340df1a645972b3abcd1fe79f35e1d5f01cee5c152 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4740a8bb20799edc4257fc1af6fa01e9 |
| SHA1 | 9ac521b0d6cae8603924f7c1a738b14e10826586 |
| SHA256 | d8b54b9b6e6908669b99f9ccd2d6355d263baf0a71e2c34576a18fc2318de676 |
| SHA512 | 63bfffe352dd1ef3332ec820a00bb0178d49f9e583ed5cda26258459a6a6cb347add030b759a7f2328d12c44650ff410aad496878ececd21d7fd07570683d4ad |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 22295d39ba38f218bc6a966c5a5ca409 |
| SHA1 | 02631ca79cc1814650294509ab77ede1fbb09b14 |
| SHA256 | 2321bf908ae7eb127e91cec6aa76440b6ba6fda46a7e47fbaeb1e3b3c3f6fd32 |
| SHA512 | acd8845ac8fe037eea699abc68af1621a9c25ab5fb4cb7113651605f05f13041e768df536dea33eb1bf51c0c78892bb29686ea99ad21ea74692def5b1523966c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | aec97716e812af94172cbe4999ac93ad |
| SHA1 | 8cc0e4da92b1c2d3f65e35b0c22369bd3f0cbc9c |
| SHA256 | ee4d7418c94f590f7a9d169d493c76cc51bc94898b68683db6ce1ed9a1a2a369 |
| SHA512 | e42d00389307e1791b059ee64d8581301dabf8481099b1994b828d07c1bb3778e3f5ddfb53079e6af283b03ea85311fa5ee2f77f8e7c3a952e04fcddd06b6f96 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | ba76ea9f7c7e2d9ae2b958e49c74a118 |
| SHA1 | e735e23ded2feafe79a37af9500ca58be51f7bde |
| SHA256 | c61ef43dba73c7c1bb39e90a7243e344d6de1d9f23ac751c7a8f5d0e116bf828 |
| SHA512 | d389a4a74161b1a5b65e9622232760d32c6108e09a7af473b28dc0eeac9dec9b6e24801c4cead340d626feffe5a6da0f6c002f276d62e4cf8356e555a37df8ad |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | a8d3da8dd105d8ff9d74ccf1781f3d5a |
| SHA1 | 32e5683bc1a6f3578d74f6f7017b3255d2a291c2 |
| SHA256 | 6072a87c5ac2177471c14541b4a670fd1d1f82ecee8aa4db51be3fcf28215271 |
| SHA512 | 1065a472a84e69461bddcdc9f29bdc8a896dc1e356e49f5708f8ddd0b142ba18e0fd3ac4d947a255db1ad7b1a63379b03ab3dca03c0cffa4bc6114d3c5e8eddc |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1a1fdcd28cc4f336f041b837fd3f4cfe |
| SHA1 | 2b59094f22957f9001e18591e7fb5e4cb20d22b4 |
| SHA256 | 809fb3e56132f7a6a4d83a585687bc356694ef5ab3b893affe0dda7af36cf7ef |
| SHA512 | 3c1a370da7bc62fe74e18701e9f8dbc4591ce94b2e8a882e3a9da848ac66d3b7cb2927a1d658d6d3996e304ccf0078003c3ec57cce85a3954f7a3f83aa991d6e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | 25065cb2af7e2695940b44e57299c085 |
| SHA1 | f9ad485c223b094bae9324f9fc9c656bc1e3439e |
| SHA256 | 3249cc601aff697489b62d831429dab485b675512420f58c275b4213e7e98ac0 |
| SHA512 | e99cfa8d2752b12d59de19644866e3b62db60069e6e3644e8b8cf96dd186a212301b89ab0d925fa2ccc97e1e94ccf7b892281bee2217f016ae3f66864d0fe28f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4d7817544054e9027c020b9ac49c017c |
| SHA1 | 6052cad97694fee32a7cd872515fa60d1fc022f4 |
| SHA256 | dae8e30c759d0b20b38ead4f8ce2f50ded600367c85762b29e856091f17fd6b2 |
| SHA512 | 03e46e1704c6131b357fa19b7e7fb26cfe308ccfc480083b7559675f4e3d1c21ed3cc2e38ceb693d64c8bfe09d44591a465dc36e8d62790cd4122752898e4588 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 230eee56269aa10929ae3fae60891693 |
| SHA1 | 22d9903ffd7617327fe3e0765b9128fa51ec35af |
| SHA256 | 9f4f65e9eef79cccd807dbe5dcf932064c4c82cd851a117997e58341b16f71c0 |
| SHA512 | 1ef37b0ab979764863dbf4b63b96d7a5ac5774335463a6eb09d9ef87f35d35cc219252cccd10b352d00fee881b6dcc108b10189a3099299d06b1162765a06cd0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2aeba0381ed9f273a63440b45c395143 |
| SHA1 | 709f0470cc220ee8ac447e0210f589b2ad31f93e |
| SHA256 | 7aa49f001e3d5d5cc93135a0697b0f1b700e6cd1eb60fcea4577d05d97db807d |
| SHA512 | 079510e455aec894192dc79d7385dd44b3f8d2b4a6001623f4c9d9af099e1b6e31c094a4b516314cfebc7f62beeab43a097c95c360da5d9f386bc95f5148dbd3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ffcdb7f703558c0b4d5a9d352fd2422a |
| SHA1 | 5f36bca0c9a2c8c7f2c4237d9e9a5dfff7284385 |
| SHA256 | edca775f95b898b49120a8cb57f2b7e1fa3798976f1f9ce924d36728a91375a3 |
| SHA512 | fad27ecde63d5337fddce3d69aa391af804ff74c39ad15a65a159e52599640e97e5a90a8488f5a69220f5cbcab0a0214b8192bb66729326f8c0ae0f267daab60 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\8e9966a3-7c37-4d0e-8c54-d4d57109b21b.tmp
| MD5 | dbcd3f02448eee26227370261337483f |
| SHA1 | 865ba9e12ff3d065a89d7a4da0175a40cb4b6287 |
| SHA256 | 755c936ce2a89139fd86c997aca39186cc07c74e9fe1a34282c13144ecca8432 |
| SHA512 | 0a913454ba221e59ce228a451ba0f86af06be0f84b1038852346a8697eebf7f7cfb294b096b81231c1f8b6818225aaf059e91d08cc348fcf2d9b895fc9bfce08 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | ca0437f7e8a01b93e76553df09f8f857 |
| SHA1 | 8602ec06e2d5409b2ef83f6fcef75c83ccaefb43 |
| SHA256 | 46e44dfa374c219376bec0746cedd3011ec0e3d70632117d25ae5a38d270f316 |
| SHA512 | b46af6183f08a3ee731a984c1c0408dbe94e3b994aeee22e1b0dc5c89cd3fc57f04238c02b087842cd827bee872f5458dee0eebfe71895b5ccf23ae1f6ab8aa7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7881304eef5bf2e7f77ffaf5710eeeed |
| SHA1 | b06744350c75c6d33d658ea6c99a71498eea76f1 |
| SHA256 | c32efc6adb63c047ccb8690a8e0856f5f86bb5c50e375813a9705e0c1c11dc23 |
| SHA512 | b69ff19e61adadb709e163586389a4d9e142ccd40ca03b5cb52d4b49d66a56720f32cbbb669c89eff88dec0b3983f165250a09fec6ad5e30e13d422d4ab6ed5d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | c4cbe4bf46c50c71d3bdc9ceea6ea2fb |
| SHA1 | 111846ccb1d36e1cf2b71608c06ae24a907bba09 |
| SHA256 | 18159aa59d45fce4fe00ec5d510c4224ce36d796fa0d4151ae1fd7963eb3d446 |
| SHA512 | abb1279a70e447387480dca7292d51286f847d147f7602dccf1fdd47685650bbeed0bc44f048d22e2b9aa1bed4a4886bd10f851e717a7ff024b7bb3874f44333 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4e63db27265801b702e861d3ec894501 |
| SHA1 | 9b30c4ea13100007770bb332d8c7db4114c2bf07 |
| SHA256 | 8f3649cf68745af2edb0f4001ca511abd6adf379ec137ca2e7330a97a2270309 |
| SHA512 | fa2ddcee2daa294e49dcb6ae8a46da57622f19132443ae5ed18e426fc0e107d37bb952864ad8bf492ab1e734d8b5a380b70ef6e60e2401ecf763e63f0d897c74 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 65c0955ddde3f58333956f5e0fc16b8c |
| SHA1 | d39136657746dca031df761fa941657cb7c0b247 |
| SHA256 | 37b8b5cd6d5f5b66243ae1582368ad9dc2ad49b48c71d57942375f07c712c4cb |
| SHA512 | 2aa42ce87c7659556a2c80251c4f832d1683beefdd947c6953e83ab6b85e2a4486b5962a35379a47d75548965dc12e6a12f0a6deba48dea38be58b4e548e62ea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2e5a12450c5366ec6f1b4debff7d56e1 |
| SHA1 | e887d17c8256538e7508b0316cc80e2dbe8d6dd4 |
| SHA256 | c335446462bea4f230806c5b37c4b2376d614ab1e3334041a7885a8a7994a3bf |
| SHA512 | 281a51d573280e57853376d2815490e12642c173b1a80f0a22b732942541dddeb372b315cef859a02099b8de943df621803dba625dee9c9f4f53ed88d550c00a |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | e7b1aea786fec7d6082df5370f9bf83a |
| SHA1 | 1a5772bddcf661b592661f98c78038434e7dcfe0 |
| SHA256 | 982653d9e229ab64aa46baf1ce5868f601592ea645520f83304bb79002aa0a14 |
| SHA512 | d5b8399f8102725ee7ee213476e988a194506b019b116f86cb17321a27e13c9b79efc81e2d9a181436a1340f1fc52a8c2ff3f73a482aada25cd19b8bac65434f |
Analysis: behavioral2
Detonation Overview
Submitted
2024-02-12 05:07
Reported
2024-02-12 05:13
Platform
win10-20231220-en
Max time kernel
299s
Max time network
302s
Command Line
Signatures
Detected google phishing page
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\e3ba572e7264fb83d87f0f0169da38d5d774f56562f13337e1ce164286fc0052.exe | N/A |
Drops file in Windows directory
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\system32\browser_broker.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133521883043714291" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Revision = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\OnlineHistory | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus\CIPolicyState = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 9607c07e715dda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.linkedin.com | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\LowMic | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionHigh = "268435456" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus\ACGPolicyState = "8" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\AdapterInfo = "vendorId=\"0x1414\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.15063.0\"hypervisor=\"No Hypervisor (No SLAT)\"" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.linkedin.com\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 41fa307e715dda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\facebook.com\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 3b103f85715dda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{AEBA21FA-782A-4A90-978D-B72164C = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\linkedin.com\NumberOfSubdomain = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Content | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\google.com\NumberOfSubdomains = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TabbedBrowsing\NewTabPage\ProcessingFlag = c0144293715dda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionLow = "395205405" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$WordPress | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Content\CachePrefix | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\google.com\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy\Extensions | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\NextUpdateDate = "414527378" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\Rating Prompt Shown = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\Next Rating Prompt = f0e9311e9e83da01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\linkedin.com\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\google.com\NumberOfSubdomains = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\Total\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Content\CacheLimit = "256000" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionLow = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionHigh = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\MrtCache | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListDOSTime = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 1aa87f7e715dda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 01680799715dda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionLow = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: MapViewOfSection
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\e3ba572e7264fb83d87f0f0169da38d5d774f56562f13337e1ce164286fc0052.exe
"C:\Users\Admin\AppData\Local\Temp\e3ba572e7264fb83d87f0f0169da38d5d774f56562f13337e1ce164286fc0052.exe"
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffd45099758,0x7ffd45099768,0x7ffd45099778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc8,0xcc,0xd0,0xa4,0xd4,0x7ffd45099758,0x7ffd45099768,0x7ffd45099778
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc8,0xcc,0xd0,0xa4,0xd4,0x7ffd45099758,0x7ffd45099768,0x7ffd45099778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5232.0.2027252267\260191487" -parentBuildID 20221007134813 -prefsHandle 1696 -prefMapHandle 1684 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {81f48eac-a088-4d54-8762-4537193936ae} 5232 "\\.\pipe\gecko-crash-server-pipe.5232" 1780 1aa9aaece58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5232.1.1239358721\454997870" -parentBuildID 20221007134813 -prefsHandle 2196 -prefMapHandle 2192 -prefsLen 21608 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {afd72457-d759-4388-b088-05a73299a63e} 5232 "\\.\pipe\gecko-crash-server-pipe.5232" 2208 1aa9a5ee558 socket
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2032 --field-trial-handle=1800,i,7801627246021558476,10352464520326219528,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1836 --field-trial-handle=1800,i,7801627246021558476,10352464520326219528,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1516 --field-trial-handle=1800,i,7801627246021558476,10352464520326219528,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2876 --field-trial-handle=1800,i,7801627246021558476,10352464520326219528,131072 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5232.3.1913209491\1168459658" -childID 2 -isForBrowser -prefsHandle 3424 -prefMapHandle 3420 -prefsLen 26109 -prefMapSize 233444 -jsInitHandle 1044 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9bb2a34a-45ae-45b5-823f-12f5eb567173} 5232 "\\.\pipe\gecko-crash-server-pipe.5232" 3480 1aa88362858 tab
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2868 --field-trial-handle=1800,i,7801627246021558476,10352464520326219528,131072 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5232.2.2026523695\1990377337" -childID 1 -isForBrowser -prefsHandle 2976 -prefMapHandle 2972 -prefsLen 21711 -prefMapSize 233444 -jsInitHandle 1044 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4278750c-54e3-4e4f-8293-0f24d45b7fa4} 5232 "\\.\pipe\gecko-crash-server-pipe.5232" 2988 1aa9e7f3058 tab
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3820 --field-trial-handle=1800,i,7801627246021558476,10352464520326219528,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1660 --field-trial-handle=1824,i,9195857780869633111,17031456048611714081,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4004 --field-trial-handle=1800,i,7801627246021558476,10352464520326219528,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1688 --field-trial-handle=1836,i,14255002726746820441,3985090203356826500,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1516 --field-trial-handle=1836,i,14255002726746820441,3985090203356826500,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1572 --field-trial-handle=1824,i,9195857780869633111,17031456048611714081,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4688 --field-trial-handle=1800,i,7801627246021558476,10352464520326219528,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4836 --field-trial-handle=1800,i,7801627246021558476,10352464520326219528,131072 /prefetch:1
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5096 --field-trial-handle=1800,i,7801627246021558476,10352464520326219528,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5108 --field-trial-handle=1800,i,7801627246021558476,10352464520326219528,131072 /prefetch:8
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5232.4.940736419\656546267" -childID 3 -isForBrowser -prefsHandle 4536 -prefMapHandle 4624 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1044 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {30f3c805-9a25-4d06-b3e8-8e9cdc514ea4} 5232 "\\.\pipe\gecko-crash-server-pipe.5232" 4628 1aaa0a99558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5232.5.1271056743\378662016" -childID 4 -isForBrowser -prefsHandle 4768 -prefMapHandle 4772 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1044 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {16be8dd6-d308-4f4d-823c-aba4a18c0ff0} 5232 "\\.\pipe\gecko-crash-server-pipe.5232" 4544 1aa8835b258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5232.6.1300798992\1220474225" -parentBuildID 20221007134813 -prefsHandle 5380 -prefMapHandle 5396 -prefsLen 26424 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {64eab021-f1d2-4a89-9550-d8228194ae24} 5232 "\\.\pipe\gecko-crash-server-pipe.5232" 5388 1aaa0a9a158 rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5232.7.1147060278\1240273954" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 5432 -prefMapHandle 5436 -prefsLen 26424 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {927cf298-7179-4070-a391-b0474513f667} 5232 "\\.\pipe\gecko-crash-server-pipe.5232" 5416 1aaa0a9c258 utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5232.8.1881964378\953946022" -childID 5 -isForBrowser -prefsHandle 5796 -prefMapHandle 5784 -prefsLen 26424 -prefMapSize 233444 -jsInitHandle 1044 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a43b7edd-2a22-455d-8bc5-40fbf36d5b94} 5232 "\\.\pipe\gecko-crash-server-pipe.5232" 5740 1aa9fd1d858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5232.10.1028030950\28769098" -childID 7 -isForBrowser -prefsHandle 5908 -prefMapHandle 5736 -prefsLen 26424 -prefMapSize 233444 -jsInitHandle 1044 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d2aa2e7c-adf0-435c-8bb8-533e5a880667} 5232 "\\.\pipe\gecko-crash-server-pipe.5232" 6012 1aaa019a558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5232.9.24023939\656599363" -childID 6 -isForBrowser -prefsHandle 5772 -prefMapHandle 4300 -prefsLen 26424 -prefMapSize 233444 -jsInitHandle 1044 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {317c0890-3ecc-42de-86c7-40fdfa48d23b} 5232 "\\.\pipe\gecko-crash-server-pipe.5232" 5736 1aaa019a858 tab
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5548 --field-trial-handle=1800,i,7801627246021558476,10352464520326219528,131072 /prefetch:8
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5232.11.1365623502\1887947179" -childID 8 -isForBrowser -prefsHandle 9372 -prefMapHandle 9376 -prefsLen 26424 -prefMapSize 233444 -jsInitHandle 1044 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {15455253-2181-4063-aa58-39b0a6ded996} 5232 "\\.\pipe\gecko-crash-server-pipe.5232" 9384 1aaa18fb858 tab
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5412 --field-trial-handle=1800,i,7801627246021558476,10352464520326219528,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5752 --field-trial-handle=1800,i,7801627246021558476,10352464520326219528,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5784 --field-trial-handle=1800,i,7801627246021558476,10352464520326219528,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3736 --field-trial-handle=1800,i,7801627246021558476,10352464520326219528,131072 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.linkedin.com | udp |
| US | 13.107.42.14:443 | www.linkedin.com | tcp |
| US | 13.107.42.14:443 | www.linkedin.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | static.licdn.com | udp |
| US | 8.8.8.8:53 | m.facebook.com | udp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 163.70.147.35:443 | m.facebook.com | tcp |
| GB | 163.70.147.35:443 | m.facebook.com | tcp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.147.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | facebook.com | udp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.35:443 | facebook.com | tcp |
| GB | 163.70.147.35:443 | facebook.com | tcp |
| US | 8.8.8.8:53 | fbcdn.net | udp |
| GB | 163.70.147.35:443 | fbcdn.net | tcp |
| GB | 163.70.147.35:443 | fbcdn.net | tcp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.147.70.163.in-addr.arpa | udp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| US | 8.8.8.8:53 | fbsbx.com | udp |
| GB | 163.70.147.35:443 | fbsbx.com | tcp |
| GB | 163.70.147.35:443 | fbsbx.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | accounts.youtube.com | udp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | platform.linkedin.com | udp |
| GB | 88.221.135.104:443 | platform.linkedin.com | tcp |
| GB | 88.221.135.104:443 | platform.linkedin.com | tcp |
| US | 8.8.8.8:53 | 104.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 4.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.223.142.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | watson.telemetry.microsoft.com | udp |
| US | 20.42.65.92:443 | watson.telemetry.microsoft.com | tcp |
| US | 8.8.8.8:53 | 92.65.42.20.in-addr.arpa | udp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| US | 20.42.65.92:443 | watson.telemetry.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| GB | 142.250.200.14:443 | youtube-ui.l.google.com | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| GB | 142.250.200.14:443 | youtube-ui.l.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 234.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.221.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 52.10.159.154:443 | shavar.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 3.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.159.10.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | accounts.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.200.14:443 | youtube-ui.l.google.com | udp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.200.14:443 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 157.240.221.35:443 | www.facebook.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 172.217.16.238:443 | www3.l.google.com | udp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.212.246:443 | i.ytimg.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | 161.19.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | scontent-lhr6-1.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent-lhr8-2.xx.fbcdn.net | udp |
| GB | 157.240.214.11:443 | scontent-lhr8-2.xx.fbcdn.net | tcp |
| GB | 157.240.214.11:443 | scontent-lhr8-2.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | 11.214.240.157.in-addr.arpa | udp |
| N/A | 127.0.0.1:50947 | tcp | |
| N/A | 127.0.0.1:50965 | tcp | |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | scontent-lhr6-1.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent-lhr8-1.xx.fbcdn.net | udp |
| GB | 157.240.221.16:443 | scontent-lhr8-1.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent-lhr8-1.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent-lhr6-1.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent-lhr8-1.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | udp |
| GB | 157.240.221.16:443 | scontent-lhr8-1.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent-lhr8-2.xx.fbcdn.net | udp |
| GB | 157.240.214.11:443 | scontent-lhr8-2.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent-lhr8-2.xx.fbcdn.net | udp |
| GB | 157.240.214.11:443 | scontent-lhr8-2.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | 16.221.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | rr3---sn-q4flrne6.googlevideo.com | udp |
| US | 173.194.191.232:443 | rr3---sn-q4flrne6.googlevideo.com | tcp |
| US | 173.194.191.232:443 | rr3---sn-q4flrne6.googlevideo.com | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | udp |
| US | 173.194.191.232:443 | rr3---sn-q4flrne6.googlevideo.com | tcp |
| US | 173.194.191.232:443 | rr3---sn-q4flrne6.googlevideo.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 173.194.191.232:443 | rr3---sn-q4flrne6.googlevideo.com | tcp |
| US | 173.194.191.232:443 | rr3---sn-q4flrne6.googlevideo.com | tcp |
| US | 8.8.8.8:53 | 232.191.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.178.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.178.10:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.178.10:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| GB | 142.250.178.10:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.187.238:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.187.238:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.187.238:443 | youtube.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| GB | 88.221.134.209:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | 209.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 216.58.212.238:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 216.58.212.238:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r1---sn-4g5e6nzl.gvt1.com | udp |
| DE | 74.125.11.102:443 | r1---sn-4g5e6nzl.gvt1.com | tcp |
| US | 8.8.8.8:53 | r1.sn-4g5e6nzl.gvt1.com | udp |
| US | 8.8.8.8:53 | r1.sn-4g5e6nzl.gvt1.com | udp |
| DE | 74.125.11.102:443 | r1.sn-4g5e6nzl.gvt1.com | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.11.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 92.123.128.181:443 | tcp | |
| GB | 92.123.128.181:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 137.241.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | udp | |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 18.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 216.58.201.110:443 | google.com | tcp |
| US | 8.8.8.8:53 | e2c58.gcp.gvt2.com | udp |
| US | 35.206.11.92:443 | e2c58.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| GB | 163.70.147.35:443 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | 92.11.206.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons3.gvt2.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| GB | 142.250.200.14:443 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | e2c74.gcp.gvt2.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| FR | 34.1.15.89:443 | e2c74.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 89.15.1.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| DE | 142.250.184.227:443 | beacons.gvt2.com | tcp |
| DE | 142.250.184.227:443 | beacons.gvt2.com | udp |
| US | 8.8.8.8:53 | 227.184.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| DE | 172.217.16.131:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 131.16.217.172.in-addr.arpa | udp |
Files
memory/4468-0-0x0000022366D20000-0x0000022366D30000-memory.dmp
memory/4468-16-0x0000022367500000-0x0000022367510000-memory.dmp
memory/4468-35-0x00000223660F0000-0x00000223660F2000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
| MD5 | 71c2283db901aa9fbc999d454592b041 |
| SHA1 | 6201902cbf00469f053a58c95364238ee028d8e5 |
| SHA256 | 78f20a8a1b555a9a34aa340977bd87e1b72a898adaedc780c26516f1e2d0cd65 |
| SHA512 | fe24f00887225d81a7d39bf73b803aa97d70c0fe10d28801c84db3ed92c9e306e64e47ca60f6f3f87c981d7ac3d0d210da42a664d72d6cc182256c960ff37003 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
| MD5 | 1bfe591a4fe3d91b03cdf26eaacd8f89 |
| SHA1 | 719c37c320f518ac168c86723724891950911cea |
| SHA256 | 9cf94355051bf0f4a45724ca20d1cc02f76371b963ab7d1e38bd8997737b13d8 |
| SHA512 | 02f88da4b610678c31664609bcfa9d61db8d0b0617649981af948f670f41a6207b4ec19fecce7385a24e0c609cbbf3f2b79a8acaf09a03c2c432cc4dce75e9db |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | f6d38556e96bdb48719f20d3648283c0 |
| SHA1 | 669b2a387561e11322bfb9a3824671860512ab40 |
| SHA256 | 45a081b2a78d7804f147e4e9e7f362737d40bda2f17f8119dc4fc5645cd0e609 |
| SHA512 | 6103203deb0ddf8307bf1ba06a81f200babcc73b228168b1a3c3309d4b01680c51c627921db0b43b8025ec4b91489a7a8574cccf786299850c387dba0e7f8190 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | ef48ea3cf734fa8e13020baf132c0f9a |
| SHA1 | 7873d9f6c00c3b12422e728d2d38be952266f485 |
| SHA256 | d31960e4d8e0ea88d740579303400da40bc9dbacf0849da665c2bba30f31a97b |
| SHA512 | f0d2d14deb7e84dd2cc02f3a4d56978eadec1eafed889cca54ed2310a904bbc0401cb18b590bbadbfa1a7d3f9cbb5c80094df5e708d27f65bfbb0d745299b681 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 1e9219c1d1a60a5382c2067c99ed25ea |
| SHA1 | 6b3fbb635e0d19f293f9cbd63ca6c03b72e0fac2 |
| SHA256 | 0e0322b10cdc9e3b1d0edcbc48da368431bdeb42e2810b59580d6152439c26d2 |
| SHA512 | 3bf1abc2ad247cbbac0cb56413fda7a9f03f5ec22c8d618479ef350738e9964795c994163b69c7078eabdf868b23548960193d0d95e021390e72ee94af313541 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | edecf9fba47693e844b74d46a6ba22de |
| SHA1 | 71d97686a260a47fadf5d96913562369b38ab41e |
| SHA256 | a2504ba05edff84d11e50dadff5f4040fb681b71704321926dd86c7bbe0b41b6 |
| SHA512 | 33821fe6dbd2efe2555e8d40a52e0fd6bd2d39cb91cab6589a9f2bb9f7515f8742e5d3078ca0b48e74b08875b3bd9c32b0f122bc9bb48ccb9c337dbd9616789b |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | a3ab29ca7a1f89c86dfba3d0bf2ca2b8 |
| SHA1 | 57f6fe8e72f5f145ad5e22d41b403aa16a8bd4e6 |
| SHA256 | 447e1da5d6309bd0c1a898859cc3764f1df7cb9ac48afa710b097d6ec67c0264 |
| SHA512 | dbfb484e74aee1b45911ab38373ecfc13210cc1acb24a5dcbfbe51b42dbdffee09934266e0c0303103b3c5f4d2ca42af0238a01a9d0d6116a0f80273ae1912a7 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\4S40CUWM.cookie
| MD5 | 068eb2645c0c7e92e05e0c2bfab72efa |
| SHA1 | 9f63f99b9ea0c73130aa080cd5eeba419f395493 |
| SHA256 | 58333ffd23f42aa5bdab04be816af415f46504c7713409386e7fb475b7a76077 |
| SHA512 | e14fbd76cefb051b4be2d03f3decb633fbb44d15fdaf0be146f9878c8ab8fd7bed4cabed6697e888e248d7f7712dc0b19825ed052ec682a9a9673f0002ce3eb2 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\A575Q0NN.cookie
| MD5 | 6711bc69bbec99f1fd7703b9b32921b5 |
| SHA1 | 8bd1e7d436db4987c6946ae30dd40159bdcdefc2 |
| SHA256 | 07898a6119a1ab79ef74d3da1ffa7c51adc05917973d8229c2655a65f2031b94 |
| SHA512 | a53fc878787cfc30dc554129bf0c2acd88bd55a5ba103af2755eeeb35d8cb5320d10d59f6ebc5df843a4b67e44af1d6823cb1ce4fc7ecb5888dcb7bf34faf009 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\BX8NBRDT.cookie
| MD5 | bafd76a195b07d00af4f077b130224d7 |
| SHA1 | fc61a6b31883cf626bfd4a61db072129a55b9d4e |
| SHA256 | e6937cd18b336d0f5b35159907a3c242637428638822dfb49e5f533e35a2b15f |
| SHA512 | 5357e7296e12ce0ee5f51db2a734a261ec9c367f639cd8fb4e4f008fd0c15be0eb92e4e76f9a19ee65d0377c9992062682231ce16f70d04763e65b9145a7d022 |
memory/4400-155-0x000002D4461C0000-0x000002D4461E0000-memory.dmp
memory/4400-166-0x000002D445E40000-0x000002D445E60000-memory.dmp
memory/4372-211-0x000001DF3E020000-0x000001DF3E040000-memory.dmp
memory/4372-209-0x000001DF3DDD0000-0x000001DF3DDD2000-memory.dmp
memory/4372-213-0x000001DF3E070000-0x000001DF3E072000-memory.dmp
memory/4372-221-0x000001DF3E250000-0x000001DF3E252000-memory.dmp
memory/4372-226-0x000001DF3E2D0000-0x000001DF3E2D2000-memory.dmp
memory/4372-228-0x000001DF3ECE0000-0x000001DF3ECE2000-memory.dmp
memory/4372-237-0x000001DF3EFF0000-0x000001DF3EFF2000-memory.dmp
memory/4372-251-0x000001DF3F010000-0x000001DF3F012000-memory.dmp
memory/1620-254-0x0000024F2CDF0000-0x0000024F2CE10000-memory.dmp
memory/1620-263-0x0000024F2D360000-0x0000024F2D460000-memory.dmp
memory/4372-262-0x000001DF3F030000-0x000001DF3F032000-memory.dmp
memory/4372-272-0x000001DF3F050000-0x000001DF3F052000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4
| MD5 | 7deef5b7ffcbfa20a0467ae75e5d116b |
| SHA1 | 02c8688f2e2520897d02d0b3305c2d8c05c954b5 |
| SHA256 | 05273955b75f660f7c1d3e4771d8bf225ab72b80dae864ff905640dfb1a52d3e |
| SHA512 | fe7f9fd07ae24a980037ab93f05cd61e832e64ccdc2b646430acc706373e892dae57c13ef6a3626bdb12e58aa1c4bc48c0407f2e263f57f9d37946fadfd58d90 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4
| MD5 | d62a11f6ae81fe0bb45f5dde3c477e69 |
| SHA1 | a92463ff8f3a26db97e45a110aacf7e8620c006d |
| SHA256 | 3e2951c909ea9200a233d450c437b9e4b781005059aac60c1513a2d96f97977f |
| SHA512 | f4ef8f6dad7957b0ecc32f46b10e05f554103867a1bc1fc133e83472e71b45f517e69feff1294310e3bfa30c61c6d0e95d733610629b2f81e0df1fbe844e7b99 |
memory/4372-330-0x000001DF40900000-0x000001DF40A00000-memory.dmp
memory/4372-340-0x000001DF3F900000-0x000001DF3FA00000-memory.dmp
memory/4372-370-0x000001DF42D80000-0x000001DF42DA0000-memory.dmp
memory/1620-348-0x000002502E100000-0x000002502E102000-memory.dmp
memory/4372-380-0x000001DF43240000-0x000001DF43260000-memory.dmp
memory/3416-386-0x000001C3B22E0000-0x000001C3B2300000-memory.dmp
memory/4372-384-0x000001DF43240000-0x000001DF43260000-memory.dmp
memory/1620-399-0x000002502E2C0000-0x000002502E2C2000-memory.dmp
memory/1620-415-0x000002502E2E0000-0x000002502E2E2000-memory.dmp
memory/4372-434-0x000001DF413C0000-0x000001DF414C0000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\EILZJVZ9\accounts.google[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
memory/1620-470-0x000002502E2F0000-0x000002502E2F2000-memory.dmp
memory/3416-486-0x000001C3B4000000-0x000001C3B4100000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752
| MD5 | bed26a7cccdb93460883bab3128b12bd |
| SHA1 | 2cf245777d2195cbc043b2b97e6133599abe3d57 |
| SHA256 | ba0f4e704d9c0c62282308afde7a4f2fdefbac676b2383a781c9a75e7909398e |
| SHA512 | deb8d9aa4f21430d69f88d6d04ffc7c95b0eb657ba9c263926cb7c14803445253e90ccc56b0b299f3f930f7b1db3535a38ea840378e3e2caddb04d0269b95cfc |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752
| MD5 | 5e42aa9c691621c03ab65fa223dd9ea5 |
| SHA1 | 1152858d7e5b736692500d560a8f9d39b4d4a73d |
| SHA256 | 1ee9ed967c9b2fa994eb113f9dcd056007617cde6e91744a0e7db968128670d7 |
| SHA512 | d00e19572b08265310e5861f157d8a4a9049d308384c17e10d665546e542f68daacce5316f674e733382658fa7ec93d37a4ddc6a55fd5ddb92c8cc220635f9f9 |
memory/4468-574-0x000002236D7D0000-0x000002236D7D1000-memory.dmp
memory/4468-583-0x000002236D7E0000-0x000002236D7E1000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\TZATEZDU\9lb1g1kp916tat669q9r5g2kz[1].ico
| MD5 | 3d0e5c05903cec0bc8e3fe0cda552745 |
| SHA1 | 1b513503c65572f0787a14cc71018bd34f11b661 |
| SHA256 | 42a498dc5f62d81801f8e753fc9a50af5bc1aabda8ab8b2960dce48211d7c023 |
| SHA512 | 3d95663ac130116961f53cdca380ffc34e4814c52f801df59629ec999db79661b1d1f8b2e35d90f1a5f68ce22cc07e03f8069bd6e593c7614f7a8b0b0c09fa9e |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\ImageStore\tt1pipg\imagestore.dat
| MD5 | b49bd0687b2aab440f155a92f5d33045 |
| SHA1 | 6b6d52f2352cfac682caa7dca2c159d06f3e69fe |
| SHA256 | 27a5165841b64323ff1bad2a9d4b8eb00399236d0ab307219aaa1cde0ac78521 |
| SHA512 | 10bbfaa9833322b5de8b35a1416a7b3b6a9d2921669f99310de4dcc275f8cceb2a5c6751157662e3ea5a982057787dae282c515fbb902c668637234589fb9354 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\TZATEZDU\4Kv5U5b1o3f[1].png
| MD5 | a81a5e7f71ae4153e6f888f1c92e5e11 |
| SHA1 | 39c3945c30abff65b372a7d8c691178ae9d9eee0 |
| SHA256 | 2bc7a47889c56ad49f1b8b97385d5a4d212e79bb8a9b30df0665a165f58b273e |
| SHA512 | 1df32349b33f6a6fcb1f8b6093abd737fa0638cdd6e3fd90a7e1852bd0e40bc2633cb4e13c4824fb948d1e012e5cb9eed0b038b121404865495d4e57e123db69 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\JDX9H1QR.cookie
| MD5 | b82a49e5faa6f6317267f2edaef58ae3 |
| SHA1 | 7ebeaf19466d3febf598f4497c06899c47b7d129 |
| SHA256 | e43166e1c7f684b079fb35c4773bfb9964ce47ab8538a75201455803125407ac |
| SHA512 | 840d84514ce3f306bd2b95be14dbb9877f306f31922329037f5f6059c776506f0f6ebb65392856dc67505dd9223a4bcd8ff043e0f2757b9fcf9da29ea83348a1 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486
| MD5 | e082e5a87c160d5ebdf801e31dbdd7ba |
| SHA1 | 9ef3a34ac2480e907cbcd1db02bce11817fc1f24 |
| SHA256 | b432d58bf3cc22aede82954c453003ccba729d9787d026aa6a71778f5eb0af3b |
| SHA512 | d8ed3ee1331aecea0f489f929b901c66f7cc3e20670c1e3eefaf5aa768c041d4b083676005ddb58085c2144c558453cb6fffe63e1456fbdf6f8faf7c32e7077e |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486
| MD5 | a761f0c6f3b1db7d759fff7f8d8b39e7 |
| SHA1 | 70cb77147d9875159f6a018951997ac6097e96c4 |
| SHA256 | b2646921efbeaf40eb366f975e7bf88046b3b7be09a87d4e600c0de57cb7a200 |
| SHA512 | b5874e7e3ad9598f69b327dcdec33189b84a90ff963ad8bc36c85a701d2b333ad25fe1f0e0bfc7da1fefc65cd6018995ec8b3c7b9d6e668e0c5778c4e02445c3 |
memory/3416-651-0x000001C3B23E0000-0x000001C3B23E2000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\V3A319NQ\favicon[1].ico
| MD5 | f3418a443e7d841097c714d69ec4bcb8 |
| SHA1 | 49263695f6b0cdd72f45cf1b775e660fdc36c606 |
| SHA256 | 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770 |
| SHA512 | 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\Z1Z1E04H.cookie
| MD5 | e144f1ff033e31c386eae2bdc83f41f3 |
| SHA1 | 485688cbf1af55cf3f29a1c3ce9f1181c877be8f |
| SHA256 | acb4f0eaf98f741f1581d864814d5aad1bd666b45ef0bb0e2e1ac488aa1b4525 |
| SHA512 | 35910b84f9b9472d134a26bf58162643580b8e42ad59f48e363a02fa21af8a977f2aa11db3a4e7e907c7d35fc6f2b61da1559fac233b1799b9615decee3c34d1 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XEULW7VA\intersection-observer.min[1].js
| MD5 | 936a7c8159737df8dce532f9ea4d38b4 |
| SHA1 | 8834ea22eff1bdfd35d2ef3f76d0e552e75e83c5 |
| SHA256 | 3ea95af77e18116ed0e8b52bb2c0794d1259150671e02994ac2a8845bd1ad5b9 |
| SHA512 | 54471260a278d5e740782524392249427366c56b288c302c73d643a24c96d99a487507fbe1c47e050a52144713dfeb64cd37bc6359f443ce5f8feb1a2856a70a |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\PORTF42G\web-animations-next-lite.min[1].js
| MD5 | 44ca3d8fd5ff91ed90d1a2ab099ef91e |
| SHA1 | 79b76340ca0781fd98aa5b8fdca9496665810195 |
| SHA256 | c12e3ac9660ae5de2d775a8c52e22610fff7a651fa069cfa8f64675a7b0a6415 |
| SHA512 | a5ce9d846fb4c43a078d364974b22c18a504cdbf2da3d36c689d450a5dc7d0be156a29e11df301ff7e187b831e14a6e5b037aad22f00c03280ee1ad1e829dac8 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\PORTF42G\webcomponents-ce-sd[1].js
| MD5 | c1d7b8b36bf9bd97dcb514a4212c8ea5 |
| SHA1 | e3957af856710e15404788a87c98fdbb85d3e52e |
| SHA256 | 2fed236a295c611b4be5b9bc8608978e148c893e0c51944486982583b210668a |
| SHA512 | 0d44065c534313572d90232eb3f88eb308590304c879e38a09d6f2891f92385dc7495aabd776433f7d493d004001b714c7f89855aa6f6bec61c77d50e3a4b8e6 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XYL1AJQ5\scheduler[1].js
| MD5 | dac3d45d4ce59d457459a8dbfcd30232 |
| SHA1 | 946dd6b08eb3cf2d063410f9ef2636d648ddb747 |
| SHA256 | 58ae013b8e95b7667124263f632b49a10acf7da2889547f2d9e4b279708a29f0 |
| SHA512 | 4f190ce27669725dac9cf944eafed150e16b5f9c1e16a0bbf715de67b9b5a44369c4835da36e37b2786aaf38103fdc1f7de3f60d0dc50163f2528d514ebe2243 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XEULW7VA\network[1].js
| MD5 | ad6aa3451e397522b056e0b8efb6cc27 |
| SHA1 | 2b491439bddfd73418cde3ef59b309259c58928e |
| SHA256 | b6ecc4abde3468769ff07bc6f76f694f1e738aef7ef71572bf2d20f5b9d69eb4 |
| SHA512 | 6c113602e65e3ab2615e9c5ba744f03d57eca5e2b164dc62d2057b7a6b72ec85796ab26736f5fc14d9cd61dbd15ffd911f6cc38988e0934341327ed8f33bcf6f |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XEULW7VA\css2[1].css
| MD5 | 31aac18e149a751facc1eab7954dfb7b |
| SHA1 | 36d367dcc77416a166aecabb5f6fb5c6c29f3632 |
| SHA256 | 42706c41583de3f0028f16bad17197dde81807d148ba848ea3924aff4bb8b532 |
| SHA512 | df83002d751e6e73377b15966fa5ffacc7f6e2318821c691209fac9b6991d1113b385ca1fbf21e02455a5e5702d4247716c6d03d1938506e6ca740cdeffce351 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XYL1AJQ5\rs=AGKMywEozAOwriJtjTEd03-Z9Xpf-qO2ng[1].css
| MD5 | e768abe1b6ea3146ae643778518cdcfa |
| SHA1 | 6818db60ed74ed62549291b36fc0b973ee0361c8 |
| SHA256 | 70ab97efddda3b27a69d7a5678167e690f2c470afe4e03521ed4f15045ff18be |
| SHA512 | 674dbd0626cb7190c0b13af1932bcff2c884ed53773cec4fc29eea7a499cf7df4960735d94e5d7da8cccb7b5ea80138599f2c74f03ad8babb80e1d972d2d3ed0 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XEULW7VA\www-onepick[1].css
| MD5 | 5306f13dfcf04955ed3e79ff5a92581e |
| SHA1 | 4a8927d91617923f9c9f6bcc1976bf43665cb553 |
| SHA256 | 6305c2a6825af37f17057fd4dcb3a70790cc90d0d8f51128430883829385f7cc |
| SHA512 | e91ecd1f7e14ff13035dd6e76dfa4fa58af69d98e007e2a0d52bff80d669d33beb5fafefe06254cbc6dd6713b4c7f79c824f641cb704142e031c68eccb3efed3 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\W4G6HPUY\www-main-desktop-home-page-skeleton[1].css
| MD5 | 9deae13c40798dfca19bd14ed7039d60 |
| SHA1 | 4ba302a1435b094031e4f2e1bce1b6198f0cf825 |
| SHA256 | cdac5527dc3c1a9f38c6b00086b2a10b9e7eaa1e062314e548c1fa602d17bbbd |
| SHA512 | 95b093d926535fa9454e3776a3e219b61502ce67aa2e659175ae879133dd35a6efa1bfdbe5b6d3e3dd8ba1f0663892b44fd6f21be17fefa9725a234dff3c5d0c |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\W4G6HPUY\spf[1].js
| MD5 | f46c2d926d8f3366a9f85e6995d53a92 |
| SHA1 | 4b019b5f749359e6253d742f388a63144b4a7a5f |
| SHA256 | 85dbe993fc00b8066bd14bc72a4c65ede501739fecbae38a38e3e5871a8c1b42 |
| SHA512 | 4eaecdd438ec9db8fb4e8daa935ec83f8438884585647e519bc0fccda0329dbdbcba0cb3e4eb7ad44c58f29a20d07de451368430166c5b65f66581d6024df3d6 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\W4G6HPUY\www-tampering[1].js
| MD5 | ce762a9d30d6c70bb0516e8cefc958bf |
| SHA1 | da6cac9c717daa3a39f82f3421782c99edd9329d |
| SHA256 | a9fc343d602527a427e57671d021524a9ff5af7b3df1a58900a3b01057bdd8c7 |
| SHA512 | 230753fbb26e90438dd43874d02fbbb1ad6db9a0fe76da978ea47a8ca06fc99dd5e475104abb5dd25ce222423d9bda7991fd0ee896386561cd6f9ac10f8932e2 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XYL1AJQ5\www-i18n-constants[1].js
| MD5 | f3356b556175318cf67ab48f11f2421b |
| SHA1 | ace644324f1ce43e3968401ecf7f6c02ce78f8b7 |
| SHA256 | 263c24ac72cb26ab60b4b2911da2b45fef9b1fe69bbb7df59191bb4c1e9969cd |
| SHA512 | a2e5b90b1944a9d8096ae767d73db0ec5f12691cf1aebd870ad8e55902ceb81b27a3c099d924c17d3d51f7dbc4c3dd71d1b63eb9d3048e37f71b2f323681b0ad |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\PORTF42G\desktop_polymer[1].js
| MD5 | f5bd4210c8b975e4994b3d0ec83a3ebd |
| SHA1 | 944fa1f1bc57a8b1afe2ac374b2a7dd5982e31f9 |
| SHA256 | 35cb07492e001719daf4c1f395f414a8c1b49d4bf6642eeeb983512ddc58cffe |
| SHA512 | d877f5f241e7c31297895633b8188922bc66721a436d3c87c6b8e4cee87468eea15c857714dbf862cdb16e7aa3caec2886b9dbedd600766ba74866df3b45de0c |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\PORTF42G\www-main-desktop-watch-page-skeleton[1].css
| MD5 | 81b422570a4d648c0517811dfeb3273d |
| SHA1 | c150029bf8cebfc30e3698ae2631a6796a77ecf1 |
| SHA256 | 3c8b38d9b8a3301c106230e05beeedbcd28b12681f22fd9b09af9e52dc08635d |
| SHA512 | 1d4966a88d7cf6be31b8f53547a12db92cabb4c05176abe995c75c8889765ec68b7210c3be75f60954ceb2938412fbdeb94d4d25ddc927f3a89eca76a84a9ebc |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_F6E3C65FD23342E50616493134DC9A7D
| MD5 | bfa7b255b0420333257f9146630ad85a |
| SHA1 | 02e3cca69dff8261480dfa02bdc4e844c8179595 |
| SHA256 | 6ec7cfb93c34a5dafb4a820278b90ff90cdbcdcbd386de524417bdafd12400c3 |
| SHA512 | efa7dfc731bb9b7f59177f0aacffc4eaa44cef2bd179667ee546a3844eb86915edef6c1c96861f3843e23e144c1f4cfe529bb5bb633b9f12848c5d494ae4f798 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_F6E3C65FD23342E50616493134DC9A7D
| MD5 | 0ec8b525ab99edd4dc3d624802636711 |
| SHA1 | fdbd9bbf4067a547e9dcbdba11c379f6bc273224 |
| SHA256 | 4dccc5902502f636e9aa735ced7478d9c5565f6ba9c073a3d941828fdf4162ef |
| SHA512 | 62e2159cfdd6c1a87626823597229d45880d7c7194b3b39af0019db627764ce7e82f11f729edc7491e9c9ff781571d8e156ff291a60d6dc83d086043e1bb7f95 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 2f4d3fe7aa640d06de181cc6c2babebc |
| SHA1 | b73522a906d29b1e64a68427a32ab17907f0d462 |
| SHA256 | 0b2fdb56ff8840f7ac266ae38fd44ff2a7181ec174033ff60d5cdbd720397a50 |
| SHA512 | a9ce7bc89e5639f09e27d7c3466c0df746d1fcf89d9ac7ba23218e50ba0de6c750afae4ddd6c7ef48d14cfcc72f27674e1cb2a7181431216dba9e5d4cb9bbe11 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 16b7586b9eba5296ea04b791fc3d675e |
| SHA1 | 8890767dd7eb4d1beab829324ba8b9599051f0b0 |
| SHA256 | 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680 |
| SHA512 | 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XEULW7VA\KFOlCnqEu92Fr1MmEU9vBg[1].woff2
| MD5 | 08c655068d5dd3674b4f2eaacb470c03 |
| SHA1 | 9430880adc2841ca12c163de1c1b3bf9f18c4375 |
| SHA256 | 4fc8591cc545b7b4f70d80b085bf6577fad41d5d30ddd4f0d0c8ab792084c35e |
| SHA512 | b2fce4bc018fa18de66095cc33d95455a4d544e93d512b02bcb8af06aadb550cd0f4aecbceaa013857196c91b6e3c4565a199835cfb37c682cb7bddb69420198 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XYL1AJQ5\KFOmCnqEu92Fr1Me4A[1].woff2
| MD5 | ee26c64c3b9b936cc1636071584d1181 |
| SHA1 | 8efbc8a10d568444120cc0adf001b2d74c3a2910 |
| SHA256 | d4d175f498b00516c629ce8af152cbe745d73932fa58cc9fdfc8e4b49c0da368 |
| SHA512 | 981a0d065c999eea3c61a2ba522cb64a0c11f0d0f0fe7529c917f956bce71e1622654d50d7d9f03f37774d8eee0370cfb8a86a0606723923b0e0061e1049cbc6 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XEULW7VA\KFOlCnqEu92Fr1MmSU5vBg[1].woff2
| MD5 | 8a62a215526d45866385d53ed7509ae8 |
| SHA1 | 5f22bfd8ff7dab62ac11b76dee4ef04b419d59b5 |
| SHA256 | 34ccd21cf8cc2a2bdcd7dbe6bef05246067ff849bf71308e207bf525f581763d |
| SHA512 | 845f721e564e03955c34607c9c9cf4000db46788313ebf27c1d12473c7948cf2609b08b24093c5d01f6c97acc79456e7aa838c291462bfb19700bbfd07ee243f |
\??\pipe\crashpad_6076_PHKBSCCYHHXAXKYT
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 6e59048570455a193dfa4d07f836abfa |
| SHA1 | 87c78571eec6eb8e19c19769760778ada39b748c |
| SHA256 | 300b07a54eb8eb3b4426c6f540567d0681c8af423db212f1e02fbd0b83e350ed |
| SHA512 | 501ccfa53a1f153e258a931a546b25c86e52a78760585f72eadfff0bb62ca67ebea3b104d20382077cac6d8e965832cea94cf4c7921cd778dc13c3f843ad9d6a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 965c29adf97fa8149dff04d77c42b592 |
| SHA1 | bf5e91a26fea5348ff2db1c57cdc1db83c5e9779 |
| SHA256 | 0670cc4200d525497190ec4eacc9c3e4704ed3625d7a19f2dc16141d508f1f15 |
| SHA512 | 365ae0eeb86c97799ee2714f9ef6d37723cb2bd67c497270ec1f3ae60578a1230f79531804eb380f914de3321bb695e71529302d4d698755cb76ecd30ff5832e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8e824add29be0f790a51d758ae4a6cf2 |
| SHA1 | 0919ada471f8fe8ec28333bbca7f049b6bc78c80 |
| SHA256 | 54059afb5030e7dcfb41f7838544e162af9291c8b4b58d77732375ecfdacfde9 |
| SHA512 | 26eb90f056af5d3870c8a905bf1c2b5ca84948f9736670ceb2319ac42e8f4203ee8722ba3128fc6575137937349729e71db9ccc33d925e1a7b075dc796477782 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\datareporting\glean\pending_pings\f6fc9da4-916b-4873-9441-493f44a08b78
| MD5 | 47c0326de3c88d296f7c943dc15dbf25 |
| SHA1 | 5f4ab559d7d34832eee49a807c42181d6ed232e3 |
| SHA256 | feaa0255ed7c0df7e11c14fbad311f1c4cadc6f71a4a545a71ebdfb01d700bbc |
| SHA512 | f0e540b7c90e1cd0980c26630629ca492e55de4ebdde8d5136c8d532efd24adcc0c8b4709a945e14ea45a1ff9315098ac4a55cad3aaecd2acfb16f514693a092 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\datareporting\glean\pending_pings\58fe9ac3-2f65-4001-91a7-586ff481d937
| MD5 | 24327a3790ab96a148a5488e4d26a144 |
| SHA1 | cca21befed36b3aba514edc3b5c57a0467825395 |
| SHA256 | 40171265d1b94a2ad00f22c6681b2e400661c1d3575e72fa7e2205ae5b93c962 |
| SHA512 | 363820a72dcfa1c8773d9ae781c76a29131e5caefc179ac0a1ff662d1bd3e73d21eccfb552231e23b84f67d95546fea8b664258a3eb50db6eeb3eb3a81b2f5c8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\prefs.js
| MD5 | ee67d64f38ef4ac736783760037c025b |
| SHA1 | 027f7229a8b4507043f938e09fa7975960cc9c11 |
| SHA256 | f13bdb21306eef0e9b8b510390546b6dceea9f8ff005b9f1ea0756a88da8a01b |
| SHA512 | 17119d92a60aac65dec699bae309389a113e382c4a08459d42ecf1a482e5779ba611b59f5a3e5553a41a57dd333f36b3ad1da4ccba3714452b929214cdc95fa2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\prefs-1.js
| MD5 | f3583ddaa47ddfd9a13b7a1f068d57e5 |
| SHA1 | 85152defbf7098ca63180893601c9e0e095da6c0 |
| SHA256 | d840bf4ff381cc683f3263e7ec28f0ca5708d76ab4bd66750c0205ead1ec91c9 |
| SHA512 | 229ea0bae31497e74ebe24c54d5d66625e53a7f6a56cbf46a060e49566a7097f22c8540312b24bce1c99b16d118bf772fe90c24c8b45271d779151d7736875b9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | 81ce148c8f39402740775c9b2a11fd01 |
| SHA1 | 7db05d4ffc3c90a6c3cdf85876bbb7e47275430e |
| SHA256 | 9162f15d49bcc6c2d8b2b2e36652ab9d7bff481d6b9ffda7c5b82382c77b8830 |
| SHA512 | d412d32acab4dc7b1837fc491c31d5addb947763162db67b1042ff973eb625e1e7a1d01b597fa6eb3285b4f64d37821bc8a0acd35c4e1ef9ccccb84aed135697 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\28jjyjhp.default-release\cache2\entries\F96A1A8368D3C3DD1FA81D170326E6C1C65D342F
| MD5 | f979afb5dec5bde30a3188706a6b52f0 |
| SHA1 | f845f72a26c5a7ce1d876dc8f28186efb7f016ed |
| SHA256 | d0771e661154a855625cd941a9b766b2aa41523c39a16bc96a4647625aae1399 |
| SHA512 | a033b3fef67316cea49341d029a810fbc9b247e0bc2bc8845b195ade5b1b4aec4c7d7ca3ea1f5602645a755f649aac2805943ab6f836ce7f25acf11b43603c03 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\28jjyjhp.default-release\cache2\entries\2BB62A5F508187291BB477E79601AC81B652604E
| MD5 | 07db04401b056182f95857d5664d0637 |
| SHA1 | ba4781f578e27f02e6f016b665eb81017447068e |
| SHA256 | 7e578f032ee64887564600bb000f48c6fc3d754619d164b01a92dc3a7fe0d077 |
| SHA512 | 0765b5218fc4a73caf939e9e185a1d0f90d7db6cc13d667cf95e5aaf9d1f1bdb16659388341e42e982ba28a61d72c534185139fe53aba60f9ff26deaee9ba2fc |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | d3709c5ff0ecb721d491d2ae15cdac81 |
| SHA1 | afe946a9da3648f4deddf85d655741166dfdd43b |
| SHA256 | f2c2a22f1889c328f3acd14a4bec18f4d930316c849b3ffebf232f0fe28a6609 |
| SHA512 | 692fc3c0142f867504fb879db0cf3b4510963d8e1a509dc7157c0a71403da3aeedbadf6fb633adbace2df4fd39b8c5693b50adfdfc554c28edc09998e8989a19 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\prefs-1.js
| MD5 | fc1bae0453016dd22fb4ebcb1c37f8ec |
| SHA1 | 46531d44cc9ef697d5ff84954d0e8e5a9dc75448 |
| SHA256 | 79c3e84f531437984b558b4fa3575df922c8f88184e2b689776d204d4d3cea24 |
| SHA512 | 3543cc126a5d186a41b7aa81642045f1946e555992b7c4adc2aea9e92f149cf1caff22489d7c7239ee1a0c93d3276d26e6ebc364e24b16e528090eab61ab4058 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | af29adc1fffab2f8ec4755f1bba0168c |
| SHA1 | 54da0bd2e980174295b6a85f78f289f82341cede |
| SHA256 | 7ed17d866538fb1f0210454c582c6467fd931fae683a031817e43ab5586bc268 |
| SHA512 | 47be6243f6dfae3de196958434b939c572a4a0d3f3bd4cc4514af69e881694e889610f8cf88d52f60a411357e820066770990fbeec42a7c9dc70dfb930da75dd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8a9d8fb3ceadea069e364b995bf33f05 |
| SHA1 | 095545316f169f359532b0bae3cde1c12b75faed |
| SHA256 | 4a08755784ce660070e590858f729d6d425db6b16842f6e193156be03e8c0705 |
| SHA512 | fc3f397e7c8478e6c3cc76a79f75dc0b614fcc97a42fe16f42227ec528e139b72accb37d40533385d95bb773f8fe6f9ebae3c8624fb71dd1e46db8f95fd713b4 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\F997UD8T\edgecompatviewlist[1].xml
| MD5 | d4fc49dc14f63895d997fa4940f24378 |
| SHA1 | 3efb1437a7c5e46034147cbbc8db017c69d02c31 |
| SHA256 | 853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1 |
| SHA512 | cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0616190b993768c673642a1072d9a132 |
| SHA1 | 785c15452cbf2ce09fe1c80d244adb3b0a60c329 |
| SHA256 | baa2e1625ddce4f2754bef4ea9c81e37c169b4b970ddbd4451aea05135ba6fbb |
| SHA512 | 7e77397f1581efe9047bf779738b039c3d27943e799d930221b4a14ed942d4a94d132e9549466daaf9bf7a3e4dc9e762222635ee90b3a96668ca1164479f314a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\storage\default\https+++www.youtube.com\idb\976195807yCt7-%iCt7-%ree7s5pfo.sqlite
| MD5 | 0a3c6215e0058bf18cfd680215dccf1c |
| SHA1 | 8e96cb0aff3649418f77c3bce7c68a28cf5b9b79 |
| SHA256 | 59475dd405d42fa0f75dcad05b7b3d0e100a0669c8ce2ac1c0337c225bc25ad1 |
| SHA512 | ad2a2b7a5a408733d99f7952427ca314bfc7cd2b66653e0fc63fa6f4e3bc186bf919b7068d43aa2b88626a0dc74ac4a24f94b34225f53b663f514d8560ee6bd1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir6076_1315421683\Icons Monochrome\16.png
| MD5 | a4fd4f5953721f7f3a5b4bfd58922efe |
| SHA1 | f3abed41d764efbd26bacf84c42bd8098a14c5cb |
| SHA256 | c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3 |
| SHA512 | 7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\storage\default\https+++www.youtube.com\cache\morgue\41\{f20fcfac-c547-4fe0-9bc0-66b0e2b66029}.final
| MD5 | 2a252393b98be6348c4ba18003cc3471 |
| SHA1 | 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598 |
| SHA256 | 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee |
| SHA512 | 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\28jjyjhp.default-release\cache2\entries\5386253589D09F6437E215B7DD9D35AC8A9667C7
| MD5 | 661d947fe66fb2d4d7433e41bb21836d |
| SHA1 | 411877927b85c3af77f073f611ea03163b1cd207 |
| SHA256 | 641dfc2a0e470ce3e87c7a2a7b2862283ba7bd330a57a87f91c73ddf2f2c5251 |
| SHA512 | fa0ffe377d3fb3c010ec477839ae5e7a1eaabcde61f5b852d49a6ec718d0aaab7931963fff7064a8d71f229dd874837229a4656eea917244f6d94c9ec2122162 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\28jjyjhp.default-release\cache2\entries\B244729BC80B4AC34542A2CF7ABB28C54E8B5AC9
| MD5 | 970dcc07365ad505c67207340e833e90 |
| SHA1 | ecbdceb1787a4b0d3e121384b339385da04e4237 |
| SHA256 | 9119c7504972ad7fef17a6effd8a2f6e8d5a4f854c8179c6746636bbcf22e7b5 |
| SHA512 | 0e2f5f5cc04c6ed6b4c32f7665d6cbe6be9b2b5a7a0fc3a3224b8bb1e97d96e5c7a7ee7b78f3f3c1c63b1e29527ae6fec337e4b26caec7e8ee4ad50d3faa54a0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 952f7f8dfbe96726a9c18bad73537226 |
| SHA1 | 57c9e06562f5eae059eea6f20bf3c660cf7af8e0 |
| SHA256 | 7f81bde36a263f1fd08b399f277a0b41abf729d0cc50d1111425bf186fc7613d |
| SHA512 | c21fd17a4cc95bf16527fc546b7de10962f2814d4d0a457579563b5bfb5058ade4bb2a4b9b4e169fd0009b4b4a0ad7fe3dfc5bcc8deda107c37ccca3704aa2c8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5816b0.TMP
| MD5 | 0e6ad24f97a5ef9509fb4c75e2ba7752 |
| SHA1 | dc7d79eeb393ed57b9f5e3549af96f4b5360ce2d |
| SHA256 | 3714bb1e2eefae1a15db7345df1b462f531750bc4e7a5583c8d4b3c4608c1291 |
| SHA512 | 69d356871b143a7baa34131e05444b0575f6b2243bda3ce783dd4a9c43e0e256a7703f08ccbc94062cfa4d60c73e0bd6236e3a7e724fc0adf71f88756183a84f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 0a14ab3ae4966c1e51962d24a977de3f |
| SHA1 | 6b7799abcf09991d254136c172b47a61b6948acf |
| SHA256 | 4ba3ddd638b1d24f433634707b06e191c5e69630b4747eb2b826ab1def45801d |
| SHA512 | f976a49db0f756c5637b56c34e14c55b2706dcf473996415865d485608225fd0fe16cab2a3cada2a0258894832c18c33347249a507f434b25ee49983f880fcc9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | b2ec55a02522c309fe19888f6ed0ca48 |
| SHA1 | 2c448e6da73c3afba37beabf8e17cfebd6374688 |
| SHA256 | 864b51607486ecdeb53098772a89da36936158dc6c5b0b83cabd93daab204f10 |
| SHA512 | 12ebf6989340b209035c93076badf644867660ca75106eca5eb9a4ea4d908cf20ba8f32103b3182b1f4a2047c76aa79eabd636c58052f1b83a5be2eccc2130f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\storage\default\https+++www.youtube.com\cache\morgue\139\{af4e575e-9dac-41b1-9e3b-e605b41b868b}.final
| MD5 | 51bb0fe00991a2ae6707b3aefc583918 |
| SHA1 | 21ec201ebf41ad57faaab02f7961ce5a746e6dbb |
| SHA256 | 97dc140355b2b45b54c3dab1ac66b951afae0bc742402cbc342be117f4424e0a |
| SHA512 | 41863cc0f1252366a5514dd62a06f4bba493029b8c7a35e19173b6d7f9114e7098fa35d284623b6641d28f7d7bee1ce99064987afc985dbf0354368f71f9a39b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\storage\default\https+++www.youtube.com\cache\morgue\230\{d8b65d4f-73ba-4c93-8f65-c5fae0caa8e6}.final
| MD5 | 45e25bb134343fe4a559478cd56f0971 |
| SHA1 | 79f18ad0b7e3935c3231ced0edd8ea3c7997ca93 |
| SHA256 | dae4dd8e56ccc952312b3b238a1db294d4d7ad4f532c31cd1c2e5f9dee881678 |
| SHA512 | 9b32b125c4183fe992630bc6ce9a511157959556fdce53f8264aba2aa8fb7b0e53b408b505da2cc96cdec771470927e74cba3bbd6eb71a5077e9f933cdc85292 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\storage\default\https+++www.youtube.com\cache\morgue\50\{2116ee75-96b3-4465-abc1-1c49b2075d32}.final
| MD5 | 5b0f165bbdb71faa1bb5b26c4f022e96 |
| SHA1 | 704bbe81e0d8370e675246e1cbb347bf8599aa45 |
| SHA256 | b95a445bd9d295276e8423f1ad3fc50c740512a634f2115364217544bc87d44f |
| SHA512 | 6c521b2c55135ec98f79193bf9c62b73cfb1801cdeed03a9871878f677aacea46cae165a4290682768ca1c1192dff2e87b63c39228164d72d2c7abbe732f8d20 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | daee70342d584f316bfc8966f229e61f |
| SHA1 | 69f33114ff87a25474313ac1efb52604076c4e14 |
| SHA256 | e89a078ad24754347b07593dc774c4ff83e8dab20f7e77a1bc11060ef10b1bdc |
| SHA512 | 5a83d48c7ed309f360ea515d84e0859263aecd6d8bea3c4eb2ed9ab98c59c4234399fa06b29a96fa9dfb8346dca735554f58838a58f16bfbeaf9e5777b469714 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\prefs-1.js
| MD5 | 77f58eaa97cda84993473982ab03fa22 |
| SHA1 | e50960141faece988efa2e7c7c669c37727b2a0b |
| SHA256 | 3fca18a6fb7e098c100a87525799894873e56a97646cd0d144a43738a3b3203d |
| SHA512 | e854b74f3286e750fc8ee9d782fc3ff5268fa4329f8727568bb60dc96a00dce8c4190603245e7a6209a9d09e16f2af27cd62e55aba7fc704b8dec1333045b97d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\storage\default\https+++www.youtube.com\cache\morgue\218\{e63477d1-6d90-4b0f-953f-14c911da3cda}.final
| MD5 | d0d1672cc7d147f9f802ebefdb01e914 |
| SHA1 | 22ed7eb147f695ec1df8ae6f43cb7787dd0ea652 |
| SHA256 | 62efa98b135e5ef8779b99489ab8200b60026a5b1000ff3c997f3be230febe2f |
| SHA512 | 7f8ef8af3f57a6aab90ccda6ab1079e43630de11d14a780786a1b0f1ab057d7cfd5ab512b53ecd8ddd1bcc669fa56a0c260b2df421db64e3855dee7d63251a68 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\storage\default\https+++www.youtube.com\cache\morgue\27\{6f63470b-2ad6-47c6-bd0b-1a0f9220411b}.final
| MD5 | 7981f433590b9d8b8a3ddcbd9d4a83ed |
| SHA1 | 58944a6101a8cd3e37574d26f2d03638c0fe2b2b |
| SHA256 | 097ca92e3fe122231764cb6d23deca18894c83cbd4128b39e925c88c061096b1 |
| SHA512 | 67e541767b07de4f4a1b88b13c5ae2f0b0df41c09b22648d8681cd7e7cb2cc7d0c15f685f8d6165317fa5956687f46731867892d3e811b78a9b6df2eb3565d4f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\storage\default\https+++www.youtube.com\cache\morgue\221\{bf6d8ba2-cdef-4afe-aee1-c3783678d3dd}.final
| MD5 | 2300eafff09d478fbf68f49fdafbff49 |
| SHA1 | 12f127da15a69beece4f71f600975e0503c77ce1 |
| SHA256 | f8c94c9f9dd4455eb89053d024bfd28afa482a9c697732ce5acb2df3144e885f |
| SHA512 | 93d447b0a87e4c25dbca71a80a198693b12c684c0a96b370693d693899230460bbd8c85c137dcc0b4872bd2d85fd0d10bfe3f4137c1b08f01da3a9bbfa481447 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\storage\default\https+++www.youtube.com\cache\morgue\187\{256f7c7d-faa4-43fb-a2f9-b29a490bfabb}.final
| MD5 | 321ea72e49df8692233391c1f36451e6 |
| SHA1 | 2f016758fc5830a806ed9891e574936db521c034 |
| SHA256 | 8113ef313d8a5519df57034e29db538c65721112804bf1a1a446b8302ae7e0d0 |
| SHA512 | 86d5a408e472a62c2cfcf69a5fadc122f7a62dae866a36fdc4a7381de6cc8028af4ba51cec9c827b9815c26f75db82c4813ab25682c728c1f03d3bfc7ff21114 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\storage\default\https+++www.youtube.com\cache\morgue\0\{9304018f-c953-420f-9576-bfc4d2b06300}.final
| MD5 | cedfd917c042bfd5faea22058d451ad1 |
| SHA1 | 5a98904fbf1c9bea6d27f75c42aa49c66db8c54f |
| SHA256 | 9cfc9e25c7e723abf5c14049886f33d836c6ab91b40218920efbdc864764f3f2 |
| SHA512 | 5f7513b881549aba1fad170019ddf45e780ddb6a576e08365f4c9ab2c8bf4e7d2d5053b1db4ec6a2af570de21a182fc8981a0790881172d8605c023fbbbba4d8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\storage\default\https+++www.youtube.com\cache\morgue\6\{142018f4-b298-40ab-aed8-cee14ec6e806}.final
| MD5 | f8a4486578289f338eccea68bf578c6e |
| SHA1 | 6cbd17168a35b3f10b74a28f1fa3a83e161a7e35 |
| SHA256 | 264c3ef4f7bc3f390875ca49d87ec35f9c4f0bbb0eabfdb38073951253ca721a |
| SHA512 | e896ce1bbfd145a4c38f7e81a8afb12c3f354d5632f24f26cf19e8b5f1a466fca8d098e7277a4c0979170c37be25b6cdcc0654ae94f46908bde1810d4c03c3c1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1ef298af88f0194c3dd0635eaf10a060 |
| SHA1 | b27ff92a6df6c737a32a164ce510df37ed3cee23 |
| SHA256 | 1e072eefe13435319d2485c466531ce7b78a838b9144991b32edb63828747026 |
| SHA512 | a789f0f136f329e89ee5d864f11eb0797f7219a8ce72b07465b16f3f94fc563cb4a418ba36137cfe70928a1d23188188d9a279d6397275c0183c6b029c4df18a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58654d.TMP
| MD5 | 2d13431978ef2aac40e51c25bf86fb02 |
| SHA1 | ef16172d7212c129b32874c3c9345bf17abe33a8 |
| SHA256 | 554f4f996ee88c8d471cce5af00cbb5ddbd729141371c2026799fc0b209c45b3 |
| SHA512 | ff1543d077e818f62c0663ea286e6c6b20dbd4924e0fcfd982783b539cf0c49ea276522a2a386d3d6b5787db772d59990501ab0751db8a32ecee7c720d7e0537 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | e7d1b55f23c5aae4696ff78b29944c1d |
| SHA1 | 00aee5ab197b71f23a664af3ff44a04f913751c6 |
| SHA256 | 4b53b75c19ef0072312a38b1bc424df95155d270e01259590a8b9d9bb0be6be0 |
| SHA512 | 72545adb044d99e5a1391a05b998658c8b5a64e2946443e152a088e9ca1e38e6da7290411aa1ea0945ae414d0fb2e7e7a681695154dd196255e9b1ce2e9434d9 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\Y6VOD6HE\suggestions[1].en-US
| MD5 | 5a34cb996293fde2cb7a4ac89587393a |
| SHA1 | 3c96c993500690d1a77873cd62bc639b3a10653f |
| SHA256 | c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad |
| SHA512 | e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\prefs-1.js
| MD5 | 4c5fec978788184d54f1a13d04a486a8 |
| SHA1 | 0cece58e3c0dd1738939b2d5adaef6cdaec2c51b |
| SHA256 | 929e2b6d191d8c025a8f420f3d13828ca0de6065a873f3e904c7eee8c8ac1690 |
| SHA512 | e5cb2d2525c15aefb80af168afb0d1913f43036366fbc5d15e04e4f766a8509a6b91baab7423352b7fcafda3a248da53e81bba187de8019a68d7bdd3d5c8578b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | cd762aeeda4e0f76df84350c3534e9fd |
| SHA1 | 65aee698b628bd10aefa46bf04e332511ba32ace |
| SHA256 | 6708a17bcd29e3b8c590a1c7aec35dc28b643de8c84980a66a038874f7b9c9de |
| SHA512 | d22a64f553c78aa9ac8ab713c61c40f155eae79ab16dbc4f760013cf4aa588a27084a05e04996e46eefe8dad649e0acbc17d55c923d0140c712770e61b55865f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | b74891e84f7cb3c6c0dcf1cfa5110e32 |
| SHA1 | d6c296166c794560b7d3e41f2790380b46393742 |
| SHA256 | 7bb56b4a849fd385171124a91d8f60c259c6f05b4d2991e2f6156657357bf169 |
| SHA512 | 8a6d39315e26c3b070b35a9d3651e26e65087a9c3ae7541087abbe9d683a700b130605e2a8d0b39d42daedae13ecbe35132e9d9573e1f366b20bc91692bdd2e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c6ed10c35e787b159df5e1b616f0b92d |
| SHA1 | 8e5e80eb7272d1b3fbdf4f89c51fa7283c9dbb6c |
| SHA256 | 9e427038f31a986a589ce35a150ecef4c64bfbd00beaf3a5709fd361d96c1d92 |
| SHA512 | a843ca1f4a03e374664be6ddcbe9fcf32c9d29964d655df2eb74223f0a8577cb658d3ce73ac5b3d130198f5a2d47d1a5cd7b3583eae8f59258c46a63d08e5c57 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\28jjyjhp.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | adb3b345e97dc77747821090a6870cc1 |
| SHA1 | 74276ae0acf4e966e28fc6c15b03fb18e12a78ed |
| SHA256 | 92b40716364c3f37679998db3ab747fcc02308e0d8ca200a80496526bc4ae608 |
| SHA512 | 63404997017b382984765031b4c9e5e9d2e5ce89cf180968377a1ddad913c6cfcf344859e8e00a377fbdfb9af68c42ea0f22fba50a19c37b490340ce6d3169a0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a0ca2ee82dca5d5d7da8e15696655e89 |
| SHA1 | 6c09417b2d525c763673dd5af5c5a7da8aa1d114 |
| SHA256 | 13cf0ce3b0f82f57bf4bc8de5ec991644b32b3d5ec4f5e311d40cec57dfe749b |
| SHA512 | 6af3f91b62c7bda3f1df08f0ec217d4bda6b6fc1d66bd8bd047b46e328992630439687a0ae6579bf7183edcfd161152e72d2a6a2df5d1f9b3060c6011a6d07e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | afbcd35bf0b9cbce01e29b01de3eb2d3 |
| SHA1 | 2d2983e1b69251e783de52c91138ad4b4e14f803 |
| SHA256 | cb9fe8e3828f84e29f28596401ae6a5c52913f8059f497ef136cf0e43e6c1237 |
| SHA512 | 365e3e94763fc53946e034884490280d093d756565741a0449f3f3aa8c12aed879f079242cb74b37ca5fa6c56d657d8b07d2a2d823255a0bb845c545e0c02fc4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6320ab3aa048fe3d37063dff50ba0458 |
| SHA1 | ec598cbd8928b07581470b275ca76832cc201640 |
| SHA256 | fcbb80d1670ee19636f4c57d590db4c0fa8fd1d9b9bcc0192d74083afb1202a4 |
| SHA512 | b6686259c13d6d72a1461b0b8d92f339a5114de968baf5423e128e13297b6fd8bc7caef088bb6c56c8b415959ba05deb6c1224c77ddda8c1e7ac551a6759213f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | ae5ec8bd271d05a6f19c2f98be8b990e |
| SHA1 | 83644c48bbb815ff99796e46b0da6d2d95b3f1ff |
| SHA256 | db2822eb7ef10c5ace976bca686a30be1b6395e89ffd18b2b7a6a4c1fcf6ab1a |
| SHA512 | ecfe1e5b9b8d890ef9c10f43e9c02b3afaac2d2193400fbd03b4e8f02448b5cabd80b9f4a0dfd125471bb6b94498842046e96736d6b06f9bac0cc7f49b980d1f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | f91fa49deed0ca5aa8855e0f1670a6a6 |
| SHA1 | 1dde3a6c19488ae2ed22b248fc3c545b4edf12af |
| SHA256 | 7f10feea55bb068bb0b28b625bb4096daa162abdf5d529b578daa73bd60fe444 |
| SHA512 | 9d17195dc052e4c56cf8be70aa855262968649f5d260179ea36601c9980c8c84c492e91001087966a2fbef0c940ab9c17652e5e73a77315caec8d715fb00c27b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 0eb58d5f27528c9f1a0eedd31fc1e5cd |
| SHA1 | fc4603595c139c71ab9ed00164a48e8a3dcecf09 |
| SHA256 | 45525d14abe8f1e2564c9a5f438e1bb412edfa1c2762a565f414eb08dad05969 |
| SHA512 | 82fe5a0cef675ce3dbf63886651794ee4c834961c112e03336749801b746ffd7b34b83f6437cadbb2dabf9e7f2ce914dad26b11e5425ead82f23ba5750be9018 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 310718e0d5d125dc87d840ad861cb382 |
| SHA1 | 01227ed0ee0fb7e17e22ed9108c25e517f4044cc |
| SHA256 | 994d3809841495f44c679f6f66c42495393c6347172b820af3ef8653129609c0 |
| SHA512 | c4165abac05265c7cb822505c732d484222d48bafc24e0cc199e9b28ac2efca796813e43543431336960e4b9aa847849c1b2d227cceab846f5ade8140767557e |