Malware Analysis Report

2024-11-16 15:47

Sample ID 240213-d3fjjshf58
Target 9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe
SHA256 9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9
Tags
google phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9

Threat Level: Known bad

The file 9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe was found to be: Known bad.

Malicious Activity Summary

google phishing

Detected google phishing page

Checks computer location settings

AutoIT Executable

Unsigned PE

Enumerates physical storage devices

Suspicious behavior: EnumeratesProcesses

Enumerates system info in registry

Modifies Internet Explorer settings

Suspicious use of AdjustPrivilegeToken

Suspicious use of WriteProcessMemory

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Uses Task Scheduler COM API

Checks processor information in registry

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

Modifies registry class

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-13 03:31

Signatures

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-13 03:31

Reported

2024-02-13 04:13

Platform

win7-20231129-en

Max time kernel

66s

Max time network

151s

Command Line

"C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe"

Signatures

Detected google phishing page

phishing google

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath = "C:\\Users\\Admin\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{DD85DB91-CA25-11EE-AC1E-72D103486AAB} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{DD883CF1-CA25-11EE-AC1E-72D103486AAB} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath = "C:\\Users\\Admin\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2268 wrote to memory of 956 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2268 wrote to memory of 956 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2268 wrote to memory of 956 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2268 wrote to memory of 956 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2268 wrote to memory of 2172 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2268 wrote to memory of 2172 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2268 wrote to memory of 2172 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2268 wrote to memory of 2172 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2268 wrote to memory of 1840 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2268 wrote to memory of 1840 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2268 wrote to memory of 1840 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2268 wrote to memory of 1840 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2268 wrote to memory of 2228 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2268 wrote to memory of 2228 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2268 wrote to memory of 2228 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2268 wrote to memory of 2228 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 956 wrote to memory of 2916 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 956 wrote to memory of 2916 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 956 wrote to memory of 2916 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 956 wrote to memory of 2916 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2228 wrote to memory of 2764 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2228 wrote to memory of 2764 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2228 wrote to memory of 2764 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2228 wrote to memory of 2764 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1840 wrote to memory of 2656 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1840 wrote to memory of 2656 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1840 wrote to memory of 2656 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1840 wrote to memory of 2656 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2172 wrote to memory of 2540 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2172 wrote to memory of 2540 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2172 wrote to memory of 2540 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2172 wrote to memory of 2540 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2268 wrote to memory of 784 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2268 wrote to memory of 784 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2268 wrote to memory of 784 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2268 wrote to memory of 784 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2268 wrote to memory of 600 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2268 wrote to memory of 600 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2268 wrote to memory of 600 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2268 wrote to memory of 600 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2268 wrote to memory of 1060 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2268 wrote to memory of 1060 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2268 wrote to memory of 1060 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2268 wrote to memory of 1060 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 784 wrote to memory of 1504 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 784 wrote to memory of 1504 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 784 wrote to memory of 1504 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 600 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 600 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 600 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2268 wrote to memory of 1824 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2268 wrote to memory of 1824 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2268 wrote to memory of 1824 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2268 wrote to memory of 1824 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1060 wrote to memory of 1956 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1060 wrote to memory of 1956 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1060 wrote to memory of 1956 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1824 wrote to memory of 1716 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1824 wrote to memory of 1716 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1824 wrote to memory of 1716 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1824 wrote to memory of 1716 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1824 wrote to memory of 1716 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2268 wrote to memory of 1048 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2268 wrote to memory of 1048 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe

"C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.linkedin.com/login

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/video

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1840 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2228 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:956 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2172 CREDAT:275457 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6599758,0x7fef6599768,0x7fef6599778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6599758,0x7fef6599768,0x7fef6599778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6599758,0x7fef6599768,0x7fef6599778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1716.0.1626472531\1415225957" -parentBuildID 20221007134813 -prefsHandle 1228 -prefMapHandle 1156 -prefsLen 20600 -prefMapSize 233275 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8224a2d5-2f8e-4442-976d-a89265015a56} 1716 "\\.\pipe\gecko-crash-server-pipe.1716" 1372 45db158 gpu

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1160 --field-trial-handle=1144,i,5953332842307967368,4760594674118887845,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1504 --field-trial-handle=1144,i,5953332842307967368,4760594674118887845,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1148 --field-trial-handle=1236,i,11028577367463251332,5589531642038424397,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1612 --field-trial-handle=1144,i,5953332842307967368,4760594674118887845,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1336 --field-trial-handle=1300,i,3995158180665376980,9041875824515140873,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1156 --field-trial-handle=1300,i,3995158180665376980,9041875824515140873,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1716.1.1326843886\1732258865" -parentBuildID 20221007134813 -prefsHandle 1520 -prefMapHandle 1516 -prefsLen 21461 -prefMapSize 233275 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2b47608f-9928-46b1-a20e-0fb88a2d980d} 1716 "\\.\pipe\gecko-crash-server-pipe.1716" 1548 42ea258 socket

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2288 --field-trial-handle=1144,i,5953332842307967368,4760594674118887845,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2296 --field-trial-handle=1144,i,5953332842307967368,4760594674118887845,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1460 --field-trial-handle=1236,i,11028577367463251332,5589531642038424397,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2560 --field-trial-handle=1144,i,5953332842307967368,4760594674118887845,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2716 --field-trial-handle=1144,i,5953332842307967368,4760594674118887845,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1716.2.224559880\246498630" -childID 1 -isForBrowser -prefsHandle 2488 -prefMapHandle 2484 -prefsLen 21564 -prefMapSize 233275 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {50f19705-bc20-49a5-af26-167809d9efe0} 1716 "\\.\pipe\gecko-crash-server-pipe.1716" 2500 1b07e458 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1716.3.759466905\768357916" -childID 2 -isForBrowser -prefsHandle 2896 -prefMapHandle 2892 -prefsLen 25956 -prefMapSize 233275 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6538c907-7dcf-4044-b123-1ca031d00dab} 1716 "\\.\pipe\gecko-crash-server-pipe.1716" 2908 d62258 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1272 --field-trial-handle=1144,i,5953332842307967368,4760594674118887845,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1716.4.673098161\228933850" -childID 3 -isForBrowser -prefsHandle 3536 -prefMapHandle 3540 -prefsLen 26015 -prefMapSize 233275 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e1c98a00-0690-4bfa-8e32-9f6ba5303ebc} 1716 "\\.\pipe\gecko-crash-server-pipe.1716" 3524 d6d658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1716.6.1599770785\1786873824" -childID 5 -isForBrowser -prefsHandle 3828 -prefMapHandle 3832 -prefsLen 26015 -prefMapSize 233275 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {923b0cfd-92f2-4c9f-8b91-04c57e9f59a9} 1716 "\\.\pipe\gecko-crash-server-pipe.1716" 3736 1e69c258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1716.5.967751207\994805357" -childID 4 -isForBrowser -prefsHandle 3648 -prefMapHandle 3652 -prefsLen 26015 -prefMapSize 233275 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6a842eb7-24bc-4d6d-8b21-ecd7f4a0f8dc} 1716 "\\.\pipe\gecko-crash-server-pipe.1716" 3632 1e296258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1716.7.540182592\1540790373" -childID 6 -isForBrowser -prefsHandle 4224 -prefMapHandle 4220 -prefsLen 26177 -prefMapSize 233275 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b5af7a80-8c65-4fa1-b876-10d9ca6866f4} 1716 "\\.\pipe\gecko-crash-server-pipe.1716" 4188 20f42458 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1716.8.223154969\1134817993" -childID 7 -isForBrowser -prefsHandle 4244 -prefMapHandle 4236 -prefsLen 26177 -prefMapSize 233275 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {85dc55df-dd49-4a9c-b0b2-2e2beaff39ea} 1716 "\\.\pipe\gecko-crash-server-pipe.1716" 4256 20f44e58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4288 --field-trial-handle=1144,i,5953332842307967368,4760594674118887845,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=2756 --field-trial-handle=1144,i,5953332842307967368,4760594674118887845,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1716.9.1252053858\981933849" -parentBuildID 20221007134813 -prefsHandle 3280 -prefMapHandle 1768 -prefsLen 26652 -prefMapSize 233275 -appDir "C:\Program Files\Mozilla Firefox\browser" - {cc2f44ee-a20c-4761-8000-8c89176a6f7f} 1716 "\\.\pipe\gecko-crash-server-pipe.1716" 1832 1c8fb558 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1716.10.1215735209\1578316367" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 3496 -prefMapHandle 3492 -prefsLen 26652 -prefMapSize 233275 -appDir "C:\Program Files\Mozilla Firefox\browser" - {294a30b7-fd8e-45e1-ab0e-076d706c365d} 1716 "\\.\pipe\gecko-crash-server-pipe.1716" 4596 124b4758 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1716.11.788784091\361553411" -childID 8 -isForBrowser -prefsHandle 4852 -prefMapHandle 4848 -prefsLen 26652 -prefMapSize 233275 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7ef5316b-d249-4034-97d5-264f08d8f1ad} 1716 "\\.\pipe\gecko-crash-server-pipe.1716" 4864 1c9a2458 tab

Network

Country Destination Domain Proto
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.linkedin.com udp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 8.8.8.8:53 pki.goog udp
US 216.239.32.29:80 pki.goog tcp
US 216.239.32.29:80 pki.goog tcp
US 8.8.8.8:53 location.services.mozilla.com udp
GB 142.250.179.238:443 www.youtube.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 142.250.179.238:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 44.227.167.82:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 142.250.179.238:443 youtube-ui.l.google.com tcp
US 216.239.32.29:80 pki.goog tcp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 216.239.32.29:80 pki.goog tcp
US 44.237.193.248:443 location.services.mozilla.com tcp
US 8.8.8.8:53 locprod2-elb-us-west-2.prod.mozaws.net udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 www.microsoft.com udp
N/A 127.0.0.1:49197 tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 8.8.8.8:53 locprod2-elb-us-west-2.prod.mozaws.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
GB 142.250.179.238:443 youtube-ui.l.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
GB 157.240.221.35:443 www.facebook.com udp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 34.160.144.191:443 prod.content-signature-chains.prod.webservices.mozgcp.net tcp
US 34.160.144.191:443 prod.content-signature-chains.prod.webservices.mozgcp.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
N/A 127.0.0.1:49262 tcp
GB 142.250.180.14:443 youtube-ui.l.google.com tcp
GB 142.250.180.14:443 youtube-ui.l.google.com tcp
GB 142.250.180.14:443 youtube-ui.l.google.com tcp
GB 142.250.180.14:443 youtube-ui.l.google.com tcp
GB 142.250.180.14:443 youtube-ui.l.google.com tcp
GB 142.250.180.14:443 youtube-ui.l.google.com tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 157.240.221.35:443 www.facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.178.10:443 content-autofill.googleapis.com tcp
GB 142.250.178.10:443 content-autofill.googleapis.com tcp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 34.117.237.239:443 contile.services.mozilla.com tcp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
GB 142.250.178.10:443 content-autofill.googleapis.com tcp
GB 142.250.180.14:443 youtube-ui.l.google.com tcp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 m.facebook.com udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 163.70.147.35:443 m.facebook.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 static.licdn.com udp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 facebook.com udp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.35:443 facebook.com tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 fbsbx.com udp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 accounts.youtube.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 platform.linkedin.com udp
GB 88.221.135.104:443 platform.linkedin.com tcp
GB 88.221.135.104:443 platform.linkedin.com tcp
US 8.8.8.8:53 www.google.com udp
GB 172.217.16.238:443 accounts.youtube.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 92.123.128.167:80 www.bing.com tcp
GB 92.123.128.167:80 www.bing.com tcp
GB 92.123.128.167:80 www.bing.com tcp
GB 92.123.128.167:80 www.bing.com tcp
US 8.8.8.8:53 www.google.com udp
GB 172.217.16.238:443 www3.l.google.com tcp
GB 172.217.16.238:443 www3.l.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
GB 92.123.128.167:80 www.bing.com tcp
GB 92.123.128.167:80 www.bing.com tcp
GB 92.123.128.167:80 www.bing.com tcp
GB 92.123.128.167:80 www.bing.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.179.238:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.201.106:443 jnn-pa.googleapis.com tcp
GB 216.58.201.106:443 jnn-pa.googleapis.com tcp
GB 216.58.201.106:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.201.106:443 jnn-pa.googleapis.com udp
GB 216.58.201.106:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1---sn-4g5e6nzl.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp

Files

memory/2268-0-0x0000000002580000-0x0000000002581000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{DD883CF1-CA25-11EE-AC1E-72D103486AAB}.dat

MD5 49046a6efb1098b17e879bf5fb22b8c4
SHA1 19808dcdc2d9c74b2af7e68b1bbb50aa5822fa16
SHA256 bc559ba20233b1ebdf0df622a23114d22707af49c24e46564a836340d4a39b9a
SHA512 baae35c05e4e82d74721b5879ab4649a813a119f54d827d42574acea8440a7a83b971c3afb176be80f5b7ce00d9a0ca8597c7bd7db2b36e1bb7bc60d5de519c0

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{DD85B481-CA25-11EE-AC1E-72D103486AAB}.dat

MD5 aab81ba7d7c5dcf48a66ef11a77a8f35
SHA1 9c97233ca8602f4bef18a115d683be87796f88e9
SHA256 aa5680c1b128fb611701adbd6c57a196c05a7751f965d6d47d4b034685059658
SHA512 7501591180cbbcb0546c4ff3c130a341e323a2126a02d2fa49dc9774525fc6677b72cd9377625f8ee4a638de8afc427a1dd6d0d7c6b35b6f89c93e9924dbe0da

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{DD85B481-CA25-11EE-AC1E-72D103486AAB}.dat

MD5 ac69ab46464c07a309f27c3e81ebba9f
SHA1 7d81f08abbc449f1a7e651bba80ee3b38fc19aa4
SHA256 40d16b2347eaa0afcbd9d06e8ddca7e3295403fc78d5c330f4fdf655187c2594
SHA512 9c02884dd5977af15c494196347c166e7dfb437cf83838dc9cb74b95a8ae176c4edcdd7aab8ea810a53cfaeb03ef1807d9315fe01ad18099680d250080c44799

memory/2268-4-0x0000000002580000-0x0000000002581000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 cc224701d3988dd5549f5d4adbf10fe4
SHA1 bf7837f102c82b785f087208d907c86f3de96bb4
SHA256 ab4b477c15da3d33fd048de6a07bc97f38cb55f647a7cbb9c39ccbe56e18cb21
SHA512 da48b8a59c7a8434d277f18dff52557066aea503d889b4c06a840e0412afc0732ad8958a95f5d14d92b7cbf503ae0d1a32c5da87027c5df69591e85a973724d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

\??\pipe\crashpad_784_ZMNKABOOAUUWYFBU

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 8549c255650427d618ef18b14dfd2b56
SHA1 8272585186777b344db3960df62b00f570d247f6
SHA256 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512 e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8e0944eb206dac528f06e20cf6c59f1d
SHA1 fc5287076cda42403083f0abb0902e65b9d8408c
SHA256 933a03104856166aa6395621a80a4b07f40f68151abe41c59968d7670c900aef
SHA512 1ec3eaa157727aa7f2843b8cbb585f4ec6912449911bf17562d164b845a907631b3352afa7659f9e6ca1f6c1f6eff047a7a44a52d5f366b98852cc669c162f1e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\a6572f59-67e7-41db-a3bd-682aa8d1edec.tmp

MD5 8e8163afc0151198396795af3bb7c0ed
SHA1 5ccb24b939f7e2c76c3cf593b27d1c3f1f7d50aa
SHA256 b8f4d149655c59d1f5f9bb56fa80113744e12649ec74e09cb4a72a76cec18029
SHA512 4c6a209c4ea6f37aea4c2a6f0445bd9d593149472f1938d530523f5f63dfa9b82a28fd0f6085491e20629e5188209b331c022cbbbbab3a4602e3b549ba73e706

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 265db1c9337422f9af69ef2b4e1c7205
SHA1 3e38976bb5cf035c75c9bc185f72a80e70f41c2e
SHA256 7ca5a3ccc077698ca62ac8157676814b3d8e93586364d0318987e37b4f8590bc
SHA512 3cc9b76d8d4b6edb4c41677be3483ac37785f3bbfea4489f3855433ebf84ea25fc48efee9b74cab268dc9cb7fb4789a81c94e75c7bf723721de28aef53d8b529

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\datareporting\glean\db\data.safe.bin

MD5 b5fe08ddade89db981b33a2c30c4052a
SHA1 daed3790f1ec6d785bce2ed7a21d359c79d30e87
SHA256 e07143377c8231ac553f5c66a3bd65e6aede051737a5b67746c070c368fb6ab5
SHA512 d26d65f75c287814f31ae2151e978acb52ac7306a9efb99b0974ea5ed84767d9834094351adf753626f3d86c8b335dc43aff0aa6bca7f0b78bd24af93b474be6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\datareporting\glean\pending_pings\b7b81724-f940-42f1-bdfa-4e3016cf75fd

MD5 78b6c92668ee098c93641f5b773e8f09
SHA1 20258546852b180762c14706db3242473450392c
SHA256 ece6d83c5f5e4420ee6a3dd77b0010f8b5dd9f8da9a0cb0d671205f6ba9c63bd
SHA512 02dfb79847365ab44ca81098bdcfd1a6d05c02a4ba83c5bfc1b51527ebfc541a30abb307a52648afacdaaf494b509dc97fa1c116d46287be9d4cddec24973de5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\datareporting\glean\pending_pings\99647924-b46c-4eba-8b15-5ac7981c7832

MD5 f1bb5d473d2940ceef338999cd3efc72
SHA1 1a8ed757a3c60ef7d821337c2aad22d870c97ae4
SHA256 5450f21a320cb2ed1b5e54bc216332c2add77a8775b997b75632da438dc953cf
SHA512 a8720cd0eb0f685f0f9468f31e98d78b56511faefcbc332de484ad296cec164ab639dd2c2685c620f78ba844ca8814f858cce1683eaa5cf192caa050d942f21e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\prefs.js

MD5 525c169052301cd9c503ac6c258af9c5
SHA1 d44a4269c88ecf6e2aadd2fa141cb257bff7dab9
SHA256 e4432e50d2821633dc4550e42f527a9150bf0e25d62319b0935646ae1237d5a4
SHA512 fada7e8c00a87fc0ca29274845a4da7c60595046d7792b546b9e46f300e9fbc0455e28aad300af865e7875c7bce6f1395e38a4fd0645a83e2ca378ab4eee1670

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\prefs-1.js

MD5 eeffc5a44d9819726cef7c05416ada6c
SHA1 783f8cf7585ea7cf2895b8a5de88230847dd6973
SHA256 d99f43627f51abc222a3d50c19d2b9ed5e4e19a9cc24220378430dc26b330b30
SHA512 586418474269a09c8e491c3f0872ab52b9d2c0c2864a559c1001eb32b41e9a0e7dcec9e079e75b42044ea1cf1e387ae5cda096a5e599a26f0c64d4859d8c1c72

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b1c86db59fef964552117704b73d99c2
SHA1 b193846eca74a236ac734956c010727a1929b19b
SHA256 da97365b557adee3baca732e3723c4b71ca277e831e55e741308eadfa18f9745
SHA512 6d418df3bffd7a38a569369fdb33e497de923582c55893895d8e2004d8cfef01bdc8f65769a3726b6605a1bbb33915bbcd8f2f21646938c59391c5140712fab7

C:\Users\Admin\AppData\Local\Temp\Tar6E10.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 492c0dbb35af9fe9dba5e81b1040c201
SHA1 2bcfb2d6eeb587308c93c01cf3c7f0abfabc878e
SHA256 aac880d8ac29bc446cc16f6ec86533c1b3ada24c87ba22f239dc541dca3a851d
SHA512 4819dfca76ce96c0b512347e1ec2ca59c077b36df6f1d378ed2bb9262490eda451aeedca90d57106af834dbdbd3765ca46b7f197e86458813f4fd6539d0943a0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 257751134f16fbcd6cbd8ec7e0931fff
SHA1 a1fa1fea6ffa7bdcf342ec430136e3af92e9ae89
SHA256 1ffc7ee3a063a46a4ded67f704294a484ad95ce2798ec66cc8ad8fbf59c93885
SHA512 e35bf2d77966f03c238269ea2c8381874fffdf6c67445b9d5bc16b18e8b3501bff4ef769fd295159d37c58de779658d61112f1d922011a76d0555fe95ae1db08

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 56220dce06897bda15c892f6e427a85a
SHA1 82a3ccb5dccb155cc79393a4f76d27f375663c4a
SHA256 98eadaf070d10c28a1c16cfc3a9beccfdfaa1f28784a5fdbd1719f81dedc703a
SHA512 fc7a1f7ae3d070b0e09f9cf5739a0e71cb10a0c11badaabedd48b712b8f52db8c30962b74f65a1c745951dd7c2f9f84161d7833d089d31b41581af7e8269a843

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\sessionstore-backups\recovery.jsonlz4

MD5 27fcf36c9390a530b1f25eca5365a76d
SHA1 c859e7afd8819d5b4c851ac480d5cd0508da8bf9
SHA256 dc36abc33b1bc69c52c8967d0f06ed4cd2ed956aaaa9b250eff391e2376e545a
SHA512 ab40db4c4334735bb5fbb7c87c1cc06fe5d75d9e2551acf20a38721b406081d3c84ab9d5d7fe8fe7ba0ef8f9c00f0093e2cd5b95f90a3fe95e8bdc3a8b4129e4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 afdeca560b8ea89eeb13401e36734f6e
SHA1 64ad69ff61fbf4ebc98c5334d89fbc07a4b0d4ad
SHA256 aee5d119c43ff975a0532d01c7bdd32e3830242081452191ab79ad0147060de0
SHA512 ba152be12f809e44e90094b4f901a472f11b8bc085930f7e22e1a3621495f83f8f3a49f09f690d6293a39ae0193108405695c09c191445826d517759d54963aa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 61894481e240561831e88b59c41a3f7a
SHA1 e0cb4768cddb5dacf372eb9c3c99c161859cae63
SHA256 b2c559305d5ea76b754cc633194a182a6043259d5f375bdd167ff0514e408e2f
SHA512 1ca11d470a763e7585b3fffcc9f5d76a0fd5d6559f54e3b0e9b7a5a842bb6a47af9f29064c4699bcf7bc07a42c044b14bf51f871fd20bfbd44d9ed87ff1c2c1a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4A9377E7E528F7E56B69A81C500ABC24

MD5 3e455215095192e1b75d379fb187298a
SHA1 b1bc968bd4f49d622aa89a81f2150152a41d829c
SHA256 ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99
SHA512 54ba004d5435e8b10531431c392ed99776120d363808137de7eb59030463f863cadd02bdf918f596b6d20964b31725c2363cd7601799caa9360a1c36fe819fbd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1a4b4cb3c15024bbebabf16fe57e82c4
SHA1 63d20770151f9f0a7e2b2c1a636386492d142fea
SHA256 692907f02ed0e86cda9341d3ac112a18f9c74f346cd512032f3e0d6ccf2145ff
SHA512 7890e9616e33dcc85a396366e3869c726618f1c37f5cd2c1b8361d930dd1763a71262e9b9e9c71026063f6584e65fa6995dfb0bce7272cbe303e89076368be9a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4A9377E7E528F7E56B69A81C500ABC24

MD5 97ba873449e8a4eab12d1bf8d1dbeb1e
SHA1 e8184cf5e519c8ab5056ad5bfbb511583401d634
SHA256 55fc4e3969aafbb8317820280b832adca408da542a2dda2592a8e72de021b714
SHA512 e957997e28eb321d35274226121386f65839337693aaba1203ae4cc7f46bc3b0abb66b3e819ed431f9e1d622e03f21c90f0d154199ee4c2201ffb081bbebe8e0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c28939857b0dd8f12d5820a8e4c328d8
SHA1 4fc14c9789d6223dc687f6990f28cd381ea1ffec
SHA256 0ffc3109cc285b33bc196db16c3d62311a2b6d636ba55876147d1a6a8eb719e6
SHA512 bbd78a7b5b102e563ec3480530da82ed838107b2e3501fec3fdeda52720b9e4f60697a7d47310c3b88addc149902c668f4fcc13e4e9318e425806c5fcf2c0a87

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 1eafb519e220f8c8058e5fed5b8b655f
SHA1 5887ec025353d6d46390446e36f4ddf516be6c07
SHA256 df15aa54bf7155a9027096e97a16a7ed7488f969c621bc46adfaede91154c4d0
SHA512 10d14f6f744673776332797f8b556253ee67fd5d866ba531d99d49a2d6c906890bfff95a378044f33aedd6f4afab6b18d217d29c0b879be3a8d3a83c11bc48e7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 53c65ba7d43979fb52c605589e4506db
SHA1 7e6cf204f2484b34b8253b0cf3f7f1588c262641
SHA256 0c3059f3e6883c5353aa3ef248c0d8aa56a307a3dbd8452e27134ed288ddb43f
SHA512 0a08123e9c05b6ec2558b3180ff3754dbff3e97c443ad7bf7c7588452121e77b4aef070c96fdb4a0c3a1069c585b1a2bda65f91ab9b341303968a08d691fa2c4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ea2dcfb52b7d33c2438840c6cf72524e
SHA1 006cd6f09dfa4c4ea35d6e26e8dadd54a28d3bc6
SHA256 1a8cb346860c64406f473dbc82a972aedcdaadf10b9e626c2b1e60688d65ca6a
SHA512 34684f2d71c10ce658d402305dcdda467d2acff9a7c5b2d8284c86044fb5be4381270392950c12cc543e4350fd4a59650ee9750c6e68c27a16125f32c49a2366

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 a0a3dc5f0e43b06fa700cd63fe27b8b5
SHA1 2b2a658843149d0a845175c331ae2d864b688480
SHA256 efc0b1338ae2ebc4f20a7c0d2a435f3e281db8e487a3758f9c5dc5e993c54347
SHA512 26deea9740b88faa47af00db9bf2f860d43c4e71c291edc9a23f2d0742b1f7fc0a9d7fc5c4a15815b455e9ad8e1694b798cbfda1c677b239b5bdf38d5a9ab23b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 d2c92750a8f5c5db166e73013eed60a9
SHA1 dc4d2b6c5fe347d7bda79204343c7715258eb9a3
SHA256 178a6ad228dc82903d80e7c75945f593f7e8a2c0dba4f5620d1dfcc69863043b
SHA512 48a22240442c69c73a067813c1271e1834ddde5f04bf348198a3bd341ca26a2a89372e5707243b6b3c2fb8a99f6dd39080ae92fa05ecbc2a7cf0e6b44e26710a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\sessionstore-backups\recovery.jsonlz4

MD5 3e2ddaebd9e9cd172c8493693869f623
SHA1 80ff26df090cd62ec68eebe578a7a2c11d757315
SHA256 192f69a1d17ed907c537bf34dc2b96b2e1040af69d4f45e781bc74d39bf5e33f
SHA512 3f0b8c1e1c82cb50c887e9795fe7fbaf1cd0e2e0cb62ddccf9501c6c18dae0aae42e8c97962dff8b95335c19d28389a53f520a4997a2bdce29f83968881d4828

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C

MD5 76e6910e5a84e5ac595d8a7fc41de0ab
SHA1 31cd4699bd778bd33823765b35fe4156781d645e
SHA256 6323985cf95f4070b25de82e4af772643808d2350e2bd2d27c5d8e59fcb03b6d
SHA512 1daebe4f366eba3f7feeff16db2657969ec795ec11dbf78d57888c0d4b6e339386871b1d36e65d171cfc403005ceac43463c004b133e67b37862e01e51abd36f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C

MD5 a7c9647dbcb26d87c40c846d499b1101
SHA1 9ebc1970df673603dca6d208663f230e540c66f5
SHA256 22ed1b718f00679524ddfcf19fa39290a0f0bed6d723622b892688ccd3a8df63
SHA512 727523a0cebf11c541953613ee63e6934cdea90c4d54666faa8ff3d2c2a37459215c8df953ec929a7f9fbad500c79c00f862c4c4a559a48808459fdaa2950f91

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ade77ebefe15ceb7a5d3ae936edf35a2
SHA1 8a0b6f0dc218af838f66a02abea9ec2f2e5b883c
SHA256 415e40188a6f1cc8283835e56e084056daa4123172f97feb5b70f7e00023c024
SHA512 aabebccccf41eaa4f3c9e89b2c109b2444dedd234b5f9a3485c959b5bafdc9cd895475e9bedf6827460ea9851623362880ef05cae9a03b11627bf4631208fa81

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d3df5c3b73d792eea58e7b481402516a
SHA1 4b3e58c261fadddcc99684ef14257d93864f4bac
SHA256 47d50b9b6bcd672ef403edb960175a34b4d9f52db107f7cd214680a2fa058dd8
SHA512 a70745f669ccac5f266914397afb1bf21035f4171670e73a8090444c28ac36d73594c8b254e85b7ae594786403e8df67570c248be81efcda68bb57b89b690d04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 5d5ed3995d38e15bffc9e9ff648f96d9
SHA1 255ead40d63e23e6f9afd6a6c0792711174b5a30
SHA256 aa782f4c20acd7996a809ad1abbeb2345519df7041b83e40ca7802249fe0560d
SHA512 f4bb3427c34d9d5ea3ea9156be7770030d0e924df74c335ab8674b47d1860273786c310421ccadcc77f3907399c23171909c40d720b387e8aca6eeea189dce17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

MD5 24f00e1eb7b677bc869cbc093be199ba
SHA1 4f5dec7c46ee19a6e801eedb6d44540ebc2e75b5
SHA256 f53b92a02a01525b887bf1b6da29e6d169d97dbdd57a5439554137db696ff4b7
SHA512 4a71f4bc457a115482aea310a5cda7cecfb39656d5394d670fe48aaf11ac3e604066c1f2f0f3833e095b059ce8bb5f88b436df50fbb7f0ca206e4818867c5eb5

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\s8rbov0\imagestore.dat

MD5 b8815404717cb8ac2ab7c1759e661d74
SHA1 8b743e0871430489f85939508a04e7814532a355
SHA256 9e59d0e89f99a6901a1061e45cfaad1a5a574effae1cf68bd03c63f9aa05422e
SHA512 a420e5017be809c400108de9a5150c1584deeb74e38c9ccec7b8212c2548233657c686e215e793b42f7a8615b6ae8abb535d3632f265c9d04074bc4ec9f6c6aa

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23V3BHN2\3m4lyvbs6efg8pyhv7kupo6dh[1].ico

MD5 3d0e5c05903cec0bc8e3fe0cda552745
SHA1 1b513503c65572f0787a14cc71018bd34f11b661
SHA256 42a498dc5f62d81801f8e753fc9a50af5bc1aabda8ab8b2960dce48211d7c023
SHA512 3d95663ac130116961f53cdca380ffc34e4814c52f801df59629ec999db79661b1d1f8b2e35d90f1a5f68ce22cc07e03f8069bd6e593c7614f7a8b0b0c09fa9e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\prefs-1.js

MD5 314d8a0200ce42a66ec5e9bb02c81eaa
SHA1 e3dd4361252ac2ba25be1d381619a7a52a721722
SHA256 1f83cefae6ac1da07053f00b3346567e22ae0818abc025560b1ec14dcedec98c
SHA512 31f9a1f3aa16618e7237bf4cd099f69ac9258a8ae2cc0451725da9a9125a4578c2b94bfc32a00f9595a88d9be8a1ab79684b16de565ef5d1b84f418e6dd41fc2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 97b9c41b8b7e4b2afc4915b44fd6b181
SHA1 996f238571f899b3c1251f0d4a4e78241c320505
SHA256 7e940ba3c00f481021f5f73eb51baeb2cfc11d079ac978f7729efd401f4a9d2e
SHA512 89f5a57a2e5b1882d11b01fc9c9b80fe930a9b246c241b5ecfef60e4fcaa7552c36527b0f9482e25497a2c1c70a9d4f26132be35c87a8f4b601216e61a2a872b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\prefs-1.js

MD5 1e83e48e300f55f734aee0553f6e3b40
SHA1 9902c7d2ae0da13a401f8e3e2a39c0dc168308e5
SHA256 19975aeef2ca6e9bf9148b924ea4adda914b1bdd67cab7ca6f4a070d3b891469
SHA512 eb7a3a64bd3f26d283b9cc27be90ad16b3b89e2e5ef83c6b6688e91a51c9c9b779044bcc6869244b8d83fb6543779a3270294ba59fa31d87506fc30a2941ed9a

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QSUZ0OWO\cookie_info_card_image_3[1].png

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QSUZ0OWO\cookie_info_card_image_4[1].png

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0270780F846F08BEFE0DD8112D932FEF

MD5 f001914f78f9721f0883381aea09d373
SHA1 252838ca085a354e2a0d87dbc99f98f1eef8ce09
SHA256 fe15ed3dbc662e6d16a197c8017278265d3401e0fa9dc343e75d6820324cbf72
SHA512 8ef4d7b4b9171ce7cf2a759b853cff673c08accdbc3f7b5d810d24112431068873bb13dec18aa9a01e3cb0e8a9214285fbde3f4747c6fe90fec8f7b4d25caca8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BEC6224B02D155A396218A2504F3EE0B

MD5 585d286eab9b034c9188be8d5c0581ff
SHA1 6a58fcbd3c4ebbc7ba5aaf18d5267a45aea6f8d2
SHA256 b0e3544860aa33c5c31077fe289f402b90becdaa586792bc309a2b16c42c98be
SHA512 23b81ea9622518a2e5f91b5bfe90e6a2bb326997dccf53d5f42689dbf3f433b7d7c324280bfd5ced98f19a39c69c999ac540f27dc61b79dc81e6bd2c0eb81569

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BEC6224B02D155A396218A2504F3EE0B

MD5 411fd12864ac25b7dc5d791584039a00
SHA1 7a3b56fa84700eb4f21c88737da2b82bbee90e37
SHA256 a347b014a7d9c7559d69eeaccb85fe2828f426e6ed7778618902b491982586c5
SHA512 3a144903abb4d9e71b68c05af771f624c72b453f8c4e9b07fea9a9dce4ec0e46b3f2d9d8d8605b11c2214aa31641d10573875fc56f3c88be16a9208be7d4c799

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0270780F846F08BEFE0DD8112D932FEF

MD5 29d9339203871373ea3b8e3f41fef283
SHA1 1d66461559a509b03be02106964cfed759832905
SHA256 fc706209a89be03bea0c613fa48e6ff5097dc1e0dc1842bb8fef073b5e93f205
SHA512 ca2efbe0bba421a3b35a062534dcf694524fd98b392627583141e1ebd9fd191c1f7256451de82fe6c86985f0e9dfb6983a0221c9827cb792700011f9cc417710

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cdd119e1de658c2e83f31931002309c8
SHA1 fd4625bdfbdc0d72639f207a965621464e92b3d8
SHA256 733f7ff6aba620a81bb20329f63bc3e863ad2010851912ce0399b9158eb4dcf9
SHA512 51c3ac2958f2fc4265a736226151d49599c2177f567c0a6a3d7c0b187076e9db6ac0bc35fbbf5c93d2564190acf550ef6792f1bef9164e62270ea0b4b6c3068a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5ea4b6717ca6638f9f27f0f322432d98
SHA1 762fcdf1614d5fee39e26387c6770a129d4cdcd0
SHA256 cbf61e3ffc275e3c94eabe9e27c7bc00ed0fe16a7a44dbda4efa5c9e95b5c7cb
SHA512 b88bc590d1a0b5ddd973dab7f9a9ccef885aed35c3ff6c70205c3dea961c293f3132f07991e72f2f9bcf94d26fb9a3931b7c58ede08395165ee732e6563a54d0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e018d026cace5e89e267100a91e69fe8
SHA1 9d79491f8cad7508aeacd3ecddf4bd263f7bb842
SHA256 ba088ec4276d4bd1b4659caad00883744d8ae579b4fb69f9450ec24b8afe904d
SHA512 a3e8c9c075ac9681dec5b193d01d904b8e320104bca4ec07b004d3c5e8fed45ab18da5b1533cb6ab4fa7f161b5afbba77bc4f8c7caf524a4c79a443dfdf11896

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\s8rbov0\imagestore.dat

MD5 1b86f82fab9af5d2c3d9dfd2b9421ac0
SHA1 0001c6094bd0ba2b379c3a3339b5bbeb2c2d998e
SHA256 50088421c6f22fb81926cb0afe7d1373a4f746eeca44387dfc11979fc1724d74
SHA512 882f636022bcd0c3bf9fe8966b9ef26d52cf2e9e2276a81a2e11fd58b9ec9f2df11aaa613579479ec7b330112a5d2a7a5a6e48267fa7bf1eadb1fbab895a72cb

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23V3BHN2\favicon[1].ico

MD5 f2a495d85735b9a0ac65deb19c129985
SHA1 f2e22853e5da3e1017d5e1e319eeefe4f622e8c8
SHA256 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
SHA512 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 6f9fa89a0edbfb68f8145703963dc0a4
SHA1 a299112bd47cc2f4fa5e93a1a621fb045edfe360
SHA256 b1d7e4a19acb9dd6c78cfff37d14020905d416420d8a260580cb9c863d1eda0c
SHA512 f536d9c920c228c52ab1594605ba5b11670918e0f6e972fb4bdd87dc650af58b23c16f21bcbf9d44ffba9fe474937917cdf1f25bbba3a09e1f1d3be729f5f670

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 181ecfc8d65958b2f18991fc77126452
SHA1 012bbf3714c4aee38633ead8219c97166925d674
SHA256 34c4716fb7343ff7cf8a7074e6b0af48d6e0cddf6b19fa92ddd8229f5cdea0f0
SHA512 d05617d575f8a140e0da4a3033759d5a54aeeed8ee0bc5c2796c56c4fb07d1c6f3593edab5ae1b244796facd805389ad3a67fd24d0a180995a28f27d14831ef5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7f4c5d5098ab077551ef9a49f6e5a62e
SHA1 7c68e9522dc14c1fc9ff8462873cf25c35ed7554
SHA256 c0ddfc81e9a148cdf80dd9364c8177eb886903ea39807f797783e7c06937dec4
SHA512 b6a626379b48652cb9598ef5481a38ca226a50a05f10665065d2ab70c4e2948fc3236ac0836e99b3238b593759d252765be7b3a9e3b932ea43814eca52147d8d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7bb5cb1436e2852fc97f92c5bcc59e05
SHA1 522fe3c696a9d44a5d6d11e2fe9c4de79c65f7c2
SHA256 a7e4e354f0f0587f872aac5579703abf4810b97dea7a26544bbaa94e4f59d233
SHA512 8fe8442d699b8b296d1bfececdfa83b37f4ce7c547e320b54c5fb28a27e84e75f0d75ed31ba64cd455fb7df62afbfc1e7deb4dc6b47756fc80c508faef007884

C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

MD5 da597791be3b6e732f0bc8b20e38ee62
SHA1 1125c45d285c360542027d7554a5c442288974de
SHA256 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07
SHA512 d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\TGY41L6S\accounts.google[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23V3BHN2\favicon[3].ico

MD5 f3418a443e7d841097c714d69ec4bcb8
SHA1 49263695f6b0cdd72f45cf1b775e660fdc36c606
SHA256 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
SHA512 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fe715728e1ec3f5f0f4c21e14051f83d
SHA1 0495963e098df1a34a5dca0305e2cc834175bc2f
SHA256 07453b65c7041a566c31b12e69902bfb30b4dacbb2956b119f6b7f08ad2e14c5
SHA512 770179b75bd59760ca6b32d68b6f8edda80b5b2a345b72afe112f998b1fdc9405a0f443f243891df0eba09b816cb9847236bbabbd7856dc52e62668142d09e16

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2ea11c0e5392b874b70162a0171b7fd0
SHA1 048aff1d953e23c400fa3e17336fce7fceaf9681
SHA256 6c38a4030f856ff37110cef0b56f9f730d2f6f05ed2587fe4c128dee73bb215f
SHA512 ee31285c2b1e4c16f168cf685ce7abbb0e54fe56bde170f2a172c357c15f75a1ac9b276e347d5d9b63f0bc03342d6afffebf6bc4b56a6e0f59111d1fa34b9731

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8269009ca951fd75c5ca4c43d8c91914
SHA1 4750b558215730a134fa4f329eacfc1112be36e6
SHA256 da17a011d0d52c7ad25b88deb286ab4a88d7da1244e7fab46dd9bf65d3a5401c
SHA512 0f71f130ff0510edf58e4221c839b3fe79b5daabff7186aa6f90bd4f5b568ba35a3abb2aed2b4a74a2cee68b73286d480d2dd939952d51558bc54a3968fcb0a4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d04325f6ec3e9ce03072410013433fe3
SHA1 1c458db26d44083988ac3c469320ddfbf8e6f960
SHA256 4d6161bf495a82fff69e75b743b215f386b227357cee6e4b2aa34954091cd27f
SHA512 2b51b9e645cdd6d90ef98469b799e523952ec3672e7460db1ec8f9df3c36048c884404784dbdd716b29ec2d55e8ff9e5402f3cadd6ad95bb7d42192ae015df9c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f9cbff9da2ce2c4402f4327fbc6cafc0
SHA1 616d4f7db243e97ac6dd06b634ffe0c61453a9a1
SHA256 ac8584d13ca1be34c902d074f65db89ebbfb2204d8d04e9b0868f8a2e3f040de
SHA512 2d0c42c5b558038c2f427716fe7f3e8633176ed2ca427fdd9493b195cb0fbc0caa793d02313f5e344c633ce8986c947b0749673265536495edc4ff9256023dda

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\sessionstore-backups\recovery.jsonlz4

MD5 3b41083aa87de6a7a5734d9f647afe36
SHA1 bb06ef0c5c9cb8d6908f963d8981aafaffe880dd
SHA256 984f845110c4f9fdf2c3716d4e0880192f5d983ad5ab9a41bcdfa951e152ffe1
SHA512 701e2d5592149399e18f6a2b5d5c9395df626f51a4d7efc5c2a668a4424ff0a99172bc95317f29a09036ab1fb93a41c1986270be815defceb468fba06db834a9

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QSUZ0OWO\4Kv5U5b1o3f[1].png

MD5 a81a5e7f71ae4153e6f888f1c92e5e11
SHA1 39c3945c30abff65b372a7d8c691178ae9d9eee0
SHA256 2bc7a47889c56ad49f1b8b97385d5a4d212e79bb8a9b30df0665a165f58b273e
SHA512 1df32349b33f6a6fcb1f8b6093abd737fa0638cdd6e3fd90a7e1852bd0e40bc2633cb4e13c4824fb948d1e012e5cb9eed0b038b121404865495d4e57e123db69

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a1570ba83a0d94ce6457e5026e4165dc
SHA1 c1880d88cc5d60ab805a03ec0d9ac6aae85ecc9b
SHA256 22dae40b252130d927da9b53e5e31df3df5e7cd2ca38650ce2f9d7392b06203e
SHA512 88ac71027dbc066ceee7578b7df35c27d6a9694b9b7e69e008e65659d7cd09254c44debcce83ef8d855d091b1370698bfc72b7a4676cf45ad81c8f22db024582

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d7fca96e5d3b5c2397c0b75af7061524
SHA1 e4f0be025166882626c40447e93832b3c0042ccd
SHA256 da70fd3e0fa5a8fab23b0fd724f97f87e59e18cf054337b26029ff3f6c8e8d1f
SHA512 4a43c3db96f84605d31c1078728566cb7b5d5233bcb8f058111653ac7f40166f6dac96c35edc335643cfd94b079b92883dcebf03ea99ea72207afeaf033330af

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\storage\default\https+++www.youtube.com\cache\morgue\88\{b13d1b71-01a6-4470-9012-ba85ae7dfc58}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\storage\default\https+++www.youtube.com\idb\4191247322yCt7-%iCt7-%r3e4s2pbo.sqlite

MD5 01deb0ad0908130cb52a3eb9039cf65b
SHA1 bdc12170327cf85a442ed3b05cd692431bc8305c
SHA256 982334d4c1bbc82ff5f7a668374bcd11b4bbc837562a9134e54827672d504dc8
SHA512 fc5a715cdfdc25c3710c12bd91c593fb10e59ba302ec56cc9e49478b36a95775f271a83eb9966015eaa7497d2b44e471675ad1ae34c1a8e4b2aa5e8b16fb3361

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\prefs-1.js

MD5 b9911e63432866c98b388aeabca0b5a5
SHA1 b6526a13ac3386dd30186fdb043187c267e15695
SHA256 c05afce9a588e86cc45f7ab40aab5ef44e7665042d3280c116e6518d3c885d57
SHA512 719f7aa6e2016d5d5872a2c0856bbcb6bda7cb365c4c0bb69bcd629b4428834b2f95b3ebf7e9536944225032fe9998edf56cce7e11e4bbc1f0005b4c3b028532

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\sessionstore-backups\recovery.jsonlz4

MD5 f88d37a65b8d00bd8026cb7a8265b40b
SHA1 cac42dd1b43ef0e356aec048f6b6ed1774af2dc2
SHA256 ade98ab4543a96c5fbdcb79f6f320476f06f72d246a8ccc6617ab9f3bdc786a4
SHA512 68c194ae072833dbfa5baeb04e36da718f2897087489f0850f3e2cbea52acccbfc1307418753eaf689c0204b31118cc632efd7a6d6600436ad1b26993de3aa24

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d341edc0248a5a613504629b454a831b
SHA1 bc9d46e8fa7adf597f577a3534e933d5c899f2ab
SHA256 c5b6e40d7794e29f59ff09d7f76ddeec9a9bd45bad8c5f58ff31c410511f8ab8
SHA512 8dee6ff0115480e73b47d642ebf53ddd3f4ce1e557fa1235e55ac1c99fba22b549826a334944219ca55d6d6809008488b0076af3bf1aa7312da7ff03afb37752

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\sessionstore-backups\recovery.jsonlz4

MD5 80a8f5e081d6fe898993b5784f517142
SHA1 f2358df550e40f2d01e07c81be06e1c668d9b5b2
SHA256 fc4df04fb29dcab1be7550c7d8ad5f3cb9ac67274d4c5cdf651f3782088cc615
SHA512 a3458264163f3dc6286335f2987685f5e154180dad6acc8de44dbcc2f158674abdcbe44e4258f2223d6065006516207425bbfb9d7698b19338919f71b496d61f

Analysis: behavioral2

Detonation Overview

Submitted

2024-02-13 03:31

Reported

2024-02-13 04:13

Platform

win10v2004-20231215-en

Max time kernel

149s

Max time network

152s

Command Line

"C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-1232405761-1209240240-3206092754-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1232405761-1209240240-3206092754-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1232405761-1209240240-3206092754-1000\{13AE2A6F-F504-47A9-9476-207FD9957125} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1232405761-1209240240-3206092754-1000\{6EB3B721-B9B3-40EE-9EE3-EC365FC8B218} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2940 wrote to memory of 3124 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2940 wrote to memory of 3124 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3124 wrote to memory of 4532 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3124 wrote to memory of 4532 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2940 wrote to memory of 1416 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2940 wrote to memory of 1416 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1416 wrote to memory of 840 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1416 wrote to memory of 840 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2940 wrote to memory of 928 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2940 wrote to memory of 928 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 928 wrote to memory of 3984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 928 wrote to memory of 3984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2940 wrote to memory of 2488 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2940 wrote to memory of 2488 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2488 wrote to memory of 3988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2488 wrote to memory of 3988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2940 wrote to memory of 764 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2940 wrote to memory of 764 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 764 wrote to memory of 4660 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 764 wrote to memory of 4660 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2940 wrote to memory of 3176 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2940 wrote to memory of 3176 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3176 wrote to memory of 2744 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3176 wrote to memory of 2744 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2940 wrote to memory of 3904 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2940 wrote to memory of 3904 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3904 wrote to memory of 3864 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3904 wrote to memory of 3864 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2940 wrote to memory of 4760 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2940 wrote to memory of 4760 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2940 wrote to memory of 2340 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2940 wrote to memory of 2340 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2340 wrote to memory of 676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2340 wrote to memory of 676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2940 wrote to memory of 3752 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2940 wrote to memory of 3752 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2940 wrote to memory of 4936 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2940 wrote to memory of 4936 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3752 wrote to memory of 3584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3752 wrote to memory of 3584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4936 wrote to memory of 3336 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4936 wrote to memory of 3336 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4936 wrote to memory of 3336 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4936 wrote to memory of 3336 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4936 wrote to memory of 3336 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4936 wrote to memory of 3336 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4936 wrote to memory of 3336 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4936 wrote to memory of 3336 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4936 wrote to memory of 3336 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4936 wrote to memory of 3336 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4936 wrote to memory of 3336 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3124 wrote to memory of 4832 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3124 wrote to memory of 4832 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3124 wrote to memory of 4832 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3124 wrote to memory of 4832 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3124 wrote to memory of 4832 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3124 wrote to memory of 4832 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3124 wrote to memory of 4832 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3124 wrote to memory of 4832 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3124 wrote to memory of 4832 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3124 wrote to memory of 4832 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3124 wrote to memory of 4832 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe

"C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc611146f8,0x7ffc61114708,0x7ffc61114718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.linkedin.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd8,0x104,0x7ffc611146f8,0x7ffc61114708,0x7ffc61114718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc611146f8,0x7ffc61114708,0x7ffc61114718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc611146f8,0x7ffc61114708,0x7ffc61114718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc611146f8,0x7ffc61114708,0x7ffc61114718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc611146f8,0x7ffc61114708,0x7ffc61114718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc611146f8,0x7ffc61114708,0x7ffc61114718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc60e09758,0x7ffc60e09768,0x7ffc60e09778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc60e09758,0x7ffc60e09768,0x7ffc60e09778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc60e09758,0x7ffc60e09768,0x7ffc60e09778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2224,14368443647810493664,7136962268172266359,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2528 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2224,14368443647810493664,7136962268172266359,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2288 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2224,14368443647810493664,7136962268172266359,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2236 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,14368443647810493664,7136962268172266359,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,14368443647810493664,7136962268172266359,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2036,9977317237055726918,7986253334920277326,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2036,9977317237055726918,7986253334920277326,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2052 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,15324001064782259999,4845551505151607647,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 /prefetch:3

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3336.0.328198280\999740971" -parentBuildID 20221007134813 -prefsHandle 1864 -prefMapHandle 1832 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {788279c2-98db-4f01-b7e3-e07ca0dc7bbc} 3336 "\\.\pipe\gecko-crash-server-pipe.3336" 1960 202781d4358 gpu

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,1533954476066069379,13869966282264973853,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,14368443647810493664,7136962268172266359,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3944 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,3930193480105178060,18021280239802155029,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2016,4405877438917230139,14289443617349447322,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2360 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2016,4405877438917230139,14289443617349447322,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2028 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,14368443647810493664,7136962268172266359,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2824 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,9330872031029217304,7706194495009672803,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,14368443647810493664,7136962268172266359,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4368 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3336.1.25896600\2091109456" -parentBuildID 20221007134813 -prefsHandle 2400 -prefMapHandle 2388 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {aa69a785-c1d3-48ad-bfe1-4ebfa1773416} 3336 "\\.\pipe\gecko-crash-server-pipe.3336" 2432 20277efab58 socket

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,14368443647810493664,7136962268172266359,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4492 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,14368443647810493664,7136962268172266359,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2032 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,14368443647810493664,7136962268172266359,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3336.2.2104914955\1105459205" -childID 1 -isForBrowser -prefsHandle 3520 -prefMapHandle 3516 -prefsLen 21603 -prefMapSize 233444 -jsInitHandle 1336 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f09bd9b5-15b5-4949-8306-eeb13708f484} 3336 "\\.\pipe\gecko-crash-server-pipe.3336" 3532 2027815d158 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3096 --field-trial-handle=2004,i,5715422711834372018,7054975298772786570,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3080 --field-trial-handle=2004,i,5715422711834372018,7054975298772786570,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2240 --field-trial-handle=2004,i,5715422711834372018,7054975298772786570,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1952 --field-trial-handle=2004,i,5715422711834372018,7054975298772786570,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1776 --field-trial-handle=2004,i,5715422711834372018,7054975298772786570,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1808 --field-trial-handle=1928,i,3200643613743462301,18160745120276154459,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1684 --field-trial-handle=2024,i,16731745091987392110,15203862524929757112,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1948 --field-trial-handle=2024,i,16731745091987392110,15203862524929757112,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1916 --field-trial-handle=1928,i,3200643613743462301,18160745120276154459,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4180 --field-trial-handle=2004,i,5715422711834372018,7054975298772786570,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3856 --field-trial-handle=2004,i,5715422711834372018,7054975298772786570,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3336.3.398375133\1544068525" -childID 2 -isForBrowser -prefsHandle 3116 -prefMapHandle 3108 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1336 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d06da593-95ec-4e39-b7af-41b779223023} 3336 "\\.\pipe\gecko-crash-server-pipe.3336" 3040 2027c68d458 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4952 --field-trial-handle=2004,i,5715422711834372018,7054975298772786570,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4924 --field-trial-handle=2004,i,5715422711834372018,7054975298772786570,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3336.5.809596764\1334206201" -childID 4 -isForBrowser -prefsHandle 3760 -prefMapHandle 3672 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1336 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c10c4a3a-d8c5-4280-aac7-5147cf6619f6} 3336 "\\.\pipe\gecko-crash-server-pipe.3336" 3936 2027c68da58 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,14368443647810493664,7136962268172266359,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3336.4.12412352\2097623015" -childID 3 -isForBrowser -prefsHandle 3676 -prefMapHandle 3684 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1336 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {53375d47-c74b-4558-bd29-256b7f41ad47} 3336 "\\.\pipe\gecko-crash-server-pipe.3336" 3760 2027c68c558 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,14368443647810493664,7136962268172266359,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3972 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3336.6.2117854224\424399137" -childID 5 -isForBrowser -prefsHandle 4728 -prefMapHandle 4724 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1336 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c39c8279-fcbe-41e9-b9e1-36b09597293a} 3336 "\\.\pipe\gecko-crash-server-pipe.3336" 4740 2027d80b258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3336.8.1093571399\1621304605" -childID 7 -isForBrowser -prefsHandle 5736 -prefMapHandle 5740 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1336 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d562397d-c319-409d-ae34-6fd6b894b2ff} 3336 "\\.\pipe\gecko-crash-server-pipe.3336" 5728 2027c68f858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3336.7.552480538\489121174" -childID 6 -isForBrowser -prefsHandle 3904 -prefMapHandle 3400 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1336 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7c15a962-8973-4cb4-bb1f-387d737f12a8} 3336 "\\.\pipe\gecko-crash-server-pipe.3336" 5596 202781b4e58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3336.9.1592728247\852360889" -childID 8 -isForBrowser -prefsHandle 5712 -prefMapHandle 5904 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1336 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f37d395b-307c-4ebd-a53e-2024a4762477} 3336 "\\.\pipe\gecko-crash-server-pipe.3336" 5704 2027ef96b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3336.10.208178679\525154959" -parentBuildID 20221007134813 -prefsHandle 5456 -prefMapHandle 5312 -prefsLen 26381 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bb15f66f-19c8-4c55-b785-8d26600c74ee} 3336 "\\.\pipe\gecko-crash-server-pipe.3336" 4480 2027e4acc58 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3336.11.1831189662\289127763" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 6180 -prefMapHandle 6192 -prefsLen 26381 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d19ea0c9-e0d8-4531-b46a-b9523c2862d6} 3336 "\\.\pipe\gecko-crash-server-pipe.3336" 6284 2027f303b58 utility

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,14368443647810493664,7136962268172266359,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4280 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,14368443647810493664,7136962268172266359,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6960 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3336.12.733785139\1306073313" -childID 9 -isForBrowser -prefsHandle 6532 -prefMapHandle 6528 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1336 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0874ad61-2c85-4bfd-9b6a-05fd52589a2e} 3336 "\\.\pipe\gecko-crash-server-pipe.3336" 6540 2027fb85d58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5840 --field-trial-handle=2004,i,5715422711834372018,7054975298772786570,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5860 --field-trial-handle=2004,i,5715422711834372018,7054975298772786570,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5944 --field-trial-handle=2004,i,5715422711834372018,7054975298772786570,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2224,14368443647810493664,7136962268172266359,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=1904 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2224,14368443647810493664,7136962268172266359,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=1872 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2224,14368443647810493664,7136962268172266359,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1872 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2224,14368443647810493664,7136962268172266359,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6160 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1060 --field-trial-handle=2004,i,5715422711834372018,7054975298772786570,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 accounts.google.com udp
US 13.107.42.14:443 www.linkedin.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
US 8.8.8.8:53 www.facebook.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 76.32.126.40.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 44.227.167.82:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 82.167.227.44.in-addr.arpa udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.117.237.239:443 contile.services.mozilla.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.179.238:443 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
GB 142.250.179.238:443 www.youtube.com udp
GB 163.70.151.35:443 www.facebook.com udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
GB 142.250.187.246:443 i.ytimg.com tcp
GB 142.250.187.246:443 i.ytimg.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 246.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.179.238:443 youtube-ui.l.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
GB 142.250.187.246:443 i.ytimg.com udp
GB 142.250.179.238:443 youtube-ui.l.google.com tcp
GB 142.250.179.238:443 youtube-ui.l.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
N/A 127.0.0.1:55869 tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
GB 142.250.187.202:443 content-autofill.googleapis.com tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 142.250.187.202:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
GB 142.250.179.238:443 youtube-ui.l.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.187.246:443 i.ytimg.com tcp
GB 142.250.179.238:443 youtube-ui.l.google.com udp
GB 142.250.187.246:443 i.ytimg.com tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 16.221.240.157.in-addr.arpa udp
GB 142.250.187.246:443 i.ytimg.com udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
GB 142.250.187.202:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
GB 172.217.16.238:443 www3.l.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.234:443 jnn-pa.googleapis.com tcp
GB 142.250.187.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
N/A 127.0.0.1:63868 tcp
GB 142.250.187.234:443 jnn-pa.googleapis.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.187.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 234.187.250.142.in-addr.arpa udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 118.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 rr4---sn-t0a7ln7d.googlevideo.com udp
CA 209.85.225.233:443 rr4---sn-t0a7ln7d.googlevideo.com tcp
CA 209.85.225.233:443 rr4---sn-t0a7ln7d.googlevideo.com tcp
CA 209.85.225.233:443 rr4---sn-t0a7ln7d.googlevideo.com tcp
CA 209.85.225.233:443 rr4---sn-t0a7ln7d.googlevideo.com tcp
CA 209.85.225.233:443 rr4---sn-t0a7ln7d.googlevideo.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 233.225.85.209.in-addr.arpa udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
CA 209.85.225.233:443 rr4---sn-t0a7ln7d.googlevideo.com tcp
CA 209.85.225.233:443 rr4---sn-t0a7ln7d.googlevideo.com tcp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 ponf.linkedin.com udp
US 144.2.9.1:443 ponf.linkedin.com tcp
US 8.8.8.8:53 platform.linkedin.com udp
US 8.8.8.8:53 stun.l.google.com udp
US 8.8.8.8:53 1.9.2.144.in-addr.arpa udp
GB 142.250.144.127:19302 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
US 8.8.8.8:53 youtube.com udp
GB 88.221.134.88:443 platform.linkedin.com tcp
US 8.8.8.8:53 127.144.250.142.in-addr.arpa udp
GB 88.221.134.88:443 platform.linkedin.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 88.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 217.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.187.238:443 youtube.com udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1---sn-4g5e6nzl.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 155.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 194.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 78.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 102.11.125.74.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 beacons.gvt2.com udp
DE 216.58.206.35:443 beacons.gvt2.com tcp
DE 216.58.206.35:443 beacons.gvt2.com udp
US 8.8.8.8:53 35.206.58.216.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 180.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.179.238:443 www.youtube.com udp
GB 142.250.187.238:443 www.youtube.com udp
GB 142.250.187.234:443 jnn-pa.googleapis.com tcp
GB 142.250.187.234:443 jnn-pa.googleapis.com tcp
GB 142.250.187.234:443 jnn-pa.googleapis.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.221.35:443 www.facebook.com udp
US 8.8.8.8:53 35.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.200.14:443 www.youtube.com udp
GB 142.250.200.14:443 www.youtube.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 adaec72374ea25fc32520580ed8ba4bf
SHA1 1dfcff26826847706b81cdacc3d24ca8948c6064
SHA256 8dce1df4993505de28410317038a871653fdc84afe39e23e0209aba573c4dc92
SHA512 aa391f6dc2d98bb6f00cd2bd3acfc35b72549452e2bace02d3e9891bf519ee277948627abf34b59f3df061eb1cb03495f5a0a89df49f7372304e46a4031b5dd8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f246cc2c0e84109806d24fcf52bd0672
SHA1 8725d2b2477efe4f66c60e0f2028bf79d8b88e4e
SHA256 0c1014ae07c2077dd55d7386cc9cf9e0551be1d67fe05a6006957427ae09fec5
SHA512 dcf31357eb39a05213550a879941e2c039ec0ba41e4867d5d630807420f070289552d56d9f16c6d11edcdb0f9448bf51e7d2e460e88aa9c55a5bfe5d8d331640

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 d953520eef04a7f704dfe97db53f6a7f
SHA1 55e37085e46991e0aeb58b2cc0dbc1a3c3c04e39
SHA256 7b14abffd2823cb808b20be179788d4ae316533eaeb954fb0c0fbee8f9fe0f47
SHA512 630b0cf4ba960966d41b512868e6ec54db4e270fe936a2ad8ff80ab7b7cc9b021c6b7eeda83744602edcccaeb3893f87a2b2270b8ca8ba9c409e98036d5b0b85

\??\pipe\LOCAL\crashpad_3124_ABAZELFCOYBAJYZM

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e19716acdf1681a46cb314dd7c771cd0
SHA1 8f1fd29d7ec07e6d181c3410527fdcca8092c14b
SHA256 37384c5b1ec3fc6032c2d069d6108fd0906bb8ccb775e03b009a579692e555ad
SHA512 6f61abb1034cd3669f356a99314bc1dbdadacd5e8e4eff743d01df2724444dabc5bdb4c9f5c7b8ba44199eaf70657cb5d90cbeda4c73cf5625269f037fb82c7b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3723f31f2e50c97125a4fe9fb6f32a75
SHA1 df2b82c3c90b96ed5a1f793162dddc6b85cd2fa6
SHA256 d3fb5a06ed7874af5e8cf0a416650049ab7531b13c3197424945de8d62a8fccc
SHA512 112688797347205de5be84bdfa4ee874cd078a617f9d70ab808434fed3ee060e65dc0e7119c0e182cd9110992b744d508a0058e18d361e5298cc388aa6396ed7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0e26e7d9f6aa742548e043c2ecfd8136
SHA1 5ff59f7c737a884a7b0d4c9f4dd351fc16078e27
SHA256 ee8a24a2c6e829c240b54b6c6945e0eb91d9b0acca0b50f2b8f17d02f405c80d
SHA512 9c3ecb8507bc07626043a59e4eac2102a96e58a53403191a2d9c4e7193c92e86ee068c4c26030abc03342d62e1fa985af4ffaba93a2daed89f392f90155f5cdd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 9ea27a418b9f0cc3ce6e02d1f76b723f
SHA1 32588eafcaa1f481639ab4ce7436b4c62f21982d
SHA256 9c52d541b64b1d66359fee836340bd723ff9f580ce080b08aacc8814f976eb03
SHA512 7b7776b547910e191b6a43f2aedd978597e305a08e7fca6a7384855e651cba494fb7a203884fc256f08651ea96717944a0dce9347a9ebbb2c94d3a86114d82ce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\d36814e9-e9bf-4c17-b0e6-d62cbacf0df8.tmp

MD5 f5a0a725845ae7b631454b2a98552a77
SHA1 b0da16a471a5f018e90755c4404fff0fd4c44d85
SHA256 b185ae2dd08a5b9b16984bcb10299726d6a86b49aab8cb0958d2eb9a1d1dbf5d
SHA512 1cfc9ead8ed2389dad0d7ed7aeb6eeff127dc33cd0bef5afffcb0ecbb6f5773241671ac00f5a94bc658f36de7870d431201f350bf0477a0e627611083db4802f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 5504b34afdf97053007389bb5945f708
SHA1 c42d5db305c9f132714573e3b883d3866cea899d
SHA256 6bce68f391854b87cb0823d39127e079b0f0b3fe5595c401627660e5100237ec
SHA512 0e0691c2b957ff18275710590ffd98ce3569b3e38b5f952a070af38a2320ff74bbfb0a63248c54e9dffa98189190f43e085a26b8d7a34669ea40217b219fe867

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f2660d7cfa4b0d993632d2d31881d54c
SHA1 2a2adce49f4ea94a8fa92fc1dbd49fb9d2293e69
SHA256 8685ceea31b811e2361435eeffda3651d25276c559d9b022d5c5915428a4c785
SHA512 5ad093b7b299c271ad4c643b879e7688ee2c081807fc0e8f3b9fcaebd4c7f067215aac2cae648e50c547730eec6652433323dd0dd69007458065ab4678c150dc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 3f6079cf8cf08c14250aa24472d67d2a
SHA1 22d559b6a41cad09d5ceeb8231fdc086b7f39c58
SHA256 9d151ab158fcf4aacbb37fa5ee84a90553d608e0e0abc1ae9b9d3d4296ae7e67
SHA512 75d5d87f3dc591e9ae1234d78292221b5e67c6890fcedc1a7d6253775d5a120412dfde5d641c517126cba12d6ec2ae3b630a4c9250eb1df519c02f526bba97c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d9109de47aae73d1bbec457e25e26603
SHA1 6a53bb66822213245a643b5ba9727139806a319e
SHA256 f1fce7c4b6243009f0789fd73a5920a6f24643e465dfa031ac6c8d5e20c52488
SHA512 de694dda74ca1f1d5b16f978e941c7d6515c53d7cabd1ba2d53e563ccd5b849755317dceb5c4a001491b02343c959bdd10f34ef1395687d6c9d1210765d99762

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 265db1c9337422f9af69ef2b4e1c7205
SHA1 3e38976bb5cf035c75c9bc185f72a80e70f41c2e
SHA256 7ca5a3ccc077698ca62ac8157676814b3d8e93586364d0318987e37b4f8590bc
SHA512 3cc9b76d8d4b6edb4c41677be3483ac37785f3bbfea4489f3855433ebf84ea25fc48efee9b74cab268dc9cb7fb4789a81c94e75c7bf723721de28aef53d8b529

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\datareporting\glean\pending_pings\a1c3e40e-cc65-4708-a120-fbfa56e3eb8f

MD5 0f2a954e82d69073ff59fdb36474bf88
SHA1 2aeca9331949602430ef30c136759c7bb79f8169
SHA256 a378ab5df34f5d4d8d0752d3de8f49234ca1ded88aee424364b14a00414a0d34
SHA512 f5ce84517c24ee8279676245a40b8ebc110051491bd6ca9df18994471e5699a2e89e68ac7c711c2b296495c6daa8090e6d1c2e1ca06871c166337f013ea0f800

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\datareporting\glean\pending_pings\62f987a5-22be-47a9-bb07-454f8a7d043c

MD5 469c64e3b2962d590c946a9bdea28658
SHA1 d8f40552a5f341f7eb6c8067a4597c7c4e562d8e
SHA256 f03111a333d6a99bbb2abc19e2f589d370c36fdc7875c9ca19d8d201c76db99b
SHA512 77991b01c96c019a7ce092e559ee4eff052ca27471406bfb71975f34b020d7d09ee856efe75528da34ead3b39c580189c13d3c63fe3af6e08a51d0a2871a930c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\datareporting\glean\db\data.safe.bin

MD5 7709759512c77faf49cd0f3cddb7311a
SHA1 11475e012e9b23d1a79fe93853e26f24cfcdd1a6
SHA256 9b0e1f9f29307b312af2fe352c210b0c1de941de1c646e6ebb0b7699f46b31ef
SHA512 30b588d57ab995a73b4363784d598c65df80ac10eb1a261e57620653349c5b8d4f4c570d1fab2fc9a8403d8980f9ec77e6b31c129b293c40f0ef85c050bc9540

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\prefs.js

MD5 9cba9f9ce164bf9d87a4472b974106db
SHA1 f9d8ead8c291aaf736a7952ecb786cc54406f16e
SHA256 2ae7495bf9b0fceee3ff0b70a29d1e1c59c3fa4bc0241275a10285ac81e80f2c
SHA512 fee9be541968f3873417bee287cf0fe7fa09637d5210ea599ddb6a00a3d983c5e34ed48a81e2cc0b3255b24007e46b6c4e54becc7db835740c6616fbfc639e80

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\prefs-1.js

MD5 925f2089a696e6f70439f880eb0bbfea
SHA1 3415ab546c674f4d6d82d9939873e2412dc662e6
SHA256 4f137be77fe2c402be0f845179525280be50d542dfcd06c19d45788bf5d83d9c
SHA512 f6f344ac67f183a069afcce83855b8bdcc146c16c5d148c78beb1cd3ff0541c46e1fe36661d515a77a91ca4f1188a1f6c7cf120b40a54c62a42684e4befa8170

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\sessionstore-backups\recovery.jsonlz4

MD5 aaf2392f5882c500460fd0755f3eabb1
SHA1 5eb46e0ac194f54711ecbd90994f36dda436c769
SHA256 0a7f578676e021a8ee020d0c904a02001db104e849d36a31376d098e6d10c857
SHA512 06ad1f88c40d2efeef85ee4d6de321b93bed3633a12166a5dd9f02e6bd55a59f6f247aef5b9f8c5ddbe91a29dffa73a715b4282bb6203d9bd16157eb4d2dca43

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f09c1c01fb17ab8b1bdeaf8e769b6761
SHA1 21266a0eeb893e91281fcb279bcc3601b76ad484
SHA256 6fae172edbc2fe9fb614c0270d115924ffb14c6e493db1f9abb8fd8281f328d8
SHA512 6eaf6b155326f35f483d916beb8e2ea756face82225b10eb3053c7f51caaf9b6f6c6ad9180346966a167493581ac75f439e56635f8c3036abe88d6065f5de1f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d5fe430b48d8cfcf5c1658c23ad63959
SHA1 9be48a6bede426414ff1a790a68172d5d9e57547
SHA256 dc0d2b10bc12946adddb8448c06d6847587871c032c89176a4e4176f01638ae6
SHA512 872caef04d59c03f7e8426279ecb0d14c1354d11e2247ab4c89ff575f282defdc610bec1601808787a5695febe8b60245e216eabc4d86894f80240c0e8096cf5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 564f4e31447f8d950a57b20285a7da8e
SHA1 488eedbb61ff56ee7412e2cab5243d4ba148efc0
SHA256 838ecb39912dcda957d8cb2c4f93768a164a898948a3b439b44876874330279c
SHA512 fd00d3703c80ddcebdde87b3c9090f01df5c44c6d608e383cb7cf4f6ea391448c2deb47ef83460193284862e0786b6dfae726065d156bb2697cd03a58af01dff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 08c106e12a75cd19322475e64146ec06
SHA1 ae298143b9927a2ee70777cb41f3e0c6f9532ec7
SHA256 ddcc41367aa736780be42808ef1678085b43bd0b4839873ab111a8327a6be502
SHA512 c8e8fff6b67d42bd8ff20b18e227be40a5bfe48a03420568f6860914977f9cde56b5b1b0bbe24ee41fd14d94678c656f4131928c78d69324d3e8b1856b494c40

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 5e62a6848f50c5ca5f19380c1ea38156
SHA1 1f5e7db8c292a93ae4a94a912dd93fe899f1ea6a
SHA256 23b683118f90c909ce86f9be9123ff6ac1355adb098ffbb09b9e5ec18fc2b488
SHA512 ce00590890ed908c18c3ec56df5f79c6c800e3bea2ad4629b9788b19bd1d9e94215fb991275e6ec5a58ac31b193e1c0b9cbaa52ff534319a5e76ec4fc8d3ba54

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8b3cfe00f09ba4a1ad651097bb73fa90
SHA1 4e83f5058a9893c0f956f91d47e14cc39cf467ba
SHA256 f6fa0d1b5945041270e4575d3cfa1a1ff64b9f3d24db3f4f677fa802d2ef60cb
SHA512 84d8d51a46b7d86f7ee036571a219c4798798e420473d284954dd046d225b79205394aedc75549a6bcc6afe24ad36046d74a67b684a7b666b36630ac2f901fd0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0a69cedfd8f21c7eb14c6896b3f550e2
SHA1 770dde849b65aef7ba2a38369fe6f8ed7f5616cc
SHA256 60ceea8bc74389b3c9d1f7ab13454730d4617f0a3e4a0f3452526a6f6027df5f
SHA512 a034e779ebcd4b090ffb8529b0994cf47361cf604ba5b9baec39fd68833cf8b7b0984d9dcee4c22bf7268a0bb22f6ef6cada074568735ff25501c1783180b2b1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 9d3ae693c5705417954d29dff633e870
SHA1 087c0881babcf994ff10de56bec9706cb9efd108
SHA256 24c82c9a1ed44a6a2302c4f4bb785514d784119ea6ad846c041de1b12de1944a
SHA512 f98d9df4424ed14799b8afd4b9c65e1a43a4ab9cdfe56fc9356a6e3cf8c609bd80edeaaff3e2fac99192fc404d8576a2756f710e35c0d52a5f34690b704d7eb3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 7e2e2d2df8702e78a0e85be57792540f
SHA1 0010d546b223a4cf005e3cb403a3a1870d18718f
SHA256 12c78403752effd4d59aa7e5726d1787bb116841cbb045524f2c589dd164957c
SHA512 04b6338907144145df92efc23deb422f57234b4711fd1d330da5ecca0c2b39daa26e73514aaa7112b9b97d8daf504fa981b90eb5bedbdcbde9148117755f8e4d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\prefs.js

MD5 c4d95c9c328a7991d23a0f115f2ffe5f
SHA1 e1f8423d84905585ff75fab69ac3dca5357a48e7
SHA256 0b69ccaa6ce2df434dfacba93d12bfbe1cf0b3ac02d5a15a4663397b7bbf2634
SHA512 85c64356c85771bc8745f51e073450481ac62e63b6e59821a81f12fad071a421f78ffa8de359eb72b26688afd661859867602d997fe7b66101f278de4e57f516

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 63920b301a0969e4feb6ac870f99fa29
SHA1 738393a169fb989bc0cdd099172fb0a0b21b84b6
SHA256 314d4f341916761723de6ee5d83f2c8fc85fc00a484b0366e907f77367fa88f2
SHA512 ffd6daa1139424d20dce7bf3eff347361663ad63b91b7a547d7d0f1c8504d62ca2569543eab107ff177227d8dafc1b77d6f7fd6dab8e73d01ac6dd6c46764cb7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\storage\default\https+++www.youtube.com\cache\morgue\241\{dfb7dc55-18b8-47dd-a5bc-99aa8aa990f1}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\storage\default\https+++www.youtube.com\idb\2059710126yCt7-%iCt7-%r9e0sap5o.sqlite

MD5 5371df1ece52ce5a03fdfc96a56c26ff
SHA1 480a5ba35c87826e5c2421e76d6c57e91ce769bb
SHA256 b24b718c1bd8554826241cbb593359d14c383a6bae9df58c8cc6902a77042fe5
SHA512 3342ae6b1b710dc0a0fb50773b83535a918848f2638e9fe9cb8bc436b19b77b4482b4d40e1de0d0e23d1122ff73226a8d85925e36fb7ca0cfad3eb8293f0a168

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

MD5 c53fa95f889faa800d7a4648eaba5531
SHA1 657471773e08d46c6d1bf37085e8ed6a3ef036ff
SHA256 2c16279241a435edbd767f49f828f040d18f40ffd679d363c40fa81021821b13
SHA512 47080d1f950ee79798c77b0d97eb366e576f5c7affc7e9b878396fcb878cb81e6a95936a28351ea006b4416eebec64256a551131b56c4ffc6303a83c83bc2176

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

MD5 58abb3d394cde5ce2e5ccf38fe91d5c6
SHA1 a4cf69466b156e65de8a3a67396cddf493204fb1
SHA256 8464f836f1bf72b659d05ac3d8742c7bd2125c6c5612221e40d41dc4b74095de
SHA512 b7ec1ef9b7317d0844b9939eb75cdec13f638e3e4e6f80dc03abd9e0b853836728fe33b85cec34cffda365484768a83508d90478024f9b985f9034161a956fd8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 7a204d478c8dfe822bf86f9103bbd9b3
SHA1 7114b36ea1588d9372d730b2ee5dec7a3aee36d1
SHA256 d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb
SHA512 f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

MD5 affec767dba2aa75c27c88b160ee60f0
SHA1 2a79d4b0e6e498a70dfc387509d95c0c85b27ce5
SHA256 a4c75677d61c01d1828e3656c392aeac8817144f40abff788535816bbeea8e58
SHA512 2749540e34e07823c8c6c44407d939d80e092f8d914e5d79ebe122de7d851f1b0eb7f3589b3e91083a1ebf316898b0a691ac752472807c9f2d8bb6ce5089f19f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

MD5 8b4e81a4567d0cd25527dbf0df606baa
SHA1 012205594ef41525f128c15329eae2a1fb157df1
SHA256 ba6a68bcedb0d03473013084d7c70aad7c21011393331f98c18e8784c990bcdc
SHA512 3705093cb08cb0344727fb26c7e144c8e6bffd46f983917506a2c0fd7597180b10984640963ed261206d22459fd114e9cb13cdc79de8b5da687b8074772766d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

MD5 e4fc8b808bd6d5e565be37fd6b8bdd8c
SHA1 c1d06efbfc693f96145adbf41a2c3fef562dc53d
SHA256 7519adc2019a25dff7422e10da7ae39050513eea336252353d0729c78b0ee398
SHA512 73499f9db366db4226fa90ae11902b9cea21da7253cc366bf4811fa628e620608150f3f8a02bd3bbd79b48d93ab63862ad8993eeabcfef270a733528a7fdae6c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\sessionstore-backups\recovery.jsonlz4

MD5 41f432a0bf6da82283671be371db04c3
SHA1 391d8cfb3a3edc217b0af8b96fee42f1996212e6
SHA256 cac88caa6a490d47f09eeaf7ce8152b58a7a6be03609052bb8c89aa477dcfa7f
SHA512 836b73429946cce942a1835fd6b207ac3bf60917f9c7b29b727311fa0cf52163cb2060d8f1bea9882c221104769328a5bdb392f6a9e14a4350edb8ec251bb267

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

MD5 d4bc4397cc408d1553dd47cbbec23b9f
SHA1 622e33f46ff1688ae0fcf7602ad89a5f5e69c8f0
SHA256 6ab0083bedeeec578fb35e21560d2b9bb110f28ae6b32cb8c79dc7a1d6d9cc31
SHA512 672eeb002ab524be8c06e7c48857fbefa8d950f3e13f8b93e137da6d0c07d80df6f9bc308015755f3764f93d71d2587f678ba1e9766e2626b6018c9f027942fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

MD5 8e8f081d5358c4a2e4dca2752d1d76c2
SHA1 2aa7eab947444f2ba3eb968995a562c7c322f27e
SHA256 d43764d48c8444d97e80fcdbd8edcbc8785acb24f1b9b6fc61fced177d120fd9
SHA512 4925a5ec3157009857fe92a52ee305c395169f613e8f893d1459dd79ac5b56b8b88307aa0be5be47f3ddf739e6e281b3542c52a45428f2b33b1401071e1c65a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

MD5 d8397099c66f134ec6fac2f8e9280ec3
SHA1 c019499dbb2e11e71526ab59dc72360ebd592a38
SHA256 0695825471e6f7d24350d4776c0144a8b21640fabbf0919bec0ff43e40b7859a
SHA512 e2b64ad92e33e2cc924e1e678b9a48839a237acd27bd75aae34aa1f4b7a727a08f3b278610260ce091bc201fb1ad2153d61ecf0f036aa2260d161e40e38614e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

MD5 b2dcd7c2b08e0023901f11dc0e6cf2d8
SHA1 734dd44b21ee39b4bfb0a7a91b8be252e1e5a64a
SHA256 5a14af69c8d4fb7dffe412e2c04e5740a6af5fdbeb723e5ab53637f17cd0036e
SHA512 3404a227bdc9fa772d6c6b241716b46597c57ebaa28f36b30719cdb0a31f702e2cf37f31df3448dec9f37a7a3d5e42a1cce75c629bcebb13395bcb8a55a6e3a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026

MD5 d1a0d8504b6a46215e2a4cf521ddb7b5
SHA1 3d6e16808a1e17ccdaca99f37ed30468391c62e0
SHA256 cb357178d5e09917800b0669d958b5517c4f8b322c01f2adeca3ea7fa4e707c1
SHA512 2ee68d71b04a78e1bc353f66daaeac1ab9f2e1119d7b6974571f8ef1a7a20fc1ea3903f3d90f3feffe7d820339abed4a26cabb230ddba3baa415309daad2d570

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

MD5 e684bcd79ef03b90019568b29e05a52d
SHA1 ee3e739e4e64b44fb089c48c16e010833cf7678c
SHA256 37d1d4cd91d4e20d4f20e3548e220d138659711ff11f51dc3d7064851151ec1e
SHA512 00c6170c1f9f423ed56dbe5c0ad342040771c066b37196b5e04355678d6b72f924fad9c0d7932cc9c9050157809b12c406024d728de259aa9b52b4105337a674

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

MD5 a7d020971edee484ea885fc4616e9b94
SHA1 8886c765643c22961bac6d7b2c3c8ecc81b06bb2
SHA256 b883ef00d35c211c6e80e81e27765a3a13cdc958461edb8c2c04841a8a6a44c5
SHA512 57532c64e20bd6e59771a201e5c35d821092813d6838b13752ea2f85fdcbe02cd22b2d318a4aa0f154e1490f89d6f7e5d20adf7211829c1e052fd5d7ffeb5972

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

MD5 ef11ead07b2e00d9328f5a303f3beaef
SHA1 740e3b351fbbfb208f330579d4b61a6cdff065a2
SHA256 d17d048e7c7e0d4bc2a133e8654dddc861d822293267c687017c7c003e964ec0
SHA512 792f40ea2e814d20f607189674adbc94b359a5264c1a21c903cb4bde58396dae9900ec29bfe6b59923502b323d891f18401ea568addbc1162539af42ebad6c4b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d83ae7feef35e2593886c733decf4e1d
SHA1 7ea9622c42ed0e8af825a230eaad0f75d27cf68b
SHA256 c2744bfad44ac6b651b010da30aa593a2a3d9222e0a671026bf7a876729c14fb
SHA512 95dca04e4883e5df4f20354a7a1ee53f585a45a5c3f5e27332d80225fc5ae8ea8c20967f494a74449f314d75430fec7609172829dc786f4b05ec2ebe20ab3934

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57b863.TMP

MD5 2df727774abac8600a723b6a6ebe54cb
SHA1 93034876dc4d510ba7dae31b26b7549c83035d2f
SHA256 e2df174d05b357b75154a7fa0d4d15f2f9288b0307dd704ab812c4ecdb85e814
SHA512 542ba93cbe3215f680549b935615372f01a4ae1e64ebcd3337051a62165e8842f3c4d02f19fcec12195cd00f069a9154c970f6c8f118e5d1005a4655d0799a79

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 da4b1302238c19f82bb79d08f06d98c0
SHA1 05faf3a960669a271b811acf3b7ecaf249e1c205
SHA256 103d20e6bd6196a9d0bdf789e2ac90e6faddd96aabf4e39d3e56a49971ef9dd2
SHA512 0f5e79bc79d5936b98a80de7bed56af107369e0b88194f1b05a340a0413dfc16059bc4f02f5bef17d04d6be72a8e7c0d34ddfdad97705ed3533cce4490e38817

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d744d6bd126f144bebe933628914d395
SHA1 a34d6302cfadca6217b242e612034c76b53894f8
SHA256 b6045300e75d7aede65e1cf2a154d2fa4f0f7c9cb171522672ab09c23908a7ee
SHA512 f063e32f2d9fce848ebc5469cded78e110ef6cbbd4ed06b21656d020e17d276ef483050e82cf271fa1b7d37242435c04315c4b67d8547037aa2eaefa566c6d62

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

MD5 40565ae77bdd56c5065c3040f299cbd3
SHA1 326505677956a0caa2d8c422b300e510a0c44099
SHA256 a366a1cec37da47e00204083349df8c8ab365b666391bad9298ffeb692539ad7
SHA512 630930aff08acd9b76e3267597fbcd35cc74f4faf0180d8b164896b8ea0fa487f92cd054f0ba3382dfcfafd8a29d7b202ba4c291c6be3f2900cc4f64963d62c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

MD5 69281da100964cfec7ae2f658e327d10
SHA1 503ffbb29a144105c4a897cc69e8dce126c3f9b1
SHA256 f2f8a553ba84d2913d5a55ebc99adf2ce48767bb5c1c68fbadacdb920d169cff
SHA512 ffa68cacc5a3a703eaa831616ab207b178f87a80924142a556f9e0939a8faec6f0432a6be4ab91e4c307c2cc98d32a925b8edc69fd5cf653e3978cfafa9daec8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8324953efc72a756e1fb821764eb35b8
SHA1 bf69be873a3ac5ef525b0b8ccbd624a7efe66a61
SHA256 2dfcb9ef4b094615aa9f94d2228adfcc3d0e308b00faedea1ed5fce152d24fb6
SHA512 f068884698a662aad9610d9fae8fab83f388098c35356fe0a8b189bb955fb237b85c812b7ee0d244cd4cc465baca8b73bfe7a9a49e0b4dbc89c8a0b8902c9e22

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 40c4a65b64fd0089b9d382efd1ee442d
SHA1 6ef909027276f37972e442f9e7fa6664f8915bc6
SHA256 c18d5b0a10271312da83c34c9f54f054060fa3d6b3c788c89bfa06d55c680b0b
SHA512 72b1b8265dec5fe17403f1ca59b8c9af5acf7137959264d468efa71aa59d1b9f76430414f47c8ea9dba9affc85cf108cad37a9d9300fe27129fdd124768bfe5b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57c8af.TMP

MD5 6aace036843c0decd78b0fbc136a2fef
SHA1 c304bc09fdec6a68e8ee9ffcad98ed8396c2120d
SHA256 6e0887a90a01f351fdbe456b94a8b3032fc0c3482108b289a3213e2202ac5961
SHA512 05dfba2346520746a18ce6a6ac54177b221abf28da8ad646fa764dd43bbad420196a7765b188acdd51a782d84e00e834372568b81d563bb1d071a43e89fb25dc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ae4252d7558708be71407179d084de02
SHA1 d290c0390b65b586d972626e5c291a9cc2dc87e6
SHA256 0a8b26d8fc1b06651d207f27cc7b8862f16d3487d84c3c6eb6662f259eea70e5
SHA512 a1960ceeedeb5e0618e9f9283ad72d75c5e347935df034d22dc08f520c1daf6447c1fa6a95be1c56ae395b19a2a58c1ac782c7e0e286991391f988942e146bcd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\storage\default\https+++www.youtube.com\cache\morgue\27\{0d6af409-f080-4098-8ce2-ba789cb7201b}.final

MD5 51bb0fe00991a2ae6707b3aefc583918
SHA1 21ec201ebf41ad57faaab02f7961ce5a746e6dbb
SHA256 97dc140355b2b45b54c3dab1ac66b951afae0bc742402cbc342be117f4424e0a
SHA512 41863cc0f1252366a5514dd62a06f4bba493029b8c7a35e19173b6d7f9114e7098fa35d284623b6641d28f7d7bee1ce99064987afc985dbf0354368f71f9a39b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\storage\default\https+++www.youtube.com\cache\morgue\161\{ee199eb3-aec9-4cae-b00c-4e44eb70f4a1}.final

MD5 5b0f165bbdb71faa1bb5b26c4f022e96
SHA1 704bbe81e0d8370e675246e1cbb347bf8599aa45
SHA256 b95a445bd9d295276e8423f1ad3fc50c740512a634f2115364217544bc87d44f
SHA512 6c521b2c55135ec98f79193bf9c62b73cfb1801cdeed03a9871878f677aacea46cae165a4290682768ca1c1192dff2e87b63c39228164d72d2c7abbe732f8d20

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\storage\default\https+++www.youtube.com\cache\morgue\190\{6063caa0-c228-464c-af1d-f386bbb3bebe}.final

MD5 45e25bb134343fe4a559478cd56f0971
SHA1 79f18ad0b7e3935c3231ced0edd8ea3c7997ca93
SHA256 dae4dd8e56ccc952312b3b238a1db294d4d7ad4f532c31cd1c2e5f9dee881678
SHA512 9b32b125c4183fe992630bc6ce9a511157959556fdce53f8264aba2aa8fb7b0e53b408b505da2cc96cdec771470927e74cba3bbd6eb71a5077e9f933cdc85292

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\prefs-1.js

MD5 61618828f73d5868338d34d6887cb285
SHA1 8120292c9fe78c48e99b9492b57de925cfb8ed2c
SHA256 4743e70ffa1740533aabfa7b2c9ec6ca7d296e6c77ab1a39ad4038b204c7f6ad
SHA512 c6cefe84ff9f0c52fb77cf1c5293db93003658c13016206b73820f670f32adf09d5477bb19e7799088d40f74816a554d4331292902166466f2a0be4047ed6e27

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\sessionstore-backups\recovery.jsonlz4

MD5 340181e219188ce337887f21a3c237d8
SHA1 bcfaf603723872548c004774f9e51f2a5f4292e2
SHA256 b5e11e42cc792a073529a8fb59115569f870d38555c71d3e3844cc413d27e4d4
SHA512 fc2f63f08564c9324fff90e885e8791227f80a04c43b10c99ea855b94b6f3eb21ef141dce00c67df1f293a95b6622211049ab1edeebf9ca9067a3a1e8ac4d440

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fe46b5dfefad8aad9bfea88edb8446d8
SHA1 359ef6a556770153f891d91bb2c9dc9468610c56
SHA256 1893bc20d124128d470783899bc9e038dc7543affbc12b21518b1422c78fb685
SHA512 9b2cbe89d5f8c280102f430921f99b3898a50efa450fe3326666cffadcc92ab82e02521e0c47cb791bc22034def7d70684eb3d16164953da70aa5fe86b35a0ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dd7bc76358c76129ef6f9b7b48b6ac8a
SHA1 4c22a4fd7d22e06f4ce07abc8365cd09db3bfb31
SHA256 911fe978babdd51d2018c79f4c92051a56e6473b6c72f983b2383cd34f1f654d
SHA512 03c5d694ee99382798e99461e68ae6d7a34f20266694ba6518d8398ddb37fb337258ba50ae77569d2a1b18270c9f97c8a50fcbb89050d00ee8da7af6d3971737

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 8692a123e8361f7940dd197f4c5d379a
SHA1 9d99469f5c68fb73b7f2ada7b48b7c587b5f9daa
SHA256 a2185712141d8f82f3e713090e529b8148ead818d54dd50b24a51f1343af8ae1
SHA512 465e91944a7bd778c1277a72a200e78a193d271ec65a2a5f3519c6e36bbb3f34a887337d14eb5f929e5c6966210aca0d270fcee274eb2089299068f5484a3a6c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 0a8ee0ca2fe565b18ab926a95716f1bb
SHA1 737465905ca75e926137891fb50871d317ef88bb
SHA256 db0488cc829f05bdf872f5c83e82ee5da32de032c99e5f19f902b15a37069861
SHA512 96cf5363e002aad1eebcd13a52e852906b6ed8143429c3f65786da9302a4e2bdbdbf24749156c430758fca9958e1a001fc8ecea9919c669686cd1795facb9087

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\0c88d2de-85f7-41f6-a1f2-513c4d156e49\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 23b1c5856bdb877e86e3719698c15d27
SHA1 fb0488ce4bd4e667107c047752dde6d094334a65
SHA256 1f426b7fd21a881106428cb4d5b99e95b9c990ac23458feaadfbbdea67840a47
SHA512 7210f6445a1f4b28acc1515b9c10de8206702288a1047c29f34bdde70ef3b2883aa163fbade7d0ce0c6e89525adba57466830246a865bcc63284e6ca5f77c698

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 4e3137cc48d6eda5c0f12b3411e6c405
SHA1 2aad924659bb8ac8623d8a46e73b3a67e0658575
SHA256 09822a485e132d82c514afdf29ceb2c6065efcff4f0a215b61ff960dbb3d1cc6
SHA512 dd8b62656aed5e781c674d83239950f769ac80ec4d092fdce5da47f9b81e75b66464a1d5cf8ba88ea5bf62c3fe120d12540913452036a1fe3065354e2ea7d795

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 81ac05c6d01d84d913a56c11909cdc7d
SHA1 55f6bd5429c5a35ed53caae2cd50d856edcb7883
SHA256 b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5
SHA512 0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\storage\default\https+++www.youtube.com\cache\morgue\92\{293ffcbc-31af-49ce-8e4a-c558999b3e5c}.final

MD5 d0d1672cc7d147f9f802ebefdb01e914
SHA1 22ed7eb147f695ec1df8ae6f43cb7787dd0ea652
SHA256 62efa98b135e5ef8779b99489ab8200b60026a5b1000ff3c997f3be230febe2f
SHA512 7f8ef8af3f57a6aab90ccda6ab1079e43630de11d14a780786a1b0f1ab057d7cfd5ab512b53ecd8ddd1bcc669fa56a0c260b2df421db64e3855dee7d63251a68

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\storage\default\https+++www.youtube.com\cache\morgue\84\{5474f58f-1b02-448b-94a8-b73443caf254}.final

MD5 7981f433590b9d8b8a3ddcbd9d4a83ed
SHA1 58944a6101a8cd3e37574d26f2d03638c0fe2b2b
SHA256 097ca92e3fe122231764cb6d23deca18894c83cbd4128b39e925c88c061096b1
SHA512 67e541767b07de4f4a1b88b13c5ae2f0b0df41c09b22648d8681cd7e7cb2cc7d0c15f685f8d6165317fa5956687f46731867892d3e811b78a9b6df2eb3565d4f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 b110e386acf9afa705b47a490b6967f7
SHA1 601f3896ba5a32cb32e42de13b520470510d258f
SHA256 6eb0529835e967f45638104321dcfe3ba2b6d247b45b3759b2aff2d9408baf2f
SHA512 c37b0a89846d04a73fb2c83df1548cc577ea7f909859b8efac7f5ee8c291900076c046a41ea971cb4cbf0bcdbfdd7ef35df360571a00d9feb39551b6a54647f0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old~RFe580328.TMP

MD5 8337520abb831ca9ebac418cbdb6ad28
SHA1 5e3cf56c0b08334ceab934a7c511812e89585444
SHA256 220fbfa399aa2a65f2c6dc730bf4cfa8987981e63804f17ae864ff7201f99454
SHA512 4b513417800b63b131c9f4f03c00acdaab5ccd361317af32c6c8d848c503eb1bac27be20c859ea0f552c97836973b447b3b97241f528d784fbb0b64e624b6a86

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7a2bba2ad16f0979060058f8cf61e6a9
SHA1 218b91f7a71dc21ca69fa1fa650c1069a87964ee
SHA256 83c5cb6b46170785931d2d0329d9fe29717e93e3ce0d825b073e1be8b7bf8716
SHA512 c5d17884d3062afb9a3d59287eda249bca82ac53adee59861a975318b46dfb2caae777bcf0de75b216e19bb5ce6b427e914909e4a20d4fd20caafae71ede368e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 6499c2261130e7441a5ab62f1540bf03
SHA1 6e20b9f23f9b6e27d519c6877592a0bba4ddf56c
SHA256 c2be1f359391d2c2598634956f126866bd737d9dd8b2156054c0887b5283dab4
SHA512 283553fb05a67d7c111df93d5c053993fb6582098765dcf76546cc94a911f973e9a3ca0d4988d14e84826b6d158db9ba9dd572531c8b3e5203ce976669789548

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe581846.TMP

MD5 255dec1bfb178bcf832c15f88537a8b1
SHA1 a0d74a31d3d597df2e5100143613b4a222d27eef
SHA256 503f8f953c30773c30fb8596f714bdb687ddfeab29baf417196aa1a692ad1275
SHA512 00d8e610093986546c08e394a22eb1fe9c10c3263c4cc324f8171f801bd50dac7ccd542783491a5f7c10f01216506badd31d14cb48f3b57b0f20859ee7a87729

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 d268554ec41d0e58c73a07af92ab3b72
SHA1 72df1312d74a5ebab2633bf8b54c4f755b4e8215
SHA256 09c6d7cefa17140da83d964bb055527ece4172551f5a7770f7ab1bc87a2f7c3a
SHA512 2e9b7e98e8cfb133a8b3b213d5c30aaab9de7bbfac83de9b88bb3be33b1acfa0e49fa769c627dc0025277a252105ad6277f11195426d2178943ffc73872fd0b7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\sessionstore-backups\recovery.jsonlz4

MD5 d26533a2a68e034db0a4833571bbc4cd
SHA1 ef8a0b0ac7ce8646c2c760dd3e74f2a28ca00c32
SHA256 a60af78a4a65872f01d5bda2cd0753d6a822204fd570f4dc1f82953aa9ec72b6
SHA512 a67a4269c2adbc65c8fb253047f333e7598e90018b47c1353fdc60f79fb901ae15129cbae253175c3df581dadb13e3cb0344e32069c5d6a423792286a8f79696

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ec341cf4a0be2384784ba2fbbdf70406
SHA1 e141d4103ad3a4bb605ff08942b7aa5734fb7681
SHA256 5e708d307e685f485ac467ff0e2a07335adacb3f47b7b6e70278497e6f9025a4
SHA512 d9d98418f6fdd4c81951f7d60b8ea047fb92000d5abd28ad8f81546c7b96395cc8a29eaf69bb4e65902b87152c72022dbf4c477144c473636c17cd20a131e827

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 08cdb5ee4c072627a1fca98baf4c7951
SHA1 a22b2cb4e64eda5a935e58bd84b56c6a01f8956b
SHA256 65ae1deb3ec7960be58f9f48dc4ab4fc045cf965d5980dedbf0ca18bc24dabad
SHA512 c7253583f712bfa0f0d26fd891553a00b07bca6023855e9beae0e8efe69e6f4f688fada6daedeb9941a0d867e7533a135aeeee483c985d993a774e2ae43d21a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6bc043b5d91f5cc5d7e25d90064fbb31
SHA1 ccda80ce58fd5ff3ac7aa51555d192ee73f20a59
SHA256 b358acdcbce343650a7181f47888905f2bb6f8e0b5a9c2688fb1ba4bd09c7493
SHA512 ae77dc531e7a0eea243d803e1e343cc472ac5b4b9bdee9bd33e9234dff8dc7e02431a70fac28b4c882d450ef569711426bf922b67fe47ee4d5f341bad88f4e0c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 2ca0f751e97d7514a49da874ce7d1930
SHA1 72c6a8cae2df8e114f31bd153be849d43ff8af47
SHA256 709b03b2618c9b0747abcbc8e614c749411aebf8e1e7776211f23a79cde722c8
SHA512 3dfedea24bfe395650a6e0ac8bed8f89730db4557eefb0194de1a2ee60b776baf8dbb2511cc81853ba62a538d7854306c2ad606bdf600de08978eaef569df0d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 d0fe3bf64ebe619de44caade85dde417
SHA1 628c0f049fc4e1cec3bd49a200b17b262c6c6d41
SHA256 4429dbc0bece83aa7f3f83cde7afb68b2c03e49aa3f911123b44c08e5e522b7b
SHA512 a8663c40c70cbb18d61e81a299a933387168c50532da4fff774f729e5a2f620363151e9906d6061f6e84738280a58c961ecf72df39e948b0d90942a9ccd3dc5a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\prefs-1.js

MD5 6f34b132995d0030e3705b4f0092dd68
SHA1 5ecdb06e9fab71b37cf991b77f32d5830c086521
SHA256 17a76c27173e8972deb58832066fe64ba4c3066cd977c9cad5d01d5039ebe8a0
SHA512 c66c1fe73a6b0bd4a1915458b25c62845b457a13f33240cff045696e4ee5f6c765357264c7b13ad6c9ec65ea2ea69ef7a9ddf2f12e3b14f80f592c9959b4ff03

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qmjs2eet.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 dcd564e2ef133d6393f2dccdcc0f7ae6
SHA1 338e4a497397d5a19227a32209766833a9eb503a
SHA256 3717b0005ba3021a766a38e9861dff8812b31e4ffde3476312049d0a4e9d179b
SHA512 e8057b893e79e142dcf1a8fb4ab4053ded70b2d9b7a570f9562d032061f3b840f00dce8654b2f63737ada54b670ea983f488ec9e3cada6386afe2bdd5f1479f8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 42845df57ac270259b49fe4e117eb84a
SHA1 4ed81737d5c133ecc3f6431e07886810f954caf9
SHA256 5fb830ed898499aebbdfa1ded3b42950590285dbd63c849cc28c70ce7a7a6044
SHA512 194fd1e4025dfa357dd261f85a1395f9e0eca58cf72fdaf94e095e22c683a37dc8acb8c6907602efcf80fe45b4bd9ada35afada2066c5161724addd57aa1b9af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 94d1bf60f31f7355d48635b997cd7643
SHA1 4ac8d9297668143f62832e3a84652fcf383bc74f
SHA256 e72a9e72fc2cafdb5c02d334860c5b04fd69342cfdf0fcf253e28452eebbc850
SHA512 921e7e79296f22032eae81bb0cedd57b314fb7a46f9546555d8f5fd53b0e184c0cd4a2b5b88c11afc2649dd26853213f5895f5a7efca65bdf7c0e77c623d9570

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 b6b7744e681eed3133aefd52a86bb9ac
SHA1 dd2f1492d49dfe7e48f08ca4be98189530ba154d
SHA256 80ef5a44f41b1384ca57cafaa6d4280de53189680648620f7dde827effd0c9df
SHA512 aac081dd7a6cce4cba8fe683d3e2e9922521b7b318727414aff0ddb5c52f6f614a16f7ee7ca7d4e6c8d34ba850fe5a5a7a2e8f5e619062d624b1c25e4f2dd8e3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 f0ae07f87aae7adbcd5a01a73cc753c5
SHA1 a220e2714206b767f4da610fc2b1fb82319a9ee5
SHA256 c3ff5d394971be8bc4a03cda89332e44ab0d010713670d722ff91cee21a706cf
SHA512 3bdf5e8e38d4c678b7ce05bab485e4069742e32b6e0bff6b7848c57fdce1c940269283569f20b521fcca4972604e25170afee29b0d56875e475c4cb6494f8606

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 aea050cdf0f7d1d945a01047e44ac859
SHA1 bac6f6ec2e3077483c377c42c0bd01ba1bbaccf5
SHA256 5ff0f63b4bee8c66db0aa2e47dcc883327a39b5d3d020e50f462656965a71303
SHA512 241eeaf3d9a6aeac8174ca941f83433b1eb14766471228dbb63fd8ab4a49d7509d939601214d42f5f297cbec8aeb6983976d41a3efb0d372d09d6bf9c39bf76d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 00b2f397e8e34610fcf193a07870470f
SHA1 34e2b48a1a4c95789ed18368d28176e3353a620d
SHA256 9d12bfe108c468a0e5a28c85d1f0588dad33ee8210e99f72421ebce266925f97
SHA512 335b7acc564813774657f3a3eb9f2ec36198a4ddc7ada0f2942a523a5f57d042b9ae6d0f926cdafbf7d912e55e8ce1d395f3256139b01246fb61d536406131f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 db628d1109d3504bb879cd181edf9233
SHA1 764512db5469de6a4a7745767278e4f3cb3368bb
SHA256 1159f83543c74c969edca6a1b2559adcbda7888e4b7f056c9363be08bfa7568e
SHA512 10b8d140faa5369418766591659a7e2eef264076c3c5b6676b2985b1a32a836eb0c75c6f3bda87f663c70ee6cb4fe376b14dc851d69637539388e11fd832595a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8399cb5a5421d24955d78c7d0c257097
SHA1 8cd90cfd01ea554454bd316fcff949d43e82f18a
SHA256 bacc4e7e3153bf54e800edc24e44d8e24f689c8253478748c587a1293aecbc58
SHA512 de1a168700dac0752fc4f9dab3cad6e8a0013237fe0ddb020ba344ad809fca158a1fc63958949604582c68dc22f18ec626aee2c93fb6a0b42000e4a07ef1ff10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 402d0dca6f135a346729366e506c9bb9
SHA1 442489db0c3d62719538eccdba9db78aea1a3266
SHA256 d352be7fedd6983219285da68b613cf8ec83b3f4ad171417b7c19e6848f2ffbc
SHA512 bd8e715c4e76383ee133dff89386ea040bba5064092b0e4d42c507dec44cf2a9501746feff766e76ba9a618e02e996b57a77610b5d35da51eaa2ec0dc7b85c9e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 368a8e7a965ddc74bdc4fce6d57a08c6
SHA1 efca4c677e4471124d6f17e4c295367d867b08e1
SHA256 6d47255ac2dcb87ea1bca372893d79261a8234b22730e54a27be48d31fa57ef9
SHA512 ecb863b73d14f796d8ee80da450fa4edbf72d6b629790404327defe05dda90ea0eae9dcbfaad32646c99feffdc710ca0f1bd1b6d0b065477542feaf4b7a5a2e0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe589805.TMP

MD5 bec30b3a84a55b1ccaeff5f28022a3bf
SHA1 80f8d4e4a3781650803ba28c6fb78832d578d293
SHA256 355d4d6146d92a0b33d2398cc236ace59bab8bbc215fcc18abdae3ed21906057
SHA512 102ec6256c7a6231138180c9e7a53c68cc41be21b91142d234cff5a205b2f145fa3d965fcbbdadc90671d6676fa979af0f507ccfb602e6c038c738d36f119db4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 b0873cf7bee3625e04c11dce26e8d118
SHA1 32b0f6f7919aade930a71a53c8de69d8bcd535ad
SHA256 11456963548f1ba5c202418539b1b6266da0bf8fe759eeeaade160f640a5c913
SHA512 0fce21881442f4b76ed368c128f8410ee60003ef737022c884aa375ed077a95afbdaeeec1315ab4fc26cfda9bb8f69d19ef54f19322f121bd4733c1194c34bcc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 66f421d621a22d579677930664585b1e
SHA1 767e7beda5cf737a6a296b2d3a013c5a9cdca4b4
SHA256 eb8ed388f836e756f4cc3eaa7b21ea37c414ba0a0d2c7ee0678719a65a25c2e6
SHA512 5087ae18a342abff39e1e742ac8ee757d48bd89a536f184f18143057a1e0fa8704df3a31492a5d35684ec112498687cd3cefa77357f7666109927239ac0d918c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 e8b4b8b311ebc85478e144bce025ed3a
SHA1 2d57491e457caaa0fe5ba468a0e3fd24372cb2a3
SHA256 856a5408c5b4a44ce01ec4e900d9cc90a8f9ca953c1bdb4497bf693e51d53b76
SHA512 5c09e4e59f71df78c936eec04c80bd855d234f957e4ddb7e26e51ee763f857c9fbe3a0f4280e554f1cb22d682112022c1198573ab0f4c4f8429f1c9201f04a2c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4450a21009290a704f7d7e92897e2693
SHA1 1c19af668341ccf7e10fa8bcd4544028fe5477e9
SHA256 ceb7f660019f256c734500f3f32c005d237a9f097a029e0c4a50b529d7d42475
SHA512 dd92d5809606ba03dda836fbf53da2bd0ef95997e8b50bf7521d613818624a1b59828457663c052123980f7e4d69de15f17f6e92f8316e5522edcf4a7a27c5f9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 3b40598a735a304a93194868c712d563
SHA1 6ccfd7117bf97966c78900872119f749873e5347
SHA256 e8b23f654dc1dc41d425a7ba52885933403e1ee55867aa52f18b641e93a8cdd6
SHA512 4e159ca9cfb5ebe7af0e847923f82d4219a467121cb51be9a0f0f6a2345067e234df5ef51206e71c80e5727333a5917e0aa1ca2fbd7ba72f280b69fdb9acb3df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

MD5 4e08eee044c91ace0ad7a46cd9542a0a
SHA1 b542dc6b9818c8c1e07563d3656389c67b3ed5f7
SHA256 e5602fcd6ae093bef4648c93d192f79d4d6849d783096aecfdd2f53e3ad85982
SHA512 72851bad9b83bfff6a47141bd5ad47bf1a2fffc7c8c62e611606b06208f5daa3c52ff49f60945ae58884e22476069b99c7a7f44f1ea8d624cf2ad4f4227d3b59

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 d0e10e5636ddc72860fb845f5bf1110c
SHA1 53445bd3ee7993959fee919463a2b3f40ba2a595
SHA256 0bcbf93150bf2b0e5807e808b549aefb98e3522f9d033bbd5c28807d33a7e4c4
SHA512 6619fdee24b1a1bb3f1aad08c3b8e20aec66fe815acdba50580f1ef40cd681c51395e36516e825a6b9fe6761ac3e2b453c9d0779219f8c029dd24fde5d8df6dd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

MD5 aac9daa9fbd0a896f415cb631da7f954
SHA1 94e7321a4d9cb4f42d662f5685a36920807c8c38
SHA256 c9da818db49a51bb93b938ccaf2941b1b3df40f0d1a8e8710cd14284b5c01715
SHA512 2dae89fdacc8c85ec21603c7ebe3b4f0d8362ea3678670c079745bde82737757c110f5d66ffe53559a8331a49a809005813e12b830941f0f72707ed43ebcc4b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 27a05b77e7bba6c2b279f1a67cd6acef
SHA1 3164de3d460475f745bba673aecd9f7d799d7509
SHA256 71aca97ad43f1a016bcc6a04f90587cba90db71a03358130d686acf042e00f83
SHA512 5cdf58d637dc70be10b36d7ca7230404ca4cd58af53028183cfc28335dd8d3ccb24f0653c0844acf67deb18f8b529dfa83ecb2af34dc1129662dbdf20c0bba06

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 af22a6b951ea1771f0362b040a0196d8
SHA1 cc1573a8bbf47136306418831d5445e75cc762d5
SHA256 ca25f91a297ce0e7f5aab4137df6dcdd11cc35db8172ab12cd645eb777b31bab
SHA512 648d2b6bfc3955627523f708fdc04229cc3c018e4d6f6028911cc1e9fb6cfb5682d868cc7f45e4fab5ec39c58bc69ab8721f32b39492e1060e2240a7bc2bc8ab

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 f8a2a540d6b7a086817e9c62adfca05e
SHA1 d67ed50dfae4d50870465f578f023b9402114e31
SHA256 a82d2594af155ee9fb8ea6516f8f6bf86a3819926d64548eea14818ac53019e6
SHA512 a94759076233c331dc91d5e1df6dece08fb1624293919256b611a8b2b1f22d3b98818dd09c5269ac27d51945caa9f61490f42a57b320a690455d171c12d50964

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 cb99b5adf9fc6153d60e3cbff3c19147
SHA1 321d4e471697dcad2f48b427af2be83667906117
SHA256 0d51e6b99a4af07c915d1ff45e6c05bb24e838b39b06ab6219764dc59f804fc7
SHA512 2abfab42d27e3f76bb43ac3fd5402f8d068efff343105060ba7473f1d99ef621be2ccd5b5f20c6f6818b75825609e45e82237efe0eca81928a3dc128232fc14f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 00f99c796b575585e0a10456f5ba36a4
SHA1 4376c1f0e02dfa4d04e3bd187ec607b4cab600c5
SHA256 617146663cc5224252c35f0acbdfbb034e6bcd558bd048de37afc9d7d0349f66
SHA512 139ee61e15b1a0883ef84187437f174584fc5b1dc4f7dcea63b5684259adfd28c8ff30e71d0241a210a071f7a27e4fe68ac843c383602eca19810bfefc7fcbc3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ce972e7ade78f19f1bb05be86ec76447
SHA1 1722f0b998f88a9eb1f5f1602a47f6f27c3eeb6a
SHA256 1c046e32a61c0924ea0e7b0ed39c7821f269d757b268f747b0ea59f09db0effc
SHA512 f7dd3bbde55ba900bb91d2f4ad62b36640dc51e8c90df5aea3eb6e433247f5a08aff630adda93ba109aa002c24b1ee26bc75057881723f7e9ef56e875538aec7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 e03cf424a59abe1ce76b50be27a36ef5
SHA1 94c419f39c03813652092083fd0b0d42ac434634
SHA256 ec1bec9726ab8171e1357eef83554da45e333ebf6960947465205c111769928d
SHA512 31915f83b37b7e7c31f0aef735bcd05d8d5899bfe9c818a192a0c3faac62a0bddb6748898aac69f3df258022a7379985710f44ad74c61d487110f36b9be08286

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 7738b6105e98e541eeae38eb134c1b9a
SHA1 27c98bdfa0a38f271732a3427a8f77d5f431df56
SHA256 3c7ccf839e327079f7d62b882a086894a2e42481e29b495cd94498c7ccf5fc28
SHA512 a398c5404f05d6bd00c67ea2344a88af986c4921573ba766a84672b41db3ea714057cbc6bdb8007669e0baee2d09f4f7d3e3fe39eb67fff997497f91ab17bbc0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 4869b80a851f35b9228d86330b71713e
SHA1 9424f43ed6ba0b47f14afbff758e039e7dd457bb
SHA256 81e8e72987add0daf35e1d285a91b16c5718fca0e2433f316ba24755230f6b7a
SHA512 bf3968b54d9528e541aa0d4113ec7570f6431c15488cadbc7ee549208564df40ccc139504a640468ba54b02a2ed77a8902fd4ce0e38634545c7c1982357e01a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 5d9469709e23df94428d716bd8c8ef8e
SHA1 9e246abc84dfe06fcefd5b0d8871ab76b1e4aa6f
SHA256 268b5132fc5a8d229cb734bc0887fdd9311228f71127ee42e10529f02ad5fca0
SHA512 e6e23034e6d58f090a73df2882bc2d6b0dda841663d4d3b46c9ce454db024a2bc2b779d6e0db2fb27e7ed05c0d7b883de446158bce38e1d68c4ba3de589a9b5a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a4d25691672023d1b64ea890759125d8
SHA1 955ab85069604cd244c1e798097eada069d588fd
SHA256 17dfde2ca7d5ca61c82fa1fbe877fda857b248e1a39a30e4b57cb5efa8051df4
SHA512 7ef1e39ee454e05163dccd2c08e6d0534c7305741b138fc3b8ef458195e3863aa3bb96322aa1b2d39ccb34232c09d11d0224780541df7b06717c591e2d41eff7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG

MD5 179db9439b8c840af2aab34d1f204acd
SHA1 ca2829fe7e9461c41de2928f7072409263ce247e
SHA256 6f94413a292e4fbe0b1faeb7d628197ea52014f7d0ca13c1c3388b9784f51019
SHA512 0671123794314c71ec3c94e1e2b25e251336d02703706eb77a9c4df6c051f1905b0035700b818e139b4766e04f7b4155cc75f9694b2e8efed5627a28cfd10edc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 95f46d4c0659c8b83a2d60464f2183f2
SHA1 3f85a11732eb6a284d2eb3de3202aab5c3b3da64
SHA256 d0149784b9298fa10c72924f628ded7d64869e3d1d075baf1821264cc891f4e2
SHA512 fb9220d0f002d0fd114267d021e569dc023f5ca1efb68b820fa7d514cd3cdbc75da9df787117cf1713e0a4bfb2f73df5c2dcebec0de0480a4422ad358e633df8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6b38ff684020e953dd49894dc6b6a88a
SHA1 57acfa0a43807c556b68b73aa42cc4c546f90aa6
SHA256 69823217e44c66dec494990b8a8571a27f5748695a4760e995f7d8b8c82d16a6
SHA512 1b5cc088e9a9a46d2e395448a6ba6bec91ae3755c14102b24358c984a74212115f83458dc78de96c4a7edbff33553f2629abce8046bdb47b4bd683e4121e445e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 25e1ed1f3dc6aaa2f7895c5e2c88f91f
SHA1 493fdc0b8134a9fd97994f09e314b40b8468e8d4
SHA256 b762934798c9d33d13cf33fbfdb6491594681e06254a87ff94c2d792e2ee7dc4
SHA512 6986de28f3164b2d4d5af2217dfa33709bee38fba7a4ed9d0ca76c7dbf145d72e98b925bdfb98d3dff9d9b03e8f878a62b25381428e740e192ca07e7bc62aee2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 c4815337d12520658586d5612c044155
SHA1 c972ac326840b94270bdac831e7d71eb232cecfa
SHA256 7f696149cba34225895ea633e30332fac2c374a99c93ab3beb40ac51e3f8484a
SHA512 e70e2eae3081c782b8491b1931e663601f616839d2c1b98adc60df852465954c3aaa2ce86ec7e597b7f47e0e33b75725475ecbbae5aac9e1ae9db3dc49379d69