Malware Analysis Report

2024-11-16 15:54

Sample ID 240212-szqyfahd3z
Target file.exe
SHA256 9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9
Tags
google phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9

Threat Level: Known bad

The file file.exe was found to be: Known bad.

Malicious Activity Summary

google phishing

Detected google phishing page

Checks computer location settings

AutoIT Executable

Unsigned PE

Enumerates physical storage devices

Suspicious behavior: EnumeratesProcesses

Suspicious use of WriteProcessMemory

Checks processor information in registry

Suspicious use of SendNotifyMessage

Uses Task Scheduler COM API

Suspicious use of AdjustPrivilegeToken

Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Enumerates system info in registry

Modifies registry class

Suspicious use of SetWindowsHookEx

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-12 15:34

Signatures

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-12 15:34

Reported

2024-02-12 15:36

Platform

win7-20231215-en

Max time kernel

37s

Max time network

152s

Command Line

"C:\Users\Admin\AppData\Local\Temp\file.exe"

Signatures

Detected google phishing page

phishing google

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{292383A1-C9BC-11EE-AD08-DED0D00124D2} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 602b0201c95dda01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff6f00000019000000f50400007e020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{29286D71-C9BC-11EE-AD08-DED0D00124D2} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d80bef292bee784c8e3c940d61fdfeb800000000020000000000106600000001000020000000b71e261ed39009ef8c0fb86fac6e1e59d90c48fd3a8a80d597e931f03d7b22aa000000000e800000000200002000000056105b1d1ef5d5dcfecda71ef3c519245142e044ef60cca5faee9976a79a5f0390000000fe3de3e25d26992fdcdb2987f23b44778394a7eeb5149d2a1495b23a8942c8e1140b19e2600abf80aa441a2f9631690caf32912b988a4dfba72dbd8eb2a2891a1da68b92df8b869be318afa731fa25e444ec4f7bf1de7f68da41c3931ece25527c376207ddebfb287f5d457a90c675dfc7c360c77c3930de490a061505a463f5e4d59ce2e874c40867143ded2a8cc3e040000000a3eee23a1f27bb4ea8572d76120e58fe80a95d095ee3f893de3a752671b38eee38f0c429fd1166515598edea3c16327cca91fb0d2c1d0cfa4f4e9d209390e7c4 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com\ = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DOMStorage\facebook.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff5600000000000000dc04000065020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1588 wrote to memory of 2984 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1588 wrote to memory of 2984 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1588 wrote to memory of 2984 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1588 wrote to memory of 2984 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1588 wrote to memory of 3056 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1588 wrote to memory of 3056 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1588 wrote to memory of 3056 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1588 wrote to memory of 3056 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1588 wrote to memory of 3032 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1588 wrote to memory of 3032 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1588 wrote to memory of 3032 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1588 wrote to memory of 3032 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1588 wrote to memory of 2712 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1588 wrote to memory of 2712 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1588 wrote to memory of 2712 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1588 wrote to memory of 2712 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3056 wrote to memory of 2560 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3056 wrote to memory of 2560 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3056 wrote to memory of 2560 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3056 wrote to memory of 2560 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3032 wrote to memory of 2580 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3032 wrote to memory of 2580 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3032 wrote to memory of 2580 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3032 wrote to memory of 2580 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2984 wrote to memory of 2616 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2984 wrote to memory of 2616 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2984 wrote to memory of 2616 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2984 wrote to memory of 2616 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2712 wrote to memory of 2636 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2712 wrote to memory of 2636 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2712 wrote to memory of 2636 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2712 wrote to memory of 2636 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1588 wrote to memory of 1568 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1588 wrote to memory of 1568 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1588 wrote to memory of 1568 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1588 wrote to memory of 1568 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1588 wrote to memory of 2336 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1588 wrote to memory of 2336 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1588 wrote to memory of 2336 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1588 wrote to memory of 2336 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1568 wrote to memory of 1608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1568 wrote to memory of 1608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1568 wrote to memory of 1608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1588 wrote to memory of 1672 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1588 wrote to memory of 1672 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1588 wrote to memory of 1672 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1588 wrote to memory of 1672 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1588 wrote to memory of 2220 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1588 wrote to memory of 2220 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1588 wrote to memory of 2220 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1588 wrote to memory of 2220 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2220 wrote to memory of 2952 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2220 wrote to memory of 2952 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2220 wrote to memory of 2952 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2220 wrote to memory of 2952 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2220 wrote to memory of 2952 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2220 wrote to memory of 2952 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2220 wrote to memory of 2952 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2220 wrote to memory of 2952 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2220 wrote to memory of 2952 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2220 wrote to memory of 2952 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\file.exe

"C:\Users\Admin\AppData\Local\Temp\file.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.linkedin.com/login

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/video

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3032 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2984 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2712 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3056 CREDAT:275457 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef66e9758,0x7fef66e9768,0x7fef66e9778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef66e9758,0x7fef66e9768,0x7fef66e9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef66e9758,0x7fef66e9768,0x7fef66e9778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2952.0.569517365\1243755749" -parentBuildID 20221007134813 -prefsHandle 1224 -prefMapHandle 1232 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b5eddf3c-8fda-4e0b-a802-4a19c07244a6} 2952 "\\.\pipe\gecko-crash-server-pipe.2952" 1336 1270bb58 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2952.1.1949927519\441406457" -parentBuildID 20221007134813 -prefsHandle 1528 -prefMapHandle 1524 -prefsLen 21610 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {80fcb2ec-da01-4278-aab9-145971b4cbe3} 2952 "\\.\pipe\gecko-crash-server-pipe.2952" 1556 e6fb58 socket

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1112 --field-trial-handle=1276,i,2807161581787458866,18084746529992675497,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1128 --field-trial-handle=1276,i,3459911917945683214,9151587605831344992,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1632 --field-trial-handle=1276,i,2807161581787458866,18084746529992675497,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1512 --field-trial-handle=1276,i,2807161581787458866,18084746529992675497,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1092 --field-trial-handle=1336,i,13139322185911722314,6585896383439335450,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2172 --field-trial-handle=1276,i,2807161581787458866,18084746529992675497,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2144 --field-trial-handle=1276,i,2807161581787458866,18084746529992675497,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1492 --field-trial-handle=1276,i,3459911917945683214,9151587605831344992,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1484 --field-trial-handle=1336,i,13139322185911722314,6585896383439335450,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2664 --field-trial-handle=1276,i,2807161581787458866,18084746529992675497,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2696 --field-trial-handle=1276,i,2807161581787458866,18084746529992675497,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2952.2.392416609\164175666" -childID 1 -isForBrowser -prefsHandle 2168 -prefMapHandle 2164 -prefsLen 21648 -prefMapSize 233444 -jsInitHandle 804 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c3bc39e8-965f-4d60-adea-775079cac905} 2952 "\\.\pipe\gecko-crash-server-pipe.2952" 2180 1a371258 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3052 --field-trial-handle=1276,i,2807161581787458866,18084746529992675497,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2952.3.2074364316\88922777" -childID 2 -isForBrowser -prefsHandle 2832 -prefMapHandle 2828 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 804 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {170692cf-ee9c-4159-b2c7-2cfb7fb79755} 2952 "\\.\pipe\gecko-crash-server-pipe.2952" 2848 e62b58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1476 --field-trial-handle=1276,i,2807161581787458866,18084746529992675497,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3500 --field-trial-handle=1276,i,2807161581787458866,18084746529992675497,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2952.6.1449462713\1376084883" -childID 5 -isForBrowser -prefsHandle 4012 -prefMapHandle 4016 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 804 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6a7fd2b3-d786-4dbc-ac1c-65cea2a5c77a} 2952 "\\.\pipe\gecko-crash-server-pipe.2952" 4000 18fad158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2952.5.210553536\1728849543" -childID 4 -isForBrowser -prefsHandle 3856 -prefMapHandle 3860 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 804 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {485e8da0-eeb7-4670-9938-72220e1c7cf0} 2952 "\\.\pipe\gecko-crash-server-pipe.2952" 3844 1f5a6558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2952.4.1748893339\172579271" -childID 3 -isForBrowser -prefsHandle 3756 -prefMapHandle 3760 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 804 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3ee0b77e-1714-4123-881e-b671cb455eed} 2952 "\\.\pipe\gecko-crash-server-pipe.2952" 3744 1e40ab58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2952.7.629095239\2031635643" -childID 6 -isForBrowser -prefsHandle 4244 -prefMapHandle 4248 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 804 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d9bbec55-fa83-40a5-b5e9-f64bd45a7355} 2952 "\\.\pipe\gecko-crash-server-pipe.2952" 4232 1f5a8058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2952.8.513976724\740025952" -childID 7 -isForBrowser -prefsHandle 4060 -prefMapHandle 4056 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 804 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {19447be3-8ce3-42b5-9094-a47e9d3eca4a} 2952 "\\.\pipe\gecko-crash-server-pipe.2952" 4072 1f5a8658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2952.9.168407794\1250957496" -parentBuildID 20221007134813 -prefsHandle 2008 -prefMapHandle 3344 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a8ae07ae-809c-46ae-934a-6ceb5159f5ba} 2952 "\\.\pipe\gecko-crash-server-pipe.2952" 3572 1d598c58 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2952.10.2016055400\1358996893" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 4756 -prefMapHandle 2008 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {25bfd592-315b-44bf-a2e1-ee2353c72938} 2952 "\\.\pipe\gecko-crash-server-pipe.2952" 4768 21d31b58 utility

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2676 --field-trial-handle=1276,i,2807161581787458866,18084746529992675497,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2952.11.1342196486\1488995114" -childID 8 -isForBrowser -prefsHandle 2116 -prefMapHandle 1044 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 804 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4b577fdc-7a9c-4f7c-ba85-a35999f1562d} 2952 "\\.\pipe\gecko-crash-server-pipe.2952" 1896 200d1b58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4576 --field-trial-handle=1276,i,2807161581787458866,18084746529992675497,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
US 8.8.8.8:53 www.facebook.com udp
FR 157.240.195.35:443 www.facebook.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
US 8.8.8.8:53 static.licdn.com udp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
US 8.8.8.8:53 m.facebook.com udp
GB 163.70.147.35:443 m.facebook.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 platform.linkedin.com udp
US 152.199.22.144:443 platform.linkedin.com tcp
US 152.199.22.144:443 platform.linkedin.com tcp
US 8.8.8.8:53 www.google.com udp
GB 172.217.16.228:443 www.google.com tcp
GB 172.217.16.228:443 www.google.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.35:443 facebook.com tcp
US 8.8.8.8:53 fbcdn.net udp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
US 8.8.8.8:53 fbsbx.com udp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 142.250.180.14:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 142.250.180.14:443 www.youtube.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
GB 142.250.180.14:443 www.youtube.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 52.10.159.154:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
GB 142.250.180.14:443 youtube-ui.l.google.com udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.200.22:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 accounts.google.com udp
FR 157.240.195.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
NL 142.250.27.84:443 accounts.google.com udp
FR 157.240.195.35:443 www.facebook.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.16.238:443 youtube-ui.l.google.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 172.217.16.228:443 www.google.com tcp
GB 172.217.16.228:443 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 172.217.16.228:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 172.217.16.228:443 www.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.200.22:443 i.ytimg.com tcp
GB 142.250.180.14:443 www.youtube.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.214.35:443 www.facebook.com udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.180.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.180.10:443 content-autofill.googleapis.com udp
GB 172.217.16.228:443 www.google.com tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.16.234:443 jnn-pa.googleapis.com tcp
GB 172.217.16.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.16.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
N/A 127.0.0.1:50143 tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
GB 172.217.16.228:443 www.google.com udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 216.58.212.238:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 216.58.212.238:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1---sn-4g5e6nzl.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com udp
N/A 127.0.0.1:50155 tcp
GB 163.70.147.35:443 www.facebook.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.3:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.22:443 udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.187.238:443 youtube.com tcp

Files

memory/1588-0-0x0000000001220000-0x0000000001221000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{292383A1-C9BC-11EE-AD08-DED0D00124D2}.dat

MD5 c3d35c6fe691c2a6c2050e429a0fbe16
SHA1 d016593a2749fd841e0dbdc5530af1108768d05e
SHA256 c2540a026b397bbacd5e85341494364a8b3511f1aa5d714ad2451b85a87bed85
SHA512 833ed538de72dddc4845497e718e0674c84b373b61428a13e61dd289e61615c58fbe9ad5968b131e06c02d845105a5765f6b46e3e2975a5b793f31a528f3d72e

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{29284661-C9BC-11EE-AD08-DED0D00124D2}.dat

MD5 3a3e72c0ffaf17d7f942115e2910292a
SHA1 2afb24aedbd6b9eb1e4d15c6fd6275f37100e3d7
SHA256 c3db507fbacc66c4cfc3c1da7d3b25de17ee76442c794dd25d667c05d528b350
SHA512 e53a9d7d84e010e8b70713bd08566bfbdf85c4e2163ef397e673b5a9a121ffa3f246233c220129163278b68cd816e14d7f6f9d8e6defe4a2eb88b356dd0b89f5

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{292383A1-C9BC-11EE-AD08-DED0D00124D2}.dat

MD5 3fe72e305e5bf86cb206dc1761df2b00
SHA1 8acbb73829b2664e3a0ff9eff3f77f11d58a4d95
SHA256 2a86ad3c0e23c8381362dc09a24a7022430944f85e32a9ac7a9fbd32803ade32
SHA512 b7abfb6fa2223a5ea1a7a4222aeac16372cda309ed4bf93ba9b545772d8ce39454b210e4c0abf0ff2092d06c0a0aff1de080ca0f405bf47dbb1de2fb10038e7e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 78476a04bb7caaac1a4175d7ac7a19e6
SHA1 782d8d5eb4efcd479af2b6041b820a2254b8110a
SHA256 64ebd98440bd493f437a8ec13ef3532f07a9b43fc8e41f9b668cc46f3c276090
SHA512 f0306efbb3933105123ae98121660f8dce3112333f451e0c0c339dc8ee4b7c6b162c037b8483c04f258d62b2641d95bc7cbc3831291f692659ba50c9567572e3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 c006ebcb8df23a16fa403a80648fbbac
SHA1 9ed7a9f84bdbba0e459310bd6a6581a7af69662e
SHA256 a005beb41f760c2fc1baedab72513da893812e09df4d448664534990ce758cff
SHA512 6bf1ed324a5a8e5b2beff922f57586f8c524b5df7ff84a125b7e06b963a6848c1e77ab4bbf0eeb60bd7a2a9ac0ccd00992f06e1a791dbe9594837e6599296814

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 639f0a08f3b77e970bc2920b0f482b01
SHA1 23294d90e57093a5c2c947b90c23324f757d4511
SHA256 377e28eee5eabdd2d864391c2265d6ad34d913c7fef3a893f96f04290235caac
SHA512 c100cb4c2f1a5b70c90b1afb7da22e5432555e0072712a3a100d11b30c1985aa17e916eee37534ce17d2d275d0abb373c98ec93570f7a8aa1d8facf81ffcb5f7

C:\Users\Admin\AppData\Local\Temp\Cab8508.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c2f6b04760b3adc89b70bb99f183dd13
SHA1 9edc43c9ff07e6307b3c557994442d78a74f3f38
SHA256 5396950c8481610856c419814572efc9835fae99aaf843057eb88e4c78484c57
SHA512 ffa8359fc0c90680a4ffe6e27ca751d0ecab0f53d33ca2a7ba7c8512ee801871429aa949067ffabbac7e01c077caf8581a505050a7c7b7419cb6ce75097d9e84

C:\Users\Admin\AppData\Local\Temp\Tar8528.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8fdf47130598f607f0b4ede28f896514
SHA1 404cdf21bd6c07235cf3655620dbcd5e46e6155e
SHA256 6a012685d11dd073da1f8ad6d71c6abfd6ba5d2d96c8f0f22b7c81ef185589b4
SHA512 4e6e532f14ba1fc38248faf05794bd5daed049a07762b51153c70c30fa7bbd5d3e12ed3b4e90f6f054d9471fd516a91a72ae517128c7061ebde47b9254f6e066

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 6e7d5e345270d19560d36e06cb570732
SHA1 e3c63436ba0cf881fd60da3b1c7bfddc3d863ce5
SHA256 f5d3eeadce6ba29dbfcd1b7add6ae3a40ded2e59a1d37965ec0a84e0426ecf26
SHA512 5062294e3d7e2cd17c2d1fca51256f54aaf25c5536d8a930fa431e0b7fc7d7a2af7edff427fa9f2189e047a10f9b44d1b47af8f8f9a03b71f240cbfcf8aa155f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 7deef5b7ffcbfa20a0467ae75e5d116b
SHA1 02c8688f2e2520897d02d0b3305c2d8c05c954b5
SHA256 05273955b75f660f7c1d3e4771d8bf225ab72b80dae864ff905640dfb1a52d3e
SHA512 fe7f9fd07ae24a980037ab93f05cd61e832e64ccdc2b646430acc706373e892dae57c13ef6a3626bdb12e58aa1c4bc48c0407f2e263f57f9d37946fadfd58d90

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ0GGVIM\favicon[1].ico

MD5 f2a495d85735b9a0ac65deb19c129985
SHA1 f2e22853e5da3e1017d5e1e319eeefe4f622e8c8
SHA256 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
SHA512 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0ptx2pp\imagestore.dat

MD5 bded46aba5ff92e37190cb697741bad7
SHA1 94383a36fdc9db3ff2eac3817b11de8ebe314336
SHA256 e6bb3ad57315c1052c4f384cf5409abfa306ab38fbfb576fad3cb78e28807b20
SHA512 5ee257b43e43c1112b40964b8085942cfd1c24f868b4e41624f753a33c9aa17d56b8211ab793548b00596871ff2304453445152d18430c3fd72e059df7f0f4e0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7eb9f41876f2bff3774ce0d543352235
SHA1 364bcf40c42496bf1413dd2e97746a1e2e737310
SHA256 cddf7ae3af0b1438892cdf4761fc648d9a29e9c5d573b5ee1b9cf8d741886b2a
SHA512 c75613c83d9407d2ca2eb4197b3bf36733376df56985f58ac8c3c58373e68d824875916be66b8c939accd59b96b8194e6309064716e1e67579568f5c8ca54b68

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ0GGVIM\3m4lyvbs6efg8pyhv7kupo6dh[1].ico

MD5 3d0e5c05903cec0bc8e3fe0cda552745
SHA1 1b513503c65572f0787a14cc71018bd34f11b661
SHA256 42a498dc5f62d81801f8e753fc9a50af5bc1aabda8ab8b2960dce48211d7c023
SHA512 3d95663ac130116961f53cdca380ffc34e4814c52f801df59629ec999db79661b1d1f8b2e35d90f1a5f68ce22cc07e03f8069bd6e593c7614f7a8b0b0c09fa9e

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0ptx2pp\imagestore.dat

MD5 ac9ec5505c23b7b377bfe00921ba2fb6
SHA1 92c0a97cdbe4f5e0dab17e833d0b69213194b5de
SHA256 09c105aa14e7350861026148b405f7ec676c11f981bf6247edb9cfbb73b49d8e
SHA512 912791bc57d683fb89e4fcefbd0c7ea408ab2c01287857eb5765d0f951fd9102fc2d971344db454cf3b8412366fe96a5ff2fdad7f054bc20ba1bdf2027d2a3db

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Z75VDP84\accounts.google[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\0X21ZEGR.txt

MD5 85a39cd26c3f7edf99d02c79a4d6435a
SHA1 50db2921836a7018dabf0ab96576aea00d82983f
SHA256 3ab848c04c447dcad4c5de88395f7730fef10e4a9ef6f90c0a60baf1ba3928f2
SHA512 b86aec3c60f7c26e5a1c6c9eef89d3492363dd19781247261ee52f1efd63b207379fd3a65d5312bdca41ae0fcadded6fa379e07ceea607cd2303a9dfe6d30115

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 bed26a7cccdb93460883bab3128b12bd
SHA1 2cf245777d2195cbc043b2b97e6133599abe3d57
SHA256 ba0f4e704d9c0c62282308afde7a4f2fdefbac676b2383a781c9a75e7909398e
SHA512 deb8d9aa4f21430d69f88d6d04ffc7c95b0eb657ba9c263926cb7c14803445253e90ccc56b0b299f3f930f7b1db3535a38ea840378e3e2caddb04d0269b95cfc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 41d579758bad4b7da71a6b6d075773fd
SHA1 c5ee3c870aa08a4c8e8e50eef4454a7989cd56bf
SHA256 d71d812373778c54b63e27145078e45ee26df16572d2c9e840821aeda0793808
SHA512 4af3dde52ba8d70a12452d8b8dc88a53abed8ea4d5966558a2a0afa4dc87b54810007463823194484c81a6dba98395ddb37222d2a4f0eb3b257e4c3dd054683e

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0ptx2pp\imagestore.dat

MD5 463259ec4ef5ae89c1db881b3bc0ff81
SHA1 d28f58b9bff7010d15d6d218452b3ddd1a9c0a4a
SHA256 75bae91e02de93b9067b9d8437d2d8c28cf931a116e5ce8f8ece776f21f427ed
SHA512 5c81f7a1b511fb5415d5b6b28fd00362fcb314262382580f2b36b9584b0fd37bc15e5710b37fab83d538d9dec89747e2b7ac4fab77b7987ad236bd8080e2550b

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ0GGVIM\favicon[2].ico

MD5 f3418a443e7d841097c714d69ec4bcb8
SHA1 49263695f6b0cdd72f45cf1b775e660fdc36c606
SHA256 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
SHA512 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M2VO416U\4Kv5U5b1o3f[1].png

MD5 a81a5e7f71ae4153e6f888f1c92e5e11
SHA1 39c3945c30abff65b372a7d8c691178ae9d9eee0
SHA256 2bc7a47889c56ad49f1b8b97385d5a4d212e79bb8a9b30df0665a165f58b273e
SHA512 1df32349b33f6a6fcb1f8b6093abd737fa0638cdd6e3fd90a7e1852bd0e40bc2633cb4e13c4824fb948d1e012e5cb9eed0b038b121404865495d4e57e123db69

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0ptx2pp\imagestore.dat

MD5 b7b742029e6a821e0217ccf00d182989
SHA1 8f6e06e23ea9670879d63303b40c0c2e276cdb43
SHA256 7554c565f6e15006853555b4ba3af4eab66207c26f2a27b866b82118ba75e3d3
SHA512 12021781698b024fffd3b25f40cc3e1478666e310bdd8ba895e9c8fe62ac28026ad5de8b8ddd1ed4beb4d956119859ff2a087d8b01ba2081bf686fca42fc364e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9792484db547ca689b891b805957bd50
SHA1 af14f8f3ea0b2a11bd7d03f476bef412e2bfbec6
SHA256 9d3bef02993de7f8eb1fbdd671ac38a0e39acf1cb8d23cc7912631a984e94858
SHA512 7727fea4b17ebef48e4f85d752347443762bd46dc02c664ac6ccb2b4e12c78ecf62e66a4acd48da8f90c439742297c44c0e5a72f82f030b227aa90de97f0ea09

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fd707408c2d080ad8a0a33e720ec59b7
SHA1 f18269222d0d31c0ca9d4c010883c6f5272a8f4c
SHA256 a47cc6f6e1336ea5809ccba202f93b547af3e395a20245f7e79ae31e716f5809
SHA512 0b5f25df409eb57818407f778a45f5ca0324b2be3c5950c9becaae3333e23ec5d423d075ca93e63cf6188b7fa71939d00eb96af7a568a27b5a639559cfa76296

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 712fdbe1e3f3966933fb9888cd329b9f
SHA1 15000e0cc2ae5766300200addcf1426cc31ecef9
SHA256 30ed084209add7816d1913d8986b5a909065af685f0efdeab2ecb993e7f76bfc
SHA512 9a12d4a070d9b0a2298adf636db5f1db22e148c57d4727b4609196d974942a8eea7b520156900d432e942c5b1c9895b1c48ce411b7c422355748ed67d82bef7a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5228c3999e99effe18cf480eb13ae6c3
SHA1 f789c27846e9a7aeee6ebe2258aea668acd0d357
SHA256 870e715df156fc992ce35ab96f8fd4893e34831b56076c125819b8ca2883a4b5
SHA512 3f328a07b278b8f75f03c8e9106a56dce06e6889ed0aaf794cfe70f3056d09b8f9534f09d7e232278cceedc1975bde97720878d095d9bc3cfc0f8bfaf72e5584

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 458f4cc8b39f00425b528fdebf768a84
SHA1 289969e4cc371e021ee4a33e5966053fa831bcb1
SHA256 9214268d4b0ae3da051ebd16f6c0396c7dc4d9fa4114a4e09f3c2271c0b7e8ff
SHA512 c773c1e50007442c82b49002ff3580607e293af5a64ada65cf3a034e26cc21d221aa6e76b905943800a5c6e5c18eacc907cde2a2024d2fe4e8118e2a296a0264

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 40e6a1a796a9ceb76d1637540477f35a
SHA1 2e5c36a13ad95ade5fd8b7997e5fa75ddf530b01
SHA256 d5981173a488321c1efda022998bf262ae63e257b27dfc5da7890d0015534725
SHA512 8b3669ad7cfbc52e230e5a6c395c5ea0f51009d5414523d62e904b4a2efc830e4a6ae804d95c9dd9784c11d6acb075db03dcd282b3ba284f0e28e41894dc2a5a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2cdd6c8900f942da27450b132f085a1c
SHA1 97e1ce32f28a09b623cf0f95233fe31a8d0643f0
SHA256 7ae85ba2057e8eba62dadc29ac5b82aceea2829071a53de797c53c4c10734955
SHA512 02fd92e87ae26aa18ca5fcbb3e3a52db053f11eb57d6284e74291ac4e087df07897fea75bb157fdd78d8cb7d5d5ed2b3d8594389d2baf3e571942c8b5ca061fa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a44f664919b3e159a180dc62f8e7e22c
SHA1 76679ee7229d11dc777a2f332897b2626b3c1e2c
SHA256 c62ec66901d6a387ebdf6f61154fdc86a24c615566133ebe1c9a40764bb398b2
SHA512 fcc7f7019e32cfad47681adc06c52676f8645c9a907ad74c4da7adc0f75c772b6ede67ed53c6a7aee66bc4a1dff2cd303e065c610e73422955414c25dbbd9dba

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d041171049cced6bea9c0b8008e15851
SHA1 39bade105aa26cfe2c06b116c1241bcf14ab874e
SHA256 1138316a8d10bfb25c90765d3b2445c0ce4ed85e4ce0cae403313d4d35794f4b
SHA512 97d652e9b4f877d053963083f3a204659835775fa6a66d8bf93f1f7ceff62e742c8a0339086f1ec15ebedd81e8869f4b6ce3073d76c95d0da15a9061a40216f2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 073d3fdc4dd52db46c6399b02689b994
SHA1 f48deb105e61d6dc455034e85c5830f9a9687bf7
SHA256 087a9a3920bb027c912cd569b86dfc0451661820e3a3e31975f07018cb11a97c
SHA512 8b0821c879ad3dbbe978c0872b6f027286c73646814e362dd898ee15df13fea6bb5dddc470c21f385002080a4710627d3b7b78f4d2e314f27c6872fad0a4dd1e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6e2c54eb40e20aaedc17d14418358f8a
SHA1 b537672b72f60377fdfda70c4d4bbb09562087ac
SHA256 c4c376e5d633debec97b1430ddb76db0051f3b7b316c26400d07f6f272673149
SHA512 1553c48283ec6cada31e22c208959d2a4da0aa7199cde41cdca47ba7a66d70474db4fe7740ac87f490484dc6938677a8996f00a1dd389e34580fb7fcf64f3c35

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7aa56705db97e76863a31857e4c282a2
SHA1 cc649362a76ecc8ecb38c9441b6005236c0e890b
SHA256 4f7f0cb1b8f0498ca96bcebfa5283e20de5825ff10f2128051117c36970908e3
SHA512 879b2bdb5c79c7a88bdb342c7ccde04ba0738cd9fb00f776e93fa88ee567697866ba03654ba31fd302cfbafa8b451e595143e063f8a8ad1e834820189619c9e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 6ceed0c88ffab51ae4b831f53ba82b6a
SHA1 3f6500fa70a8f4fa4506551868ba008b23e3d6e4
SHA256 6efbe2390fb6d125e1d4d26f2c4ac6f9130a3dfbff7da0e60f31a9e11d697ef9
SHA512 0bd942ee8e7ca33fff6611e6658001480b707137cac3932ef73de61912caa26eea6479aeb64f9b87eaf306c3dbcabd07d1528b16e11524dec4b3dba7e3c2b2ee

memory/1588-864-0x0000000001220000-0x0000000001221000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

\??\pipe\crashpad_1568_TSDVDWQIQZHSMAOH

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 8549c255650427d618ef18b14dfd2b56
SHA1 8272585186777b344db3960df62b00f570d247f6
SHA256 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512 e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\b139c164-739e-46a1-9121-9f9f63dcf1b0.tmp

MD5 7151aaab5c0e2283f95de9648aab2eef
SHA1 e20a2ab0585f6c73024f4461f2201efcc9f5a71a
SHA256 35f44ac6e5ff4ca73bf9fafd6ae3afd4e3503c9133d858d312bc5676b811bd4a
SHA512 c65bb869e24228a2c7ce04c374e11a809a89edcf4c2aca53767e935e8af44bdb854610b54217f51442b37855c37bde3bfdf13ec3c81b1a46f946a7194d26d794

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 25d64274ec9d5d838c6c66526d3cb111
SHA1 e3e5192d1a0f4a21362c7de107b5e3f66db2effe
SHA256 404ee92592c430b7b48579b909bfd037092342c4746cf841e2f196c956e0f293
SHA512 d521d20646ff3c8b0d282ae6676ea3a7e7cf3b9543aee52fabfc4a5901b3ec45da6ba79ad32f216a8c5025e416584415a06223849b1eaf3fe2f87ab90f435a36

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 265db1c9337422f9af69ef2b4e1c7205
SHA1 3e38976bb5cf035c75c9bc185f72a80e70f41c2e
SHA256 7ca5a3ccc077698ca62ac8157676814b3d8e93586364d0318987e37b4f8590bc
SHA512 3cc9b76d8d4b6edb4c41677be3483ac37785f3bbfea4489f3855433ebf84ea25fc48efee9b74cab268dc9cb7fb4789a81c94e75c7bf723721de28aef53d8b529

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486

MD5 e082e5a87c160d5ebdf801e31dbdd7ba
SHA1 9ef3a34ac2480e907cbcd1db02bce11817fc1f24
SHA256 b432d58bf3cc22aede82954c453003ccba729d9787d026aa6a71778f5eb0af3b
SHA512 d8ed3ee1331aecea0f489f929b901c66f7cc3e20670c1e3eefaf5aa768c041d4b083676005ddb58085c2144c558453cb6fffe63e1456fbdf6f8faf7c32e7077e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_5EEA01CAD208F75F11898843BE401E94

MD5 ce017f9a462b214598474f8583cf29c5
SHA1 742eabb5bbfe766fbb7870d7ad7b6f60f3e4606f
SHA256 646fad4660b59c9b795de2479ca4aded2aac71b9fd2c35913789ce4a7a161d39
SHA512 62e21de8acd0e7cfcd7ad685bf83e25e801ad3ecb62ec534aae7c17dd954971eb4a9c4224ba0da1f5a5df6279702778bcedd7bedba1affdb30c4fc4ed906da61

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_5EEA01CAD208F75F11898843BE401E94

MD5 10c0e2a3af422ff8da60c3172cc889b2
SHA1 9331a2a80ece7d0c836618399df49ab4e0a0c1ea
SHA256 6806905c2bd198876c231e037de3f21e98cdc614f21d670aa2331700d05d75be
SHA512 3996101303ff3fce659fe16a4cd7a52c4faf44cda03e798f13693ee7382f6f3239cb4704a1decc3c6b2b0b9526fa6be5dbcfb4b8f231f018194d4066b3381441

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C

MD5 8679d38dc91801d42851252414082da2
SHA1 5ba12a477c265124466f9bb4e8b696888c961bf5
SHA256 f962c449172fc68b3a275a9e450f1ade40fc6078209f166083600112baa6e82a
SHA512 c613beb4d12f437420af16e941f752359996716ae6ce5697e97371ba48dd1d176d9e8a3aa7648e5423e1c08e577dd0685bf75062e6f01caab54cc9f136ceb6f4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C

MD5 f7c06396b7b81fc2169347c6fdfc7ac4
SHA1 72afcb35a0902e3edc950e876e8a003ba333c01a
SHA256 9ec0b63e2f3e3496522ca44548b536fd338974e6918f7b72b9753f11c0218975
SHA512 b990d4b6649f5c799435ba42176e7b41598f024f2dd82a25c0b8517353f8c1f85c17329ba3d218eb7929c97f5b51f8161b879b028a77c17a86a660a875807e8b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 8d3a6a1af8bd6909c1c423d4d5bf0c3d
SHA1 1265338e0dbb5172ff44e2e79648e5a95206a1b8
SHA256 ca578712f2d4dfdb9596700499ca1882ec85566f4455483e87cc22f14969c0d7
SHA512 8a8d478f8942435ef5a8a9cadf3dd248fac279d2acf344927805c1e905e6ff2bb0fd062d05a107686d3e0d7cef6ca0895c0ee162beb61350e381e37f2d2016aa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 edc582dcef756506929e52246f033254
SHA1 8a1416ba70ba49d4cd59800ac33acee179b257e1
SHA256 14f025e620eb74bc9b2f6933bfc281890741446b8c18daa557f7e2c8a5719cb3
SHA512 c8b7f9ca402ad61e3754f2586cd04b498b87924f4022d2685cb853976a6c91b5787041fa84093e94e96ee29018b7b264cc38a744fac503e8c81c5c72de2e9b2c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\datareporting\glean\pending_pings\ce4e6105-66dd-4d7a-93b6-8a08183ae2fb

MD5 2bd337ba5611b5ad7ef5d504c66da38e
SHA1 69866345b32fdb7b2ce1d551b87dd1ef04c536af
SHA256 41c057af17c49ee57b55fd5f5f2568f4cc008756d5650d1120ac2f87caa12076
SHA512 1cfb4e37644eed3081854a30e5d4d221ecd83c7106f413dfd3845e91a4a992e63c56941d4b90297b2647f04928584191fd5e291c5b05fa839f526ae61e577416

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\datareporting\glean\db\data.safe.bin

MD5 8c03e12de1623e319d996922f096e941
SHA1 8c6776de0cfa21c343c248e44503e364195c0c4a
SHA256 c96cebc794b15d5f07f897a4450d98887f91bfc7d983458edd460bf6376c0cba
SHA512 ec77e28ff9f097c304efc9407db5c3f9875103c46dceb99dbc69baaa3cbf73f56a1f1f1015bdc9603dfaffb3c7e03f2f1f21f5a5c7194726764902f521546102

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\datareporting\glean\pending_pings\f15f9919-8c69-48dc-9558-bf7d40854497

MD5 204463d4a655faa39626880a305e2134
SHA1 917cc756440b924d315708f3282117e77068abbd
SHA256 018aadd01e8328cbdbd128fb39bd51e5d5509432b79ddc2410e6bb231033699e
SHA512 2d76ce7dd22f96ac36864707135588a1214f98c38444ef53a7b54aea9f92f7b107098e42a0911b8cea378d0a3f6e738ae3917092bb1da6031e6143b77b3920ad

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 19be8fda4eb91b2b3fd5175a0ac55679
SHA1 b6948b0497a2e6e5231b2cb2d87c91e0a7d21804
SHA256 d07b6f4e6a032b7ffdfee443424903627547707d4efd9d7ccf459e07288281de
SHA512 c79a662e79a0b8532a180f31925d09b85833d4da69f5f6614f0dabf8174579da12c63dc6774b32b8d858b450311f1fa3bf7b33936d52b44a354587f7cb63a210

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\prefs.js

MD5 b42cf975ec6988b90f87cf1b36eddcd6
SHA1 9dc9a80b9f9c80593e3839c0866a3097fe6a29c6
SHA256 c79a3eb5f703b19161f81fba1b9cfcf3fcdf7ef08f368e95e1e5db6e80f2778a
SHA512 1dfa7df811c38681173adef3be24ea5525f147c52b75f613d8ee924a5b62ecb0e7d5df52a95699458c29b32d757b6edbe187e4ca78d30680417ccf5512b6372e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\sessionstore-backups\recovery.jsonlz4

MD5 384907af7cf461f7f70c8bb50f49a98a
SHA1 114327cd8645d69fe62b05a8ac894eb656261d8c
SHA256 9a9c449faf387deb5b008dc46a4b29679f288b73ea9416ec4ef23c4c2be4665c
SHA512 11762b80e2e807e03b393930b3bc1a2e0ac4470ee0b6dceb1fde456b866d55d850869cd8b74453e1aa4886a0fde08349d5db32120b812ae953d5418296dec25f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\prefs.js

MD5 20d33888716b6bbe1e501c962446a617
SHA1 1188ae06af6a4ae9174e2f8aaabfab163f3b04d9
SHA256 20c6addca170d192fdd13447ba4356219255ead2c2cdec75e7a7ca83a023f0a6
SHA512 5ce2281fc45ad8b369f12e4e375d6d81919c147baea1aa14b1b54f3242f9682b34b5c076b023a9ca366c99eaf5b3f6fd6c6fd9a1474d3f8c9929f22d3e04c7f8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 b974e3b9771cf038a19553e62c674a40
SHA1 2e75e4d0fdc82650fb9ad4bf0dc27b3203de2dd8
SHA256 b2a27cae8eecf88f4ebbd2af4f57aee4e72691236f7d772fdf4189030ce2a9d9
SHA512 c2d38eeaed946cc2294427603a4241c47e9a463477a03034b095f7374bd2a30b8a36edf00911b69e7f6d5d5525f601cadf995a9669e58b22537aa7052fc530a2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\sessionstore-backups\recovery.jsonlz4

MD5 7546cebb6094c5ad2e9560dc822f75e9
SHA1 69e03e22e5d3ec85bcd96bdde4e30a4b62bb453a
SHA256 169487ca4062639db9d341c2381393f36d84f52d145002db63e8055cea6b8c2e
SHA512 9b0ebb5b47077477b72f59e9e3ef7ceaf0e54d4a49d910507d61d419ebc0349dccbe79c89e41de1b875250f5d6bff09d5255edc52df3d337261d534d0285d427

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4241d638faa2b194a6285be16ce1f832
SHA1 aaff1539d61150ee8156d0062bec8aae4ac9f6ab
SHA256 0ca763ba9b155f6519473db77992b46d9cfab1e0dd3588cd4907e3daaaa080ec
SHA512 0ae5f38b4c0c3e88d24910253976e9a048137179d73e4f62fd4ae1eee785ec866f62df6efb4e0435fe1ec30132b06cf55da83aba00b44dc20f71119360befaba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf773d8d.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\idb\3362943414yCt7-%iCt7-%r6e3sdp7o.sqlite

MD5 dc3f9b886640a8f7ce4c46a73c539214
SHA1 34ac4c566da0e7512f25dfaa7c576f68937e72f4
SHA256 b7589ea995ddba86310d1167d7649ed6c878e7f49d4777353c03a2d8c1d059d2
SHA512 e47880f9607af99fe589efc78172273d413d7bdc437031e187734baf7867c3a108bc5d5e94cbe2f2cd299cbf0033e1e70fee963ea54b7a8d5e8f397827b51e2c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\cache\morgue\140\{d825ee62-4036-4ab5-afc3-acab5181b28c}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_1C8038BAE9D4E52C4463A14FAB50BBA7

MD5 1159fa79919f53a7957f20cb86ae3ff9
SHA1 7ae0cc88b86bee393c4ed69c8084937638831482
SHA256 00339b367eaa7f422aa10fad764c2fd14b65fc5c869fd9e73218fbfabf8567be
SHA512 e6ab6dfbc171f37785bc3ed10a94cc83efefbfa0b0a206a83e79169c895350ed5c06fa30de8e1e2256660430f69397da9107a441e1cb18157abd60548b6e2864

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_1C8038BAE9D4E52C4463A14FAB50BBA7

MD5 d8c2567c4af745a55c4f29044db0fcd3
SHA1 50ba39b2e04aec04dbf1c52a1191c04008db0fd9
SHA256 cbec4b651c03af6dfd82ac613a207964384be310c2042a2b8e28a141bec09105
SHA512 ed0ef617081c90ad323d8c9d9b899f2e02a45b97ed900ab02281c315c4112698bea1290ec1c8ce9aa3102bb764ef686ac77c2d40c5ec7afd1bb3dde82d255993

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 5c15cccc221940d63d9a40a074550b29
SHA1 827072c36c6b0d009e9cb3884f2a5447aae4b4ef
SHA256 476a9dd697cbba96a3a9bf8eadcdabc6a5802ec31c8e3d08dc57e3248ef1353c
SHA512 17454e7e91a2aa239b3164eef66a363ced27bc2fe780ec7ed54d45a28cd9231a9a1987003422667b797e84b60983ea1d4ead18ab0b800f1ccfdb5fb8114051ee

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\prefs-1.js

MD5 9312725e45360097dc79ed64e6596af3
SHA1 9c8b9753642e04cc609513ee2ac86bbcd2edfdd8
SHA256 f1b14b89570c177900ec02c729cc8e8a629c8fee23cb17d1b585d10232bdebd2
SHA512 589dd50be21d650d33a3a0975c42cd7bfbb2a3d97156a553e249259eed1ee00fe0373931c8981d48cef3f7936c6b5ecd3a9520374d07dec9cae13f3eab6e6ef3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ab823df0f9c2825f73dcb983c9bf514b
SHA1 3ff9093e2d1a1cf6d2aee0073b8eb0d779843033
SHA256 ee02728cd991798bfadbf3fc304c294a1d49a494deb84c92e7774aabcd2eaa44
SHA512 8dab0952e9a37278a87d25591c1a8a738d77149dcd75dde6acb6500f70c77335990c17811eae5ee35db65e899709a57e31cc9823b455208c2a50834f1a802fba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5ef8227e5287e7a061f02faffecfbcf6
SHA1 7ad888f00dfd3f4c5bdff6871564f152dab546d0
SHA256 e2c4e1532e632b10a83b570f6b6f019c040788f007873b998cbe793ce0f3512d
SHA512 2d0298151b8c1a81ee77f83fc5114dff1da5709ef0422f63c0230af80667470b1f2947aa64c973aa11f817ef93cc4f0ed52df8a745a433d12a7c10f770629b1b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f72c13ca0da7dd8eade093fafc207145
SHA1 aaf285a0518b8bce51c5bc29e94381289c3faed0
SHA256 1e380e9eadad2436f56243a1ef48b090313574da68e1fbd87b29e3ec739f77b7
SHA512 5ffe06f588dd1cf56eb9c131d9c20084315e9a5abee9b010fbf302fc23f7600949f7ace95453b2a4e7d934fced48948ab8d0a953cdeb06274a06c9188d1aa481

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 7101e5dc775c0cda129c26fc07fc50c3
SHA1 991a3108ee903c8503accfd8e59c80b9c9189457
SHA256 01a054ae8ef57a8830a56484de7abe5694eb44012db892b16e0feb55c7d16cb1
SHA512 0ecf2dac673d5a222e27b9470f8117a3e51af8a599e66bd98813e339c6bf146499524acac01d5e5562100c31717ad40be464c5853bc03ed03619aba65d5131c3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 239b5638344288c09fadb71868e5a880
SHA1 5b7523b4eac1d8a9ecad38970a76f59e3daf5b05
SHA256 a5d5b02a4b323e07cf76b7d6b59b1f8569ff644bb7faee50510aeda501a7ff0f
SHA512 9b3117bdc09bff862af4b2241edd1b796b6d60b9dca4dbe0f212ed35a560214383fa064da691121e7afa48c11d3cfdede85f433448bd3201ab45ede7e46a14ff

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1567c87d700c27e16c9edeebdd2b6ffe
SHA1 668541a79f57668a8ac643b918e457a9d93d23be
SHA256 6bcdfa3fed03658efe86014dedd4de0f6bfaa192747ce513abbc74f45beabb79
SHA512 a6ad32d187dbff011909884802816b4cfbd5ea0bf5a15dd06cb6e27853c68e7048417b07f50c87a14e0a2a611bd9c26c73ad34d0a874b37bdff52f970b695463

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 08e1137d40d8588a0c6644e79063cd7f
SHA1 ed49b8761b8e81681410581e0f2e3e1ebb4b5c7b
SHA256 029df377795724f4d2b98315ecc1108551404d9f5a27dfa5b8bc5e9b12f2d282
SHA512 88429660cd984b157ea5c4bff8982cc341a1157b4e20ede90764de2a4e08285f1626f604fec56cae5316c923b653584f11d1fae8c978dfed0304f517a9a35891

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ab707a2c423c529743062dd43345d50f
SHA1 6d583a72f7bd5ee4826a89460a49da9f0f8075a7
SHA256 c688906e7647b183c181e5289437c5fb0f2b79da4f561b16678bbc6d358635e2
SHA512 a2c4d82a66e2e2543a202919334499eac8123d541010a37938fb2f3c636ba6a9aae67b549645f4da355a8f01aa8aca7f9d80f5bb341d1c44a1c4dd133d343fa1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5c35f5879e8b805ea75bdc320f403d0a
SHA1 f1fbb24d56a86050bc4b09e5db15e56a90cdcb8b
SHA256 648696993c22c3b22554463c73b255653d6218d101b55b808d9b74550abbb4aa
SHA512 033b653aafca86ceee9343799866610c779f89dbb1bd9eec6f6abe9e9192712dac2c5118652e9f93cd808ab3987fc033841f63bb46fccbdd0e841a6134580025

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8d5ba78bd6d0a0a7439fe9356c7cf4a6
SHA1 0f3b5bafe95508f7f7eb738bf0a7cb289cde10bf
SHA256 5487814c84fc94d80b312f515b97dbe81a1cb2c0db9d0d6260393e5bbba98aff
SHA512 bbd2ba7df070dbeef23b7be085bf745526ada1d3428dfbd0ccb1fded91e4f09211bb2fb21fd8933de0e8db4e3e0fcf957f942bb9928ccb037bb945dc2cae5cd1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e13ab7af6900afcf421f09f9d58cf763
SHA1 8698c7734e78458493b27ed42f08de90f427bb18
SHA256 420a407b797cafd7ac71e936ee2fa1df8816dea9e4d8d2a1b9abc0d7d8660841
SHA512 d0e8bc4bcd6f55f2ef4eecb15602e87d2fa0d9ffda3f61057845f2cf2effa8afe1fcf00556abe909c782c0bc51c230310e5f59392b8d9c7cb6610fab2e9bc77f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 deb5413a55df58a0e0fecfab3f1c048e
SHA1 b8af65190a98f1a6b99995209034b193fb1d60cf
SHA256 930177f3c4e8f610b40701d11eddd223b3be40a941c7573f7a231aca4b55813c
SHA512 ae375f603638da24f23fdc82263c55a086fffb9e8164e9802fbce5cc2dbcf23f55815eae92a7978193e77f4f49d05bbbb2d6db900562d6218c26efc6db4d991b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3d22f2d2ff9be4718ba04776dd891f37
SHA1 5d4fec0608be6b11734d7aa463aa503dec602b19
SHA256 59116a3a4b4af9eebde0f86c751558625009a004400116ee3106076450cdbdfc
SHA512 56178e6793ae8cee3d337acc6f0fba24d248dbf01568b426a2cffc5ebebeb8a9f0e17fd8b54854c4170f37937b1aa09c813cfd2d51cffdcc32ead407711fc0e0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6a0191c804f8569f6935c8a57506e272
SHA1 cb87a0e76dacfafed2d16aeb8d5f658a2b944109
SHA256 60c0696836811e3967671884d6ad4a20b79825db707f0255a498be39829d5b20
SHA512 57a428bc1f22e9b76c040fb9b230ad04c750cc20050d69eaee68fca0993a189334ea2a59c0ceb45e5cb1274aa3134ba2fdec01745bb42ea4157809c2b9fa078f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 08ad42d7a61c5f4ba9c507c6bb0804da
SHA1 8b7081e42b275779f5cbb4d395c2b30c4a553e3a
SHA256 372094bb595c041d6243d94805e54f9739262deb94f2b502cf42dacb55edbc9f
SHA512 08abb49b3e5abd8e9c54e6b0469211281aafdaa44c2ddd38cb5d45b716217a03fa1aedd488033bf01660b2c057406425aa72355e6825a000c8590e9bf4137053

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\prefs-1.js

MD5 07754d482986a410a605b3a24e4ae4eb
SHA1 a14d95d33d03bc21b3af3f47ba2708e4fcdb7e0c
SHA256 6f0986db620355b2719c2bb2598d4f8b1faaf907cbeaffe9b5d9e70455da5782
SHA512 65a2120b807da968760a48d205ce5ceaceabae5bd5c49a3dcdf489b7f6cab7477fb5cd45cc54931b209c4e8ebe3e86de9d8a58c2048d4337cb6f4acd979978e7

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 1b931c3372cdbf2472276e15a92c85d9
SHA1 82fc1e5752e552590d6aec0e71c548bca87931dd
SHA256 53db45de2874f5260b448df11b3a63689a9c9fc99e96f544732b482921fb30a3
SHA512 36d9c0ad234e31a95c2ef1afc64dc1d79a1c9de4220c29f32bef9d9bebc7ca9f014f34a9d01bd1931fa6f5dc90d5d62026eed6be631de90539d016c3f827c514

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 267acf37c21ed98a9180ed673f886581
SHA1 9f7986d10639f5b09a46ad971791872421ea77f4
SHA256 a5dbc918269a4ce2b360953b3c1c63f9319a0c5212ac518adea23cf483441b4b
SHA512 8d0618bc74f161aadb8eff65fa17b28748fecf2f2b32838d68353457602c849abdc973e0a3fa4400f6eb450547560ffe4a31d45e52d62dc2b585468088f8edbd

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\sessionstore-backups\recovery.jsonlz4

MD5 46da3533b5fae44e6c1af30e11ee3238
SHA1 9b2ec4e81b61d0cde7cd30a0296610697938ce63
SHA256 8f8f44d6eb58a77c987304278c325ea6ff6c73523fdc0942aec83ee8d4020260
SHA512 91c4ebb7b1c8ee0d6e16405f01402bb4f3b25c5fad4e2d7bf00e4dbfe55db7ee4b3787ae1e7725c69f4186f9f40673241327e460ccbaae55ac4b7ee498f7a2a3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\78750472-14ce-4329-a867-745c39231d0a.tmp

MD5 8b7cab265b2ed2ddb03cb33aa3b0428b
SHA1 b2bfb7932765cf530c6e27c3a9c90cd121c9455e
SHA256 fe2cdf9672b902a03958ca4a9159244a8e9cb8e933b76a680666bd1fd0fa09af
SHA512 2d95ac5bc207920812caca055739a8a7acb57c441be14bdfcf2b34c1d28dbb08000399cb7ef7968251f99c599e9a234a7fde8d20bb33275a693de5bd309e8bfa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9a3f7ff51c9552853fcfceabd7fc4658
SHA1 ed1647dd2619ccd33021420f69ba386e6019c9c4
SHA256 aeb4401787545d9805905bfba9ee998ddb11953ed7c0fe0737ca61b039ec2ea7
SHA512 e59fca322a9e78419b243c4707f31be897cea24a73e9b4dded5e0d189ae3d5a3c4f8fabd6d7677ed535a04176a923d2359350a4a1b3d94140a330d22c50fbfb5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 efe6b66f4d983bf454fec9c35137385a
SHA1 7d4a59465949ddc17fee1de4591eddebe48ddd90
SHA256 3ccbbc403482c5a0fb478a287335b638c577ab1db1201df16307288cae9c424d
SHA512 4cc42f08045e1668a323695c52f9a3c0bbb594968e9ae8e32f8b744363502024d3aae91871d068c269ecef7b34249641968402eaa4d9dcbc764259c108abdbc0

Analysis: behavioral2

Detonation Overview

Submitted

2024-02-12 15:34

Reported

2024-02-12 15:36

Platform

win10v2004-20231222-en

Max time kernel

149s

Max time network

150s

Command Line

"C:\Users\Admin\AppData\Local\Temp\file.exe"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-1168293393-3419776239-306423207-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\file.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1168293393-3419776239-306423207-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1168293393-3419776239-306423207-1000\{B0ACD64A-55F9-4A2B-845C-DEE689C10D59} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1168293393-3419776239-306423207-1000\{07359BA4-5817-4EDD-A028-5244EC73E2AF} C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\file.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3332 wrote to memory of 2020 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3332 wrote to memory of 2020 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2020 wrote to memory of 4036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2020 wrote to memory of 4036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3332 wrote to memory of 3732 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3332 wrote to memory of 3732 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 5088 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 5088 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3332 wrote to memory of 1180 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3332 wrote to memory of 1180 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1180 wrote to memory of 3512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1180 wrote to memory of 3512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3332 wrote to memory of 4260 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3332 wrote to memory of 4260 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4260 wrote to memory of 4976 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4260 wrote to memory of 4976 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3332 wrote to memory of 4932 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3332 wrote to memory of 4932 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4932 wrote to memory of 2428 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4932 wrote to memory of 2428 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3332 wrote to memory of 4532 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3332 wrote to memory of 4532 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3332 wrote to memory of 4164 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3332 wrote to memory of 4164 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4532 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4532 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3332 wrote to memory of 4808 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4808 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4164 wrote to memory of 4964 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4164 wrote to memory of 4964 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4808 wrote to memory of 556 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4808 wrote to memory of 556 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2272 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2272 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2272 wrote to memory of 628 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2272 wrote to memory of 628 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4392 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4392 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4392 wrote to memory of 728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4392 wrote to memory of 728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 3552 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3332 wrote to memory of 3552 N/A C:\Users\Admin\AppData\Local\Temp\file.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3732 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3732 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\file.exe

"C:\Users\Admin\AppData\Local\Temp\file.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x108,0x10c,0x110,0xe4,0x114,0x7ffe5b0346f8,0x7ffe5b034708,0x7ffe5b034718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffe5b0346f8,0x7ffe5b034708,0x7ffe5b034718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.linkedin.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe5b0346f8,0x7ffe5b034708,0x7ffe5b034718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe5b0346f8,0x7ffe5b034708,0x7ffe5b034718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffe5b0346f8,0x7ffe5b034708,0x7ffe5b034718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe5b0346f8,0x7ffe5b034708,0x7ffe5b034718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe5ae29758,0x7ffe5ae29768,0x7ffe5ae29778

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ffe5b0346f8,0x7ffe5b034708,0x7ffe5b034718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe5ae29758,0x7ffe5ae29768,0x7ffe5ae29778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffe5ae29758,0x7ffe5ae29768,0x7ffe5ae29778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,3649741733033367175,6621302059316513150,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2900 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,2039189703382780037,13619797515734547041,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3649741733033367175,6621302059316513150,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3649741733033367175,6621302059316513150,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1444,15332917984289229315,7761592874647501184,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3649741733033367175,6621302059316513150,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3948 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2040,7597037512166113586,7268789258625106929,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 /prefetch:3

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.0.1899154530\1209844903" -parentBuildID 20221007134813 -prefsHandle 1852 -prefMapHandle 1844 -prefsLen 20671 -prefMapSize 233414 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b55db6cd-0694-459f-8798-1b02fd95304b} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 1944 273e51d7f58 gpu

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,5981275381083681551,2048916336085862575,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3649741733033367175,6621302059316513150,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4132 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,5981275381083681551,2048916336085862575,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,3649741733033367175,6621302059316513150,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,3649741733033367175,6621302059316513150,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3649741733033367175,6621302059316513150,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4364 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,4483281038326917063,2889673530210920704,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3649741733033367175,6621302059316513150,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4496 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3649741733033367175,6621302059316513150,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4668 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.1.1301755199\1271094503" -parentBuildID 20221007134813 -prefsHandle 2396 -prefMapHandle 2392 -prefsLen 21487 -prefMapSize 233414 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {46bc0cad-5294-46a0-b489-9bdaa30ce735} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 2424 273d89e3c58 socket

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3649741733033367175,6621302059316513150,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4868 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3649741733033367175,6621302059316513150,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3649741733033367175,6621302059316513150,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3649741733033367175,6621302059316513150,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3649741733033367175,6621302059316513150,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5968 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.2.469866697\2062033086" -childID 1 -isForBrowser -prefsHandle 3088 -prefMapHandle 2836 -prefsLen 21525 -prefMapSize 233414 -jsInitHandle 1220 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {66f7806d-1c08-454f-b660-5beb02a835a4} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 3004 273e5160c58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.3.615711966\904929934" -childID 2 -isForBrowser -prefsHandle 3068 -prefMapHandle 2916 -prefsLen 21631 -prefMapSize 233414 -jsInitHandle 1220 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c29963b8-be8d-49dd-acc0-b079512e36f3} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 3504 273e9853558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.5.1460692801\689461368" -childID 4 -isForBrowser -prefsHandle 3656 -prefMapHandle 3660 -prefsLen 21631 -prefMapSize 233414 -jsInitHandle 1220 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a0156cb3-c810-4328-91ad-be747fd17681} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 3644 273e9855c58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.4.1819694261\238178699" -childID 3 -isForBrowser -prefsHandle 2936 -prefMapHandle 3504 -prefsLen 21631 -prefMapSize 233414 -jsInitHandle 1220 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {133b0b31-491c-4b40-b272-089831cd78d4} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 3644 273e9855958 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1640 --field-trial-handle=1964,i,16709282702076602507,15961898093913920475,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1920 --field-trial-handle=1964,i,16709282702076602507,15961898093913920475,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2004 --field-trial-handle=1888,i,12503763220413870425,5139218583387333373,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3536 --field-trial-handle=1700,i,4577286717145517554,16416354814607747032,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.6.496335370\287591379" -childID 5 -isForBrowser -prefsHandle 4264 -prefMapHandle 4268 -prefsLen 25988 -prefMapSize 233414 -jsInitHandle 1220 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {23c373a3-15c1-426e-a9dd-5ef57643ad0a} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 4392 273ea831b58 tab

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3528 --field-trial-handle=1700,i,4577286717145517554,16416354814607747032,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3820 --field-trial-handle=1700,i,4577286717145517554,16416354814607747032,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1680 --field-trial-handle=1888,i,12503763220413870425,5139218583387333373,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3128 --field-trial-handle=1700,i,4577286717145517554,16416354814607747032,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3120 --field-trial-handle=1700,i,4577286717145517554,16416354814607747032,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2180 --field-trial-handle=1700,i,4577286717145517554,16416354814607747032,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1700,i,4577286717145517554,16416354814607747032,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1796 --field-trial-handle=1700,i,4577286717145517554,16416354814607747032,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3800 --field-trial-handle=1700,i,4577286717145517554,16416354814607747032,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.7.568347729\170101629" -childID 6 -isForBrowser -prefsHandle 5560 -prefMapHandle 5628 -prefsLen 26222 -prefMapSize 233414 -jsInitHandle 1220 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {581e8f46-ba1a-448a-bd72-3ff4972e976c} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 5420 273ebff1458 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.9.980982633\1005146774" -childID 8 -isForBrowser -prefsHandle 6000 -prefMapHandle 6004 -prefsLen 26222 -prefMapSize 233414 -jsInitHandle 1220 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c6ef13cf-1665-40ff-8d8c-e19572a688c3} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 5992 273ebe52b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.8.215508862\1054573029" -childID 7 -isForBrowser -prefsHandle 5856 -prefMapHandle 5852 -prefsLen 26222 -prefMapSize 233414 -jsInitHandle 1220 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d7842685-d0bf-442f-acd7-70835fb876e9} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 5864 273ebe51658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.10.656007841\420674509" -childID 9 -isForBrowser -prefsHandle 6380 -prefMapHandle 6376 -prefsLen 26222 -prefMapSize 233414 -jsInitHandle 1220 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {49a70f9f-ebc9-4dac-933c-cd0e9c76a12c} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 6032 273ec87ef58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.11.1178795872\707803273" -parentBuildID 20221007134813 -prefsHandle 6484 -prefMapHandle 6488 -prefsLen 26222 -prefMapSize 233414 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e5c76879-e5f9-4384-8a1e-f7ed75224af8} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 6032 273ecbeb158 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.12.1494381528\1085331408" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 6620 -prefMapHandle 6616 -prefsLen 26222 -prefMapSize 233414 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {194697ea-1a5a-491b-9093-ce7367685595} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 6608 273ecbea558 utility

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.13.372781513\1343676486" -childID 10 -isForBrowser -prefsHandle 6944 -prefMapHandle 6940 -prefsLen 26222 -prefMapSize 233414 -jsInitHandle 1220 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {57aa60c5-e36d-4c70-9980-511ae47e81ae} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 6952 273eb6ee658 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2108,3649741733033367175,6621302059316513150,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4704 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2108,3649741733033367175,6621302059316513150,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3376 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2108,3649741733033367175,6621302059316513150,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7244 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5472 --field-trial-handle=1700,i,4577286717145517554,16416354814607747032,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5572 --field-trial-handle=1700,i,4577286717145517554,16416354814607747032,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5500 --field-trial-handle=1700,i,4577286717145517554,16416354814607747032,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,3649741733033367175,6621302059316513150,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1692 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2828 --field-trial-handle=1700,i,4577286717145517554,16416354814607747032,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 142.250.180.14:443 www.youtube.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 8.8.8.8:53 173.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
NL 142.250.27.84:443 accounts.google.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
GB 142.250.180.14:443 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 67.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 35.195.240.157.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.200.22:443 i.ytimg.com tcp
US 8.8.8.8:53 23.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 22.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 227.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 16.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 142.250.180.14:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
FR 157.240.195.35:443 www.facebook.com tcp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 74.169.217.172.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
FR 157.240.202.35:443 www.facebook.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 52.24.144.241:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
FR 157.240.202.35:443 www.facebook.com udp
GB 142.250.180.14:443 youtube-ui.l.google.com udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 35.202.240.157.in-addr.arpa udp
US 8.8.8.8:53 241.144.24.52.in-addr.arpa udp
GB 142.250.200.22:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
GB 142.250.200.22:443 i.ytimg.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
NL 142.250.27.84:443 accounts.google.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 www.google.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
GB 172.217.16.228:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
GB 172.217.16.228:443 www.google.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 228.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 rr3---sn-q4flrnes.googlevideo.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 173.194.191.168:443 rr3---sn-q4flrnes.googlevideo.com tcp
US 173.194.191.168:443 rr3---sn-q4flrnes.googlevideo.com tcp
US 8.8.8.8:53 rr3.sn-q4flrnes.googlevideo.com udp
US 8.8.8.8:53 rr3.sn-q4flrnes.googlevideo.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.212.234:443 jnn-pa.googleapis.com tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
GB 216.58.212.234:443 jnn-pa.googleapis.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 rr3---sn-q4flrnes.googlevideo.com udp
US 173.194.191.168:443 rr3---sn-q4flrnes.googlevideo.com tcp
US 173.194.191.168:443 rr3---sn-q4flrnes.googlevideo.com tcp
US 8.8.8.8:53 168.191.194.173.in-addr.arpa udp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 3.213.58.216.in-addr.arpa udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 173.194.191.168:443 rr3---sn-q4flrnes.googlevideo.com tcp
US 173.194.191.168:443 rr3---sn-q4flrnes.googlevideo.com tcp
GB 172.217.16.228:443 www.google.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.204.74:443 jnn-pa.googleapis.com tcp
GB 216.58.204.74:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.204.74:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 static.licdn.com udp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
GB 216.58.204.74:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
GB 142.250.200.22:443 i.ytimg.com tcp
GB 142.250.180.14:443 youtube-ui.l.google.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
FR 157.240.195.35:443 www.facebook.com udp
GB 142.250.200.22:443 i.ytimg.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 172.217.16.234:443 content-autofill.googleapis.com tcp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
GB 172.217.16.228:443 www.google.com udp
GB 172.217.16.234:443 content-autofill.googleapis.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
N/A 127.0.0.1:59369 tcp
US 8.8.8.8:53 rr2---sn-ntq7yney.googlevideo.com udp
AU 74.125.109.167:443 rr2---sn-ntq7yney.googlevideo.com tcp
AU 74.125.109.167:443 rr2---sn-ntq7yney.googlevideo.com tcp
AU 74.125.109.167:443 rr2---sn-ntq7yney.googlevideo.com tcp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 172.217.16.228:443 www.google.com tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 ponf.linkedin.com udp
US 144.2.9.1:443 ponf.linkedin.com tcp
AU 74.125.109.167:443 rr2---sn-ntq7yney.googlevideo.com tcp
US 8.8.8.8:53 167.109.125.74.in-addr.arpa udp
US 8.8.8.8:53 1.9.2.144.in-addr.arpa udp
US 8.8.8.8:53 platform.linkedin.com udp
US 8.8.8.8:53 stun.l.google.com udp
US 152.199.22.144:443 platform.linkedin.com tcp
GB 142.250.144.127:19302 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
N/A 127.0.0.1:63392 tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 144.22.199.152.in-addr.arpa udp
US 8.8.8.8:53 127.144.250.142.in-addr.arpa udp
AU 74.125.109.167:443 rr2---sn-ntq7yney.googlevideo.com tcp
AU 74.125.109.167:443 rr2---sn-ntq7yney.googlevideo.com tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net udp
AU 74.125.109.167:443 rr2---sn-ntq7yney.googlevideo.com tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 216.58.212.238:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 216.58.212.238:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1---sn-4g5e6nzl.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 8.8.8.8:53 209.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 172.217.16.228:443 www.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 102.11.125.74.in-addr.arpa udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 217.135.221.88.in-addr.arpa udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 202.178.17.96.in-addr.arpa udp
GB 142.250.180.14:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.3:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 35.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com udp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 23.173.189.20.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 12f5ea17522d20f57cfc7ed287507d1c
SHA1 683a34647d67a7f0db4b48c8e5ab2bd96b1ae58b
SHA256 25fe9a74a26f05364d78e4fef7962b5509f562c825da977bf6ee46a31e2392cb
SHA512 6ba3e8a3b7eb2fbd8edf13571a7a430b334dc86527eb4368ba3b8c2e7bcd24073cca99677ddffa633643046536bf7c7516076a9018f7b3c7c63a9f2a26de67c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 3e71d66ce903fcba6050e4b99b624fa7
SHA1 139d274762405b422eab698da8cc85f405922de5
SHA256 53b34e24e3fbb6a7f473192fc4dec2ae668974494f5636f0359b6ca27d7c65e3
SHA512 17e2f1400000dd6c54c8dc067b31bcb0a3111e44a9d2c5c779f484a51ada92d88f5b6e6847270faae8ff881117b7ceaaf8dfe9df427cbb8d9449ceacd0480388

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 bb2cdf82802bf69b297c9fae3fa48e85
SHA1 f26dbf7984929197238377b2b3e37f974447448d
SHA256 29998264d3f24068d6705e32cb6306f042797a0025aaebda57b3c581a49be0c7
SHA512 00535865805747cb5fe10f4f67872b52e94fd0ce51937f94a7662254027919b13df4af538557116cd4a8002afbeb295c601a79d5e64c8d2d2de9cf377eba1db7

\??\pipe\LOCAL\crashpad_3732_CIMZILSJSJBCMUST

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 add497ad5a57a59280d35e62c4b076ab
SHA1 31dadf8d2ad15401840798d3ed61cb8a2490f4c2
SHA256 ca617dea7dc6fd8e796f2453bec2332a22cc4e51dc7bc7b113a74236046992f5
SHA512 31037c7a9b8ce6a0ac70e58f6be1ef557ff6b666e214e43041f2818dbb15e30a39be39f99fa1498290d4aaf66f715161bc9b294226b8d295010aa553a31e285f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 70b837bd18e084c72ccae8c07664be63
SHA1 70a0e93346a00859a97708f7051703e7352bdaca
SHA256 0778b06f1adf30c73b53e0a26b14da8793b828ac77e483224cc30c944bb23582
SHA512 7f433acf7880bfb28527a2ba2663e0c3cee32ae44de85f0494e644a81c16dac2df4bfae0e5da9b82cfc95f7e8b807b06b4b062271c8f638e7e92b9ffbe239cb3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 352bf14a0e14a4177a9d1ea5a0abcc5a
SHA1 c40addb9411176b671a0afe8e7ad8820ae67b692
SHA256 042eb4281e8274242da04982582a7b2495e0549678b3c45b6ddbd2f2f11db857
SHA512 91f15e00c39b3176ec7cf613a8eb6c1a9a1d46d13c3b5d57c171aff589926903c008a45ec4902b90f6e4e2a5d2c88608f4a6786d937ffc29c73f42edcc8b343a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 891628f8d6ca1031ff9a9a86230583b0
SHA1 e700dcb25f7e21205ce2aaf8a94170cbf24408af
SHA256 8e6b4315834078045ef0ba192d6f800dc01079afea2ccb1b8694f2222e1cffe3
SHA512 91fd25d7bf254c9a6dbf86cd4fa193bb7088eb0538540d2dc4960de22a55527a19da4bf3498898544a4dde02e85717a6818bba94790c459778484dbff785ed97

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 ddf62b390743ea005e38ca9715523133
SHA1 694138922ca7cc960bbd0292ba3e1c5a73869b2b
SHA256 aaab2ca56a891d045958016cf564ec26ee4b1cfac316ee15c86f94652eed2bf6
SHA512 0188106cfca82e795980ba0de137ee2a6e38e703529a6833ac756260de9476084cf5e7edcf5800cd47d070bfaafdcc8ed60261ae3092d3e9e2583f6240796172

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6b358b2f9d59b699ae1831f801b74e28
SHA1 376a3170d988a716bb92257c294fbacecc01ec5d
SHA256 f1f2b2a14685971d974956cb11eaab2e1d6180f0c643cb960f963ee20d02d1a4
SHA512 16f75e8079162e75a10724127b518e9743c67d04685fe23361e990555e9a3d34cc6b6b0bfc9f853228f98d3d1c7e6c7baaa8c6bafeabee3d62507f31dbd36b36

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 265db1c9337422f9af69ef2b4e1c7205
SHA1 3e38976bb5cf035c75c9bc185f72a80e70f41c2e
SHA256 7ca5a3ccc077698ca62ac8157676814b3d8e93586364d0318987e37b4f8590bc
SHA512 3cc9b76d8d4b6edb4c41677be3483ac37785f3bbfea4489f3855433ebf84ea25fc48efee9b74cab268dc9cb7fb4789a81c94e75c7bf723721de28aef53d8b529

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\d3cd32a8-da89-4db2-8da3-674870ee78c6.tmp

MD5 57b019006c47f5d32f956f53ee6cb191
SHA1 502dc133231b8dd2ded9cd446b66af6152551f09
SHA256 0e3f0b4311c4ec801f2564f5c37fc1573f6917c7bad1bd8b987d9553c2d2b7f9
SHA512 88568c11a2e3a9b3b26166952c60ac10170f7706544d702716adcb1be5102b807a79348721bbd454535b6c17ec4bac2cd537451159fd3540c61fc84ecc4f5af3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9f504c63806de04c9573b1ca8bbfea38
SHA1 5bf7cd3d01c83f5451b2ae4f973ad4ecb99b433e
SHA256 b16285588ebb0392fea24c30d4b963d9e0140c77ff241738837641b27e8fd274
SHA512 4a9aaf2694df3e8e4aca5071afb20c6299a629eee633b4f027a26128216f53af1ae6ae66d217142a53425e4f82ebea07bbf5bb7f66b76a894b7917f4e41583a0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\datareporting\glean\pending_pings\871e08c1-88c7-420a-ab6d-ae7bb73068b5

MD5 4894ecb8bb203e7f74cf78ed4e4038fd
SHA1 bf1da8c9d6c62c19d8cc9500cd25e515863641cb
SHA256 8b56263778c399c8149c3cacbb99427c02e25890ca283edf72266849280fe64b
SHA512 150f398e96638690c23420c71e64f352aaff29442906061443c68ff675ff211737dd61b60f0844338e8a6a0f6689d307691b7dd8aa4985d6076a5abcd7a0cd6c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\datareporting\glean\pending_pings\09148389-9ead-4e7f-b64c-8dfc3633def6

MD5 aeca391bcd26c6debc8e00f3a8d704c7
SHA1 0fc41dd8cecdd8ecc16b879a6fe7916cf935003d
SHA256 ec466d2e6f156dced5899e3306f620dc8d1e38dbff07698aec08e23d7b891c83
SHA512 f16113c198a9af2562f126890ac708898684fd803a2d40ab3567cec2e287c22ded3b15b3ee69af716abd18b5b92ffc338b6225cae0b9034b9a242061d1c20788

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\datareporting\glean\db\data.safe.bin

MD5 66083b598404999e8d35b44478d392db
SHA1 d2532c69734bdefaed7a78bd4aea1a05cf350f4b
SHA256 5ccb312b0fb8cd5861d90876ed98f739935989d9e31eea73ea41972dfd599a18
SHA512 b46df7dbbf684fa96984c4f8a064ba3fc781c024578690811878f2b5ad1a0a387accc0bd6048de0165341e60b4054777ecdbc6d50a86b1540c8e0588141d49e3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 12073af823007ae20c7b3a14b70da94e
SHA1 6f38b90eb5ecd0ce2f3ecdbe9f18d7412e5298ce
SHA256 d00f5c773ce637e3514f0c74ef1d1ff11a371cc5be323fbef17acd3835e3c6e6
SHA512 91df4bf86a99a79e9e60f2db6a1107af73fafa273c9910adca1e804f63ee81970f5683b460e85c56fbab8230cd8d44e55c294b2cdd17f5ec61a31e900c3b9c38

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\prefs.js

MD5 ad92706ee6c9e1f6d3a043481fa560e7
SHA1 4086f86b9eb4bc9dc2d750d11412c0537cf6e1e7
SHA256 a8bf0c56919c0363b16250dc98cbe1c16c0dc0e166e3fa4128cb17ab4961dd87
SHA512 4161b89e3430db9c6fb04458ec7686930fb4857dc3a64e66129785dde814918a020e7275b26f5c3bc3c9fbbc3ef8ec0b1612aef74d4071eb13966a32e6eba017

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\sessionstore-backups\recovery.jsonlz4

MD5 ca1d2252fc9c0baab845865318617583
SHA1 b4cbab1c242c252a30e86cbcc6fdbdf104567642
SHA256 6acdf73da31efec2ff18bd555a5440cdbb00fad3df4e361c9105b6f2e30458f1
SHA512 ffadbb6d4a10d974b1efa91c0a8cd47a54353488ee38513ae02c49a510073d2c27545d44696462c833f893b83521a2b6f7db7b79910d2df3ed54acf70c1e47bc

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\F62B972AA1E120022CD72DEA32D1C3A1D2316958

MD5 23e53190a323fc06fe988157a206b6ee
SHA1 057f30f98fe57d7ebbc19762846838222b79ca09
SHA256 7a8808964702887989be9b3c16349480c0bd4f487f08cb63f1588bc1147509bf
SHA512 5f6f1f6b76828787d9e4f9c071d2ebdc3a609744075653facd17b74b7e09aa18d87e43b03b48de8b45af1cd04a63ae215cc93c9cac77d24acae5104094f19652

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\DB5B6EC7A281339B2CAEFAB215874464E30E8B0D

MD5 aac97ad84920462cf05278d296f96def
SHA1 fa18e7d84209868ee05a2d603d02ab48532c702b
SHA256 ab6c1526cc6ae7193ec2b4ead1f17f972404b78574b4140c36135691beec00ec
SHA512 b4293f18dc800450c65a0b5a1a80bd8b245d2a3ab1b457c1c64de184318d50e134cf1b3d36ce5c1688659171d143fa24a782d58be967b29051147f061fd27c4b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\4EBEC6EBF1690143BECEEF01C0D99B7B1C0C36C5

MD5 572a2a1a3f4e63c2ecab508899b35bb3
SHA1 4df117ac66a93e443398cbccd61858a201177073
SHA256 fa8e45dc595a89edf090f25599ea022e5a2cb1905b4c274cc8ab040fe2f9edc8
SHA512 5937f29022daa1ab6d954fb433799bc920e87e79873c333b6222a3b0409a5672204ff6071ae5022dd84e44aa94cc583d6ec7bbb5edcff620a85d9d1d9db73352

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\prefs-1.js

MD5 18fc63d6cc393f676ab706fbafd56314
SHA1 7ce34295b470b493c91b39b4b85c7abd29f6b951
SHA256 10c326d7113e9b9793877ba73560f943bb4e3675a1081b959cd5e52112e5a017
SHA512 f749081f72fc22321d6ea3175ed47676de19d5f7c3025ef30c0957cd842a9e86d2f51c13757ad418493c427dd6ff76cf40fd75861cb771d5fab9507c2672879f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\23483946F88D2C428992B148D3B103A9C3E4F727

MD5 e6d440617ce558b463a877cb1647a2af
SHA1 1e3b39910e1f9ba20564fbc83a29f8a211a82b4e
SHA256 3b94ebd0fd5b542f07551f5f84b6c0af9d4221119e1baed88113a83b2228ba19
SHA512 99fdcde637ca959de3d880afda59e8ad5e94be263bddfd8a6d2fd872a044cac87564af502808d024a0b1ead4d2b12990f91eb27becb0fa475a432304803fc153

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\36D1AAAE3658BF5AFE0B6781106FD7765B08E4D4

MD5 0dad402c3a715909ee5b34fc1f5f8c6a
SHA1 181b8045a747605d78b598092477aa406e9ac4c3
SHA256 2b055963721c25cef5e7940119b1b94c5b55fda4c009ea15e0d9244b9d2d6b44
SHA512 aba4215a3fb169eee51f8990202687c7a0cf752ecb83b486ee664d5a954618cbdc267143b75176dee4acbbb5e4d3d198c8195769ae099c8528eb42ed24f829ee

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\A3500641159D6BC167AB2441F565D6646367912D

MD5 3f13f929534f2877db30c4a847e526ff
SHA1 cb0f16e6d7dde4623701b5b1c6a067988b4258bf
SHA256 affd91616426f6d2ffb07713bb9459adb1c79f4cf0f2858412ca852b53228e8f
SHA512 b5d908ea144e0cfad7edf73cba359e296330cbe7d74e5e5304e7195aa885c0518171a88579f3876b25e482d880d3a4bc9e447c9c5115a7c4b179bf13c701b09b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 f9d08636cada295e5be8568206b7f19c
SHA1 4f5f2fab4d85a6fb1c393f16cf4f9ba74a501356
SHA256 3cb8a52f742ee08c941d86b775f5d6c13ec3c39061b1f6c5a4e22fa6f0cfffa6
SHA512 4b6dffd218db49bf415393c99520ef95031d0ae55f8bc9273224915fe2e569713acff716b5f287db9f5d0260b7cd93098b5c2dfa48fa337211cc3c3e79319938

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 7190dff32aba28c359c9f2f2443b9d9c
SHA1 adab28114ca3406339a08ce642ce9faf8012566f
SHA256 d478a85fee0d65e2d7a6f4b40205af2f463e401a50da17a892590c1429f03505
SHA512 11c986c2d7f464029bdce6d1a30bc33eb1c323b7f9cee67f622159a3475dabe3f0f6c1f80f8e1b651c6df8bd5f3ca404e90b54c42e6469c12adae5f9f703757d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 104371007b1d827807e6d79b68cac504
SHA1 a1b6b1db7ff6126722a11196fb843a84d2122b9a
SHA256 4b7bc2fed73aae14d5c0f03c7eefe3d1b17789c779d8b8495448da2eefcc5a23
SHA512 7cf3b9aef35debdb099afaca655cc0e646b1ea097194b0a57e48fa8023833422ecf75dfd63c23f18fe428c0a2c9f76098cf0ba2c9841f94ca061dda93a6f20e3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\bb46a83d-a040-4c40-902e-9a68ea148931.tmp

MD5 52aae6e1c0ce72891665d4173f3604e3
SHA1 74c9438b69007448994ca6c40ca1eab2d9e3f85d
SHA256 48b60e9fae1b9e01f2973fb395b7f9e0ed0e6d37bb4e006370c12af481046fdf
SHA512 446853c1de18defd5c6e78fcabecc3df55a91b578072e33916bf9513f7911bd06697e79d806f044b08f9730f36c17b242928ac39ad7211cdedf1dbed93dfcb00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ee014bdebb4a99ccd565c4317165fe0b
SHA1 fe6400f4173d280944ee85f78010485ff2226fed
SHA256 cf91a4ff0ce68fa77c25868cfcf91d4679709f7edeeec041617f7c1b0d00d604
SHA512 59dd53410a605a9fedb3b5651f0486a70765e2f72671b557b80dbda9655aa0d5e78aa9cf494505c0a7811beb56d7af6dba201ee197cc8e8623f200caac60acd4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\default\https+++www.youtube.com\cache\morgue\222\{6f75514b-a26a-4ffd-b51c-2852ee47d3de}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\default\https+++www.youtube.com\idb\2083979002yCt7-%iCt7-%rde4s3p7o.sqlite

MD5 b134116272c165e4a4f3cfc953c48a8e
SHA1 06a7a6a936bee1fd7c1dee1a60e034afe29f9fee
SHA256 b2724b65e2215eb22b4d004dba9d5879e2ac256df1ee62b3e66d04ce15e3b76a
SHA512 48dfbdb9937e59fb78b676f9a5acc1aac13c555e35223f3fe77763ea35add4741b8b411bde4cfa010fe19782aa4e977d4f4b6c76af96937cc710814391191964

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8b7e4adc7d02490b71f5b41276941004
SHA1 7a5f215856a17fc36e1da3cc92fd061f705aae83
SHA256 7903d8e0a707672836e58b358399e8e58662742958d03e056b882ed34cf12c89
SHA512 db23c15d8be0a96a62f6154b82f84721b64ab357caa010ee241703645d65f73460d1f830c8720b28c4524fcd7a3da3f060f5628a29dec8bdc608614e6aa30ba4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bf2f0c514b947c0606bd1aa691a366d1
SHA1 6c8714900c385b54396ffa7acb82d7fd1a754be8
SHA256 913647492c49e2453313b04e0ff25a6c046ce19aa333c9bbd32f97ab9801da16
SHA512 6a3f1ea9f279cf2d56d8ec4a5a5e151b3b1b7fc12d4fb7384990cc3f2dc7baad287eea19f3f479d46cf70319c454025a9a2f00dc17eb413775cf5c3e2bd7627e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 7a204d478c8dfe822bf86f9103bbd9b3
SHA1 7114b36ea1588d9372d730b2ee5dec7a3aee36d1
SHA256 d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb
SHA512 f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 126f0557675e780a0e748af8cebeebc4
SHA1 98a7b5e62fffa94be145945061b3b7aec23f8188
SHA256 c0124bf6b04b0a90e4e4ce54125ac7f1ff89cf66fa891687652f416e57b318a6
SHA512 e60acc89b291c54e1e9625ddb99e61119f1be93b4892739bd0674cbd7413ec6a6082a6ae9295cb536eaef284c6b4f22fd3eaa701a193bd24035d60fd6d9bbfaa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 985a5ca25e254a63f280b75ffc4c8d4e
SHA1 99727abbddb4878585405e6ad4f17ae153927684
SHA256 61f190bdd5bb0311b2f59000a225d6310c34bcad8cb70f05fbfff18916e662a1
SHA512 cb52a994d061152bca1d58d1b7f55d73d0c2c0bf6193e1b981933d933a7f3ce2f37a0ecf27e0de51a03c6fa5f57fdf4aa504a5ea2eca5713084e4319c2a4fa83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

MD5 36fa14edf830d92f07b460da14a3bd23
SHA1 46c1885109b7b88956a53c9c87bad57bfe09fd4d
SHA256 d0ef14fdc761de893385491f38ebda04dfd20f1a175ef448a4d218f1ed8654a2
SHA512 564265f482ed627a855d8af237cb1bcbe4358c7164f7e9059893b97b34bd3aca87bed163b8c363a0dbe30baed14273f4ce6a8b47f9da75ef050393732c3e7aa7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c3a218f10c484c86cb8eae92756a53a6
SHA1 064c4f6cb011c435fe74cebebd868936cc10ce7a
SHA256 5b164c1f93fb30ff23f4581206fa3c416d60799effb9c44901ae4157f9543b0c
SHA512 5cfcbc5698cac868757b2d4279e6e7302207781de1a363a2ee827cb532896a95e58bedd999b0e1a6653acbb5799c5e37caf7562aafbeb671a63972413078c57e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 9a8dc3a99aa7f48e46e9f7bff986eac1
SHA1 94f6e52c34c87591831502e64eedcd5d834f2d96
SHA256 9939f4d944e942393244beb7877b269f0e11d7ba4e0ddbe96b50c2b1c0fc2c95
SHA512 25a878403d4ddd58f10a4ae5421ad013a5ba808e6acc19ac696dd9d0a9f2a1ac7c5da3a20512c7cabed2c02f82731bfa92812ee1442dc268fcf41ae3a078b6d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

MD5 d1a0d8504b6a46215e2a4cf521ddb7b5
SHA1 3d6e16808a1e17ccdaca99f37ed30468391c62e0
SHA256 cb357178d5e09917800b0669d958b5517c4f8b322c01f2adeca3ea7fa4e707c1
SHA512 2ee68d71b04a78e1bc353f66daaeac1ab9f2e1119d7b6974571f8ef1a7a20fc1ea3903f3d90f3feffe7d820339abed4a26cabb230ddba3baa415309daad2d570

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\91327050A5D76DEDF98ADB9E359869511B7AF892

MD5 eb813f62bfb25d6908633d09424e93f7
SHA1 0168b406c03154f4fe00e33cfb77040cd1d72bf1
SHA256 f4f21febd895f8dd8da91ee2ccf91a27fae6b320a43a121016a8cc05eba77c82
SHA512 57ca422607347371aa497544492e416e411e98e3a88e8fb753cfa70b64c1f6746a1862c5854765d0d2020606e47cef000a2815e758c0538ac27bba804c2b738d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\2CE0A10F1BCACF777EDBAB6523A99BB23A3F1330

MD5 b699d3e47ecd9deab23d988e84d339a2
SHA1 8cd94bcc46e84df41d5888587399b4f508fafc39
SHA256 c4385a1f366821b0eb22bc1a95f471737b45e7d16f4813d6d77f2d2346471078
SHA512 0b2a8b5736110b481b2e479dc20d71f4c2c262e6b8046a8b3075cf493897c36b1091e829d2207b0dc4c80d1574fe0f12bc8f758eb051836e6d996b975faebc4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 67e7ded3be89e67bd535fa5860fb0849
SHA1 d0aba27e25eb48e28cf433647918c45137e3d2a7
SHA256 20a09194a17742d032d8d3d68e369c4f23378a54dd16638b8b303404f97d73c1
SHA512 df44a36055653f50a6909dc982ccd3a5a5935330a65e07a19f8cc69049f5611be23ea31537ac4148d96ba1522efc8e252bd1f5d89a2e67a89f4ffd491874b625

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

MD5 8b4e81a4567d0cd25527dbf0df606baa
SHA1 012205594ef41525f128c15329eae2a1fb157df1
SHA256 ba6a68bcedb0d03473013084d7c70aad7c21011393331f98c18e8784c990bcdc
SHA512 3705093cb08cb0344727fb26c7e144c8e6bffd46f983917506a2c0fd7597180b10984640963ed261206d22459fd114e9cb13cdc79de8b5da687b8074772766d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

MD5 d4bc4397cc408d1553dd47cbbec23b9f
SHA1 622e33f46ff1688ae0fcf7602ad89a5f5e69c8f0
SHA256 6ab0083bedeeec578fb35e21560d2b9bb110f28ae6b32cb8c79dc7a1d6d9cc31
SHA512 672eeb002ab524be8c06e7c48857fbefa8d950f3e13f8b93e137da6d0c07d80df6f9bc308015755f3764f93d71d2587f678ba1e9766e2626b6018c9f027942fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

MD5 affec767dba2aa75c27c88b160ee60f0
SHA1 2a79d4b0e6e498a70dfc387509d95c0c85b27ce5
SHA256 a4c75677d61c01d1828e3656c392aeac8817144f40abff788535816bbeea8e58
SHA512 2749540e34e07823c8c6c44407d939d80e092f8d914e5d79ebe122de7d851f1b0eb7f3589b3e91083a1ebf316898b0a691ac752472807c9f2d8bb6ce5089f19f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

MD5 8e8f081d5358c4a2e4dca2752d1d76c2
SHA1 2aa7eab947444f2ba3eb968995a562c7c322f27e
SHA256 d43764d48c8444d97e80fcdbd8edcbc8785acb24f1b9b6fc61fced177d120fd9
SHA512 4925a5ec3157009857fe92a52ee305c395169f613e8f893d1459dd79ac5b56b8b88307aa0be5be47f3ddf739e6e281b3542c52a45428f2b33b1401071e1c65a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

MD5 e4fc8b808bd6d5e565be37fd6b8bdd8c
SHA1 c1d06efbfc693f96145adbf41a2c3fef562dc53d
SHA256 7519adc2019a25dff7422e10da7ae39050513eea336252353d0729c78b0ee398
SHA512 73499f9db366db4226fa90ae11902b9cea21da7253cc366bf4811fa628e620608150f3f8a02bd3bbd79b48d93ab63862ad8993eeabcfef270a733528a7fdae6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

MD5 e684bcd79ef03b90019568b29e05a52d
SHA1 ee3e739e4e64b44fb089c48c16e010833cf7678c
SHA256 37d1d4cd91d4e20d4f20e3548e220d138659711ff11f51dc3d7064851151ec1e
SHA512 00c6170c1f9f423ed56dbe5c0ad342040771c066b37196b5e04355678d6b72f924fad9c0d7932cc9c9050157809b12c406024d728de259aa9b52b4105337a674

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

MD5 d8397099c66f134ec6fac2f8e9280ec3
SHA1 c019499dbb2e11e71526ab59dc72360ebd592a38
SHA256 0695825471e6f7d24350d4776c0144a8b21640fabbf0919bec0ff43e40b7859a
SHA512 e2b64ad92e33e2cc924e1e678b9a48839a237acd27bd75aae34aa1f4b7a727a08f3b278610260ce091bc201fb1ad2153d61ecf0f036aa2260d161e40e38614e7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

MD5 a7d020971edee484ea885fc4616e9b94
SHA1 8886c765643c22961bac6d7b2c3c8ecc81b06bb2
SHA256 b883ef00d35c211c6e80e81e27765a3a13cdc958461edb8c2c04841a8a6a44c5
SHA512 57532c64e20bd6e59771a201e5c35d821092813d6838b13752ea2f85fdcbe02cd22b2d318a4aa0f154e1490f89d6f7e5d20adf7211829c1e052fd5d7ffeb5972

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\58BB289CFBDC678D589EA45C98FAFCECAAF2F3C5

MD5 8e05cbd61b8aa9ddb98b07f25cd9deb4
SHA1 55276d323ab5466fc141e2aa4e2e1224fff3ec18
SHA256 048109d7e9635b40b0ae1226ea337181a7fc44350ea3de6cb681137363140579
SHA512 2086a0b29460e6423f6e0fa0d34cbff78d56ccdfc9d6abd8a015c21ac297edd0e80451d6d9d3f37c267bc31358475b311c9430897fb72b4119cfcc86fc724e0c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\sessionstore-backups\recovery.jsonlz4

MD5 66c9e92d8af9670224477289def948f9
SHA1 0926124b91bb6c47eadb73673022722543f34fa7
SHA256 96af882b816b866a12d48dd34944b297c75da780ebb501c807268fcd80dcfa31
SHA512 8a55e4eede89101ecb774729401a61264ff43d211ca34e5c370bd5c50b5f1dd3b3fd969d1f9fb69656c6ba824b2bb5d3aee4debc1c4ea8392f9a128bde5e4433

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 fa42dda540b80038e4fb83464da9308f
SHA1 5477fd80840c0d3ad0d78939948ceae07d8edd35
SHA256 8c1af6488286502da51293ad795a35283f406a490b74fc374b19dbc1f078cc1d
SHA512 fb864eea894f6653b8871f720bfb7fd56a17e5411824b1b501e16962a5698d1caf0382e9c86bab9a57a9a6311dd67b0752d4f11ea7ddef00416fdc118e0b40ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57a289.TMP

MD5 70212acf6505774ee4c6807723b73caf
SHA1 23f586c3bd6bc6085f74440592b3ee2ec5a72429
SHA256 c9e05841bc93cb58268e8a105433ff77c232abd78c9e80a958f62bd235127e07
SHA512 bf4bfa910a2574824a108345310c399ff61086d3230f4f29c71c2216264cb1091bb01546119ad33ce4d533effb3c2603fdc8a981b4346b3005c162f26da6afb6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\adbef3b3-2b87-45b0-b345-1a23dc48289b\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 29f9054c825a888b1ec5d818cf9bf425
SHA1 19aeba780e3fe28a0e95ef85b087068c814e06fe
SHA256 97cf6e2bb86f0874671785edb43340f883af6b0b6b0207dcfb3536848145a5be
SHA512 25d9d86e241740722167f97c8e1cd7197924433e1e3a4af4456f8315b758cfbcdec20d77213d650097f7d32ec0048a26c2206b6f45b3dc8a8004f980ecf4baa3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ad9adbda9be0e8a0f2a50fe2cc8d53a6
SHA1 83de77f981bef74b69d2a460823350054dd0ab4d
SHA256 990fbd6a91222dbe814ad739cbc3c2170f43d4f1b24221736dcf200c66e9bd39
SHA512 90fea028161fe29a7a21d14257fea9a7030a2a1602b9eccce45c8fd9d8a790ef3002c69b7ac9024861fa60a72703359f3243fae745ba6a4d877e60567ca02895

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57a662.TMP

MD5 c39bf0d3dd77aa574b4de0d231eb44c5
SHA1 bee8cfe5d1cc9da9ec32125fc0b8b7b2c990c57d
SHA256 9c8ee683752b08b3d8e2451ee39cb1bdab7ea92951bcd4008d6218079401b0b6
SHA512 7048952d8da0eef8b6b536e039c9a97a8ca81463bd6e796731bfba100ddc1c92c65d6fdb84dddf784d0997a71840acf5c4755520b4a19671fa35c78bc7751137

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\FFFCDE5D5F376202F9383A6E6B8844DA1AC46FE5

MD5 5588feb7e503282f9f70018a5337b64e
SHA1 950ccc9cab6fbc033b40b4383da454e3ec07bc69
SHA256 64135c25f38a4acccb200d7e14db7e3899f8b6eacff1643d3c32c3d16961cb28
SHA512 c183a06a67040c954302fdf7f973f7cf267dbcb43784296f71b9eb86810129a22985332db4b443f675a666a29673a1fb938103dbd52dcfaf0bd39a153c0e49df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027

MD5 81ac05c6d01d84d913a56c11909cdc7d
SHA1 55f6bd5429c5a35ed53caae2cd50d856edcb7883
SHA256 b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5
SHA512 0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c

MD5 3b40598a735a304a93194868c712d563
SHA1 6ccfd7117bf97966c78900872119f749873e5347
SHA256 e8b23f654dc1dc41d425a7ba52885933403e1ee55867aa52f18b641e93a8cdd6
SHA512 4e159ca9cfb5ebe7af0e847923f82d4219a467121cb51be9a0f0f6a2345067e234df5ef51206e71c80e5727333a5917e0aa1ca2fbd7ba72f280b69fdb9acb3df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

MD5 4e08eee044c91ace0ad7a46cd9542a0a
SHA1 b542dc6b9818c8c1e07563d3656389c67b3ed5f7
SHA256 e5602fcd6ae093bef4648c93d192f79d4d6849d783096aecfdd2f53e3ad85982
SHA512 72851bad9b83bfff6a47141bd5ad47bf1a2fffc7c8c62e611606b06208f5daa3c52ff49f60945ae58884e22476069b99c7a7f44f1ea8d624cf2ad4f4227d3b59

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002e

MD5 aac9daa9fbd0a896f415cb631da7f954
SHA1 94e7321a4d9cb4f42d662f5685a36920807c8c38
SHA256 c9da818db49a51bb93b938ccaf2941b1b3df40f0d1a8e8710cd14284b5c01715
SHA512 2dae89fdacc8c85ec21603c7ebe3b4f0d8362ea3678670c079745bde82737757c110f5d66ffe53559a8331a49a809005813e12b830941f0f72707ed43ebcc4b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002f

MD5 27a05b77e7bba6c2b279f1a67cd6acef
SHA1 3164de3d460475f745bba673aecd9f7d799d7509
SHA256 71aca97ad43f1a016bcc6a04f90587cba90db71a03358130d686acf042e00f83
SHA512 5cdf58d637dc70be10b36d7ca7230404ca4cd58af53028183cfc28335dd8d3ccb24f0653c0844acf67deb18f8b529dfa83ecb2af34dc1129662dbdf20c0bba06

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9339a89c396ec303d0a12565eac0d64d
SHA1 d29f537c350b76f0642321580912f247d82a645e
SHA256 ffe08469ce794fb40cbe415c9e20ead162b04dbf9c41184c2854ecfd6a08646f
SHA512 9799a65d24f947e36c53ddfc1b07499277e7393319954e5a7afd828c4245e922086417a61d2356bd29ef699f888349a4578b9725af0ff13dadc2209cfcccbcb9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 71262ae56876fb34d24c114a13b89883
SHA1 95f96cbc8ebf9c26fcdd16b5e399829368a38c1c
SHA256 b07ef550caff35d8f5764d58b2a2ffca8a8032a76f272d8458db7955901bdd7a
SHA512 28f1b295b3cec82f62ece2fac2e5834d4f2c2db4f8675e246d5c03616b229c2c972122a30798bc833908c21de3d5bdedf3d4dbac063f56726846b6307c9ba7aa

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\prefs-1.js

MD5 de6580523f358df243974132c73c1a59
SHA1 d884ca33bcd6202480c5dbd681fa82cdaf7eebf5
SHA256 76846bcaf60c560e2b3c6e3c21edf47fdbab2b668b2caac72690b1c117518f04
SHA512 e834be222fe369e073f9c6259f30d93778bdcbba77a84b3c4c440f316d1e0db565bacf8019f354c2121f894c6ee79f8c889189f4d6ff465407dae1c4310b7287

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030

MD5 22d0c9fb783be9872e403b59abda6c4f
SHA1 1664f7acfda8dd86abed2ee3065b8fe2031d07c4
SHA256 0e9d548fbd6eb9d25921d5e8a2aa9fc728a099d17f65c9852bd6883dd5faa668
SHA512 5f6df4c1b662234013e1357b8fb8e19dfc23fb823f497250d7eaa1ae0c969a2bd143174a4c913b89d1ca100ae8e0e757ecde7bd60b2ce65411daba8d4d1a1d31

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 1715c9e08287dfc19b7b479942390c25
SHA1 d2e9b4580fe1bcbd7ac4daf2b50527f736a37883
SHA256 26203591abd1c82712c864dca2c56d724bee079cfc4f7096f5e1bba98b3878b8
SHA512 3d2eca5b18f61aacf1356fe2ab5df4c8e732cef78b39f5433ade6af8d4aaa263be252e2d1b6e8770176a46f20e04aae20022577b1fa43d4ab5a6defb66f8c6c0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57ba38.TMP

MD5 5ed5c00c8784b2eb489b4b618549ef5a
SHA1 8a61317c3c26b0c430a571af268b29d17a998c95
SHA256 f4d07f9376ceb72dec164f1c121b5df3841eca420747b70309b67cd59c8c469a
SHA512 0640319b29f12547bac770f94ac26c1f29d54cb39b4235766a713af86693711b25591f4f9add465a01d6800f9425cb588d1d8e18bd75e578c6b7e99f2b2dd155

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 2fb81695a63df9498975c12be50b1ec9
SHA1 988bb6b79b8e20c5880bbbf58eec4c1ab46d12e0
SHA256 aba3320797fd5f70279e32736ae5c7b2fff122c2de8e718a9281cf28b0066237
SHA512 22051f0f76a011ad27b412b7fa8b889ae44fd73abfe83b0ca334105b02b83236714ec6041ea22aa6c00b0ae43d79855d97d22a13c05fdd10b498b75f363e7cbe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8a91728078008c8949aca53b7ae59dab
SHA1 644fb7414d1fc8cd9beb7bf3d81da3dc5cdc30ab
SHA256 972197fb713fe0e7eb46f1be96eacd36a1969648f682d7daab929763bcd556c9
SHA512 fb76f661fb4fc9ec1140a68ebeae5b806ab3c512b83236111cd6578559d002d715705b9627e4be26a5f5d431bf9b6402af053f865994729e508f8b2df08b86ac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 ca7aa37944382204de00c8e2ac06d374
SHA1 996f3d7cc1064dae26d78b80098a43d0f59fa619
SHA256 20e29d7bae1e8153695662fa1d69d3e2e6a65b09319ebd3f771922f73096afe9
SHA512 759e3744331a047b26c2ff27ab8c9e41baa9406e3481b4e20cea40006f0d3fe07d182778f3849804a670d4bd65252989fed3b6b0edc228df8ef527f160cbd8dd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old~RFe57d060.TMP

MD5 d47efec1119bdbe9fc9d8454ac80620c
SHA1 251d25ed5550b0502bfa7d552980bcab639ef1a0
SHA256 f26d0bf2608aa82b41192d022626ed53405ff434ab35ab2e730a3fbf26cef37b
SHA512 477021948f0b04b5f0c64cd5d8fe0019ade35d563b890c44092c32467443a85961ed586217da7431f124362ac50d4eedc15167630b1c0b82a385c44c60560895

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\prefs-1.js

MD5 b2e8365ffe7681b433355a681c3190b8
SHA1 89cfcab19a27bdc659356f3ba85d97e0a8748115
SHA256 0e3a315f7d137822550b6ef964a878b6e5d3b98441dfc4dd079724d54d7290ee
SHA512 d29b1a7d9a38019733ce99941f0d40ce33f11477b862afeddaeaa207c018d5f37550dd8b8b14e30720797d00ddd1a70b4f17a2db930b8bab5da64c5053a8c01c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\sessionstore-backups\recovery.jsonlz4

MD5 3741a7c6195cf51f6d94f04ae10e6cc4
SHA1 cc7806a0011f4b0a37e3948d86eadeb49bdff9b9
SHA256 7d2c31789d48af2ce93487559fd5c0f8dac9791d0e55a7c26fae125b8cb8d45e
SHA512 cdf4a50644ccf568b18d50c4da1610c7a0f41c57a73ac2b1669ca392ccbe152d369625f517f083690d8df79158545ba0225071e716aa64dde6e890edeee28f08

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 96ea71159344df9ec007973b0ef7519f
SHA1 3608513ce11dfc1a00432a1657f6fda9a295d559
SHA256 04b5891306d4d256415db1ca913319ccb3023f3e9a00d2cd6f1b243dd45a899f
SHA512 ec240043dca255f40cdd846b4de30f153331c3dc42169d72a8acc81e89ae6f801ea9e0e76ea5d1b2b9d05071eee7809ccf061e8c8f4c3925f605518ae2c27b66

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 aeaf5d91f74f94df23201c8c5441cf99
SHA1 501d4ef1b279c3a9144045f1d8e58491e94400b8
SHA256 b78859ef27675f8139f8d77cabcf252fba97d1c30ed96196d8e8fed3c2857d54
SHA512 2623812af22a4ab01aa0769d48b9ec21271a0139cc5f267d3a58bc3f1a8eb1f4114b2f98937290832fa3252ffe72af4023fce7b7b97ad5f1aabf5d1c9bc800b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57f201.TMP

MD5 59878ea6d1b1810a3a8ce28925c0707b
SHA1 fd68e1283da2c1d6cf4358b5c4a388a50707a17f
SHA256 6955e96fa8ccd5271e6c892b3d66410f160d85e85a8826131274ca32b6497165
SHA512 da3679ff7260ab31a38e1f9941cebbec1cecd6d3bfaceac47111d4a3638f40f140eefcc1fe3f5df29f96f47540720668be3dfdf5e36ae9b1cd048890e1484774

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 d3ada9e9c3986b0929a9688278e975b3
SHA1 0ce2e30be8c7826f236e222982ec11305350ea88
SHA256 d2556c8594f91091e65134b81e12472ffb26a12bf8f3d5943b4f37d721cc9510
SHA512 51a03a9cfa9b5d8bb298940a34a1f404f39320b925ee8b37f1884ac45f24a0e1d4c7e91a915baadb65d569779cbc416960a8d70faee5160d05b576e0e6cba26b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 8e1b17d3cbfa6262556b9320fbf6aad0
SHA1 70aa9d8ed846da84e730d1815b1f6a312a0e903e
SHA256 65801d6ab65a68e69bfd61dec7ba0f845d2a54864242022b12e7a0b8759af185
SHA512 242e09146a493ef354df917001b6b138ea3ef5b1c2176b83fe3adb93328cd0c80d5659e260f3bb35610522cf575bdc759158b3d22cfa7d6982e7be96681603cf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d7728b61fb4e688573d04492523918b5
SHA1 8f78f4b399d65a5d4d2ebeeee514c6fe44754030
SHA256 3794583630b8fb2e3f2d1b85d0adf36cfd2b8d1ad7f7d606d5018669928a6a1c
SHA512 7e7f954e8f98d8e8fece7796b6eb70e69a407a229f049be057e4d64e7f728076bfef824b8fff613820236a550e32eb833be01bbb2c7e70d71941e8c490178793

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5325df10b226ba8ca9bd76779d19fb83
SHA1 ff742f33d739a3fe8dca7aa4346b9be428c30d3d
SHA256 3bf8741097bf37afc1c081a333fb11a49e9a3ec384a36f9c3b25e4ba325b1658
SHA512 6a383f2ec5502b795ed25a0c24d834c9c03cee312fb54b5cb72794eb3c6b789b3fbfa0b3c5d180899cd323b154679597ab1cfad146845ab23c19b1b24ec25b22

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 49a0367f000a89556e6466e7407238df
SHA1 bbb471f6aa3e6bd776548a6a57d5ba7fa56574a7
SHA256 f0f2c267d3436ef4068a9119c828377bf291aeaa1e34c017e219a4f4f83548a2
SHA512 a8f1dd715185c4c9b188c7d3cc477634bf294f2d48ce0642b85c6c57f39f6963229b86280b3fa6f7bcc5690f79ed6af772eeaba307cfcdce1b8fd1557ba763b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 1c7ea2b153a601547acb9a4c703004b5
SHA1 93d4a6e55a8037749543576f797961fa17307a43
SHA256 60ec855a85cb3c9048c46729edec47122b6286af884aa95f97cdfb7de2dc425c
SHA512 79bb04b86f5330ebd86c56c5f5b95b1b8c8fd0b6762c80d9e979091d17ba9482183fac6af029256adcd94f0fb20ee7fc2098644eb0f8c68be42677e688968a95

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 cf47028008d2f16ef470a9cb820cf8af
SHA1 6538e701e9211c01e9551d71e9a12aaea7e994a1
SHA256 56b4367483898a33b842b26f2fc69fdf80558017df301d2d4a2f66296256922c
SHA512 26411a3c50285a2c3096cd3525f831e2baa5dd68a6a5f4614fd33ae9c849ecc475dedc45479fb337778021506256e13f11e1c3f81727855a285da99a68947fd5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 10e1e21cf193cddc6b2c6bc058bdd77f
SHA1 242b50786213a643f1fa87f9c9a5cdf9cb511775
SHA256 fc27f484ddd0839a39cbc25dcc9ce213859a0bbacd364f2810075ff3b48e65c9
SHA512 9fe9578a0e061c3330a02deb7bc97d0d921e07ec83f7962ce57f08ceec910111c0557c60f68d7ee9011ec33af446a4ed16dba241c6df09921d0e728b4a2a0a0b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 b753e777afd17b38964cd08c86415d52
SHA1 821dc1dee8c5e7ce7ce9ece72d7c65b840eb3cd2
SHA256 93f6d7766f4d7b92af85ea4f0590b81a2120a6c9bb3b797e95ee5f36b73c6dd6
SHA512 ce7370bd77d0aafede8fd03caee7f21bc05838d90d7455d0ef9e00e0fb500273a740c112f0efbe44b72cb3949ad7e8738fffd802d5641caf9860f3dbdbb10053

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cdbe2d9471f47e807d16d770a1f616e9
SHA1 f4bfca877e1c64f458ce87613bc03f0df864ab7c
SHA256 9a63f2d82a6c0c87fc97e9d34ec9a8e21ac10705236f7a071f7d921bc1e659af
SHA512 08abf2ae3cfbeb739c6762b50b6c3274d138ddcbd84013622a36a2d4ec5153e6d1a4a52205cfd1e5c27922a4839249d87ecf113b39b90df763fa88c051056cd9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 453c0eccfb871967b3b6fbdeb95f768e
SHA1 79f407f4c54ea1089d00853af3519989e26c1a29
SHA256 3c3763e00f40adb174abfdd260537dca15f0b6246f2d5c6fb9bb377d0e98f821
SHA512 613ea91533c7ffe7b5911aee93e600dfca337b0bfacafeabc8618699cfd3be2c446a88579046f8a2ce3ca18c9cf282e0eaee78807c750d21e3bac2460074b5f6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 3d7a25ee28cff7488d14f713826d05e9
SHA1 7aa4542d839fac1845ca202afcf93fa6a4b03b27
SHA256 80d6fdea0c1bdbb795c2eb10a7ac3f1aba6ebffeb935a13a38fdc158bc29507d
SHA512 333d18a8f10e1a773c4cdcdadf69db46e2144e17f468da7df15b742015aae4b0094695659f4c394046ec4bdaa9e8ee9bf0561ff6089adde6866eb42b5279072c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 d5ba8df65d0df2c4098cd33aef6b9bcd
SHA1 b488898f075e546c7f2127707a7d987d07670b94
SHA256 07b3d41fd3de039d2ff9df58767e8e3c7ef58adc5a8a2f0bf381a714f7df55cc
SHA512 71c8afc556443bd3d1caf44815a89c6abae6eff6ed669f3d3c03ad12847715468967cc4d74b5945437929f1b4c14d4068ab139215b798fa717246a5d30f31ca8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 676045980c707b2fe2ebcb397c07d78f
SHA1 20a95982365eec548a601e36d96297aee50a44d5
SHA256 667d6142d3cf349e7627bc9d1c295fd30324990862a3b09a0b27dbd2c07cba45
SHA512 e78c5cc6be8511d36928b594bf7beedfe291be2b12399f4ec5ceedbd9554c5a6d4171cc6eb44a524616ec89dd9a647124dc29e4149c818868b0fabbc816a8740

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 24a2b4de237097556d551f5537a0fab5
SHA1 ec13e9a2b881a98b13b76646d333e7e848db6ca7
SHA256 92f08231aeeadae89b05aae4867c0aaacc35aa52b66864b471a41f078fbfa9e9
SHA512 8045503e3a3ea19172e234613c40298df1ff8de11d4bf71eb7a281b7eea6183074fe7c2ed832fbbf7acb183fbda0234c7b5bddea2c53d18d3b252ff5dbc97c8d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 7a8a16e39a31300427592eb4124e569a
SHA1 e06cdc461a7ed5c27b23eb512e12804173f67e50
SHA256 1829d1beaf898280c64004697f55687f7eebce46b76206bfb4634ba7c31db2eb
SHA512 1caa92d71900af79f88f9e23fe6db56c5cd7ae25ba09c21786ff502ae8ae7ebe4bcc3fcba3175b462d84db5a6ee630ee830e1c75784315f72e9d7ba655adc89c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 40f952b28dde601f7735946e3d29f444
SHA1 7f5a0f866acbc2331a45721a2ce6aa9458c3b051
SHA256 558974e0dd69da108c205c8efca4f81fe863451d6f295a78420a559c7a83beea
SHA512 eec5e07e4d6e082b53c2bcb60c683cb0ccf8fe8e27e73d4d84838ed840462944da9c550cc6d3454b0115016752fc2522f3d37a4115fd20a0a78dc4fc8912651b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 19badc9158e77d425d58338a0c44256b
SHA1 064924be8973edd71c4d55b54a7e4a0de8778368
SHA256 c9cdb81b8a65187e84ef0863c2ea1f9989e82ee9ca1964dad67300e68555fb49
SHA512 740aa65ee339e423323b49a2ab6ad49f902f4d02ef8e10b3090afdc8ab96bc5b66d8f4d6b97ca044fdbf9ca82bf06edc80fbb211e0a28c6bfceb096ae7e2cd83

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 d09cb94f720f1f81ae9da878324bbbc4
SHA1 7b3b4aeaace372459159f855ba6525e33ba902f2
SHA256 68bbac00ad694671cfcba96005b915fdf6c138edc46957ef8c6cd421e98eed99
SHA512 4c93bc510f622358cf6c7fa101c4deed6e801d93713a3f11dc2402551070b058b91ffa4e11ee71e65dcdd4bcc0be73da2560b762cb7277e23523c6d86730b2ce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 3f9eb0291026ce339ef52d7991664c81
SHA1 962f779ff3e65bbe7f14c03a4484ea1bb0400471
SHA256 294843d0e1c94dbc8c4f69d67d56708c1f8eb4a27763c4717c17dfe58822dd2c
SHA512 df6987746934112aa16a04ecbd5a507975f0ad663c0bda096997b0d1989f5fd5d7faa07c3cc714cb827bad87ed374b1c8582295e1d771448a9513c4425ae91d8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 532115c56b4f93e3e3d7a9d575ad3181
SHA1 16ee520282e0d197cd851c51f7198581074a2928
SHA256 60613e43398cd9663fc2c272eacb50b2edea6ab1b57528929bf916f3e313fb19
SHA512 dececf5ecd7316574f2bf3e918fdb5dde85efc2f3b9d84cc2ca440475fc52c8a34e223d1585bf4355452a23d38b7e18b031d52db274aa6f7afca2dc7c47c584c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 5decef31d0476470f19d38decd415645
SHA1 a459277d06f17816278b59dc4235d8fef35dfd99
SHA256 9f3066b307fe144ee8be59cc35768c2b50f3b2ea71f9fdf9b2568636d3af7a34
SHA512 43b05ba67707cafaf0bb41bca62c4560519574476ed24d746ddfa7d8ba140aa74862928510d2dd83f1afe2c2a01184f0d15597596776d6b71f8473356beac3ac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 95ade09494b751b4c36a22494798190f
SHA1 234c942840b916b7e055c4c3873ed42c512e2666
SHA256 0bca800d79e1c6d6599564b350a72768349f3abb238b2c013d3b8a582ad2d55a
SHA512 9363b6d9d1b6e6c723061ab21439170dee9b418ad36f51201bf327c11529b3f3581c5a16a930c079cec9ee6ba48c3ffca52839b74812ba48fbea11bddbd57d0a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 bc07e0c102d55a18b15fd9742ffd9841
SHA1 14740057dafde648a0070b530695c9657da298da
SHA256 6a4636c4f76ece10f4abc42125c1a956f4c9d22f24c8fec04a22b99c029a946a
SHA512 9ab322cbce666bf993427877da63594a1bd2864b8aad94cf6b5f0c9342d940bfd7effd1c643101a27b0c46173394963d71c23ae629378925da93693e7c091349

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 96d87cd49ac2353c7b53f52e53894f60
SHA1 f2fbaa4d66738d4d66530cb0f234cda11512523d
SHA256 a7828bdf5b050c4358573e705ef36cf3796d19d0f16a09bfd22e50ec64347934
SHA512 ea17f3d103898059f6ad9a143471a7a4417256299216a24d4ca063737f5fc5977c8aa642fe08c7201a1a3759fc14f38680777c7d32fd8669e38858e4631ec723

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 908b96f0389095a4feaf752f9b47cc05
SHA1 94e8a2745a6806453b2ab5356c5c76b05db79791
SHA256 7d05edf7a7e5020f844ab5078eb72a5a393f007cb34dcdb478aef94cf3146fc4
SHA512 ee4a56e612ca4f4d2e7692fc1e9459432d5e59cbd2c171603fedb6cb084ea2be133712d0688ffb4cc38a62fe7f2c5bccaf3af13739a581c36bd88d6ef097d5ad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 89edd3f7f7a6a3f2d139c1b9aa565e66
SHA1 db838f37577bfc8527033a4b891b7008701410e8
SHA256 8ede2a846166efb6f3d391c590a596794080dffe3033b47303c51fb5f22965b9
SHA512 d42a9d518eb70e8ccb432705798236f5642f3572a098a9a8552ae5788147dc7b43bd842c8382a14d37585fce9880e1b96f4bd49450d3a3d739b14ea7f9aa1bad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 1a1fd93b5207fc9dea478df7a363f0c7
SHA1 66d89f43822f28b0b47968ba2e51cce18cd12671
SHA256 1357153d5737df9d98db057f6cc4e626b4045643b9a0e0915016a9ef3bda290a
SHA512 14ab8112dd930f72c7b79eb0a1194b1bef0a33cd4dd374fe12fcab740e1d33bd8c49751c459accdd21a782ec4d3e428bac5b3112db2de4667c005f12b77200f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e471ef68d0cbaeaf8fcc551f4682ee1e
SHA1 f00b0e84a487b9f311b5581b2fdc673b0f79830e
SHA256 6fe9a5bc7adddd2b8a9dd4b73b470c8c5c5d2de9a1f9f8f69565dd62c8f55c53
SHA512 afde935a0339cfa297f8fbab50e32f2a10a5732cdf7434d6aba9f1b477e8911206e2bc67615b1f4954b55f178910597efbd32c08a9e999ef4bfe2f73d77720dd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6fe54c6f961f4df1c4171e6119269174
SHA1 4fc8abe89220ab95ee440be66e271b254d354e2b
SHA256 a933ef40a52af6606734b8b3b4c48ab54726b3f6096cb3731067444cbf8c7364
SHA512 5fba0df0b74073d49ebc539203ad964f4ae125f037b84baabb8a8d9924f9f6ddff1c24a8b6c671e429d99c897ab4508880b828ff6e2b75b9380f994b2fb0a8be

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 d767a257245cc3ecc20a79745cc1dc4b
SHA1 45d8fedd19b3c793d6e173859e0f9cd72e413bec
SHA256 562d0419665f8cd0f299d9cbe68f43ff1191bebdfb21e83f073f1bbe043d49af
SHA512 178409a4ba0eda020513d84ea8c18db066c6fb744a01dd26bc80eefbe7f4e285f41d6d0120d735acc04903e987c12aacf7372f697db0c8b78aca91e26c77fa87

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 5e0e0016a5dbfaee6698bee74fd8547d
SHA1 97b53701a6ace711b12aa75ad525cfd76f36ef79
SHA256 97daf1c44a43f3c59e2bae9a1979892b1c312a75d6b59088aa9619511f06da45
SHA512 58d2dfd6ad15c50cb415b3b8d3fde9eb6caea218441f3fd1357910552c022829d5901fe56f086b453dc25e8e6e4b584f8a1af653d1fe2a1cf966e613097e2507