Malware Analysis Report

2024-11-16 15:48

Sample ID 240213-d3fvbahf62
Target 9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe
SHA256 9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9
Tags
google phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9

Threat Level: Known bad

The file 9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe was found to be: Known bad.

Malicious Activity Summary

google phishing

Detected google phishing page

Checks computer location settings

AutoIT Executable

Enumerates physical storage devices

Unsigned PE

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Suspicious use of SetWindowsHookEx

Checks processor information in registry

Modifies registry class

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Uses Task Scheduler COM API

Enumerates system info in registry

Suspicious use of WriteProcessMemory

Modifies Internet Explorer settings

Suspicious behavior: GetForegroundWindowSpam

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-13 03:31

Signatures

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-02-13 03:31

Reported

2024-02-13 04:11

Platform

win10v2004-20231215-en

Max time kernel

150s

Max time network

153s

Command Line

"C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-3791175113-1062217823-1177695025-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3791175113-1062217823-1177695025-1000\{DD59C8CB-5DD7-4986-A2B2-38F0ABF6082A} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3791175113-1062217823-1177695025-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3791175113-1062217823-1177695025-1000\{E0ED4776-E966-4E18-87BA-5FF29BC74EEB} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1908 wrote to memory of 4424 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1908 wrote to memory of 4424 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4424 wrote to memory of 4928 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4424 wrote to memory of 4928 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1908 wrote to memory of 4592 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1908 wrote to memory of 4592 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4592 wrote to memory of 3428 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4592 wrote to memory of 3428 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1908 wrote to memory of 2196 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1908 wrote to memory of 2196 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2196 wrote to memory of 4920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2196 wrote to memory of 4920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1908 wrote to memory of 4872 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1908 wrote to memory of 4872 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4872 wrote to memory of 4364 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4872 wrote to memory of 4364 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1908 wrote to memory of 1504 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1908 wrote to memory of 1504 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1504 wrote to memory of 4488 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1504 wrote to memory of 4488 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1908 wrote to memory of 4296 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1908 wrote to memory of 4296 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4296 wrote to memory of 5104 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4296 wrote to memory of 5104 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1908 wrote to memory of 2972 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1908 wrote to memory of 2972 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2972 wrote to memory of 3132 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2972 wrote to memory of 3132 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1908 wrote to memory of 632 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 632 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 932 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 932 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 632 wrote to memory of 4496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 632 wrote to memory of 4496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 2628 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 2628 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3992 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3992 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3992 wrote to memory of 3500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3992 wrote to memory of 3500 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3340 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1908 wrote to memory of 3340 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3340 wrote to memory of 4500 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3340 wrote to memory of 4500 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3340 wrote to memory of 4500 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3340 wrote to memory of 4500 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3340 wrote to memory of 4500 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3340 wrote to memory of 4500 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3340 wrote to memory of 4500 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3340 wrote to memory of 4500 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3340 wrote to memory of 4500 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3340 wrote to memory of 4500 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3340 wrote to memory of 4500 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4592 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4592 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4592 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4592 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4592 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4592 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4592 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4592 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4592 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4592 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4592 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe

"C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7fffcef346f8,0x7fffcef34708,0x7fffcef34718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.linkedin.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffcef346f8,0x7fffcef34708,0x7fffcef34718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fffcef346f8,0x7fffcef34708,0x7fffcef34718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffcef346f8,0x7fffcef34708,0x7fffcef34718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fffcef346f8,0x7fffcef34708,0x7fffcef34718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fffcef346f8,0x7fffcef34708,0x7fffcef34718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fffcef346f8,0x7fffcef34708,0x7fffcef34718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffcea69758,0x7fffcea69768,0x7fffcea69778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fffcea69758,0x7fffcea69768,0x7fffcea69778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1448,4591309216377710889,7562456477045492395,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2736 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1448,4591309216377710889,7562456477045492395,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1448,4591309216377710889,7562456477045492395,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffcea69758,0x7fffcea69768,0x7fffcea69778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1448,4591309216377710889,7562456477045492395,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1448,4591309216377710889,7562456477045492395,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,11916646030644246809,4234660321166673341,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 /prefetch:3

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4500.0.1405839012\180256446" -parentBuildID 20221007134813 -prefsHandle 1856 -prefMapHandle 1828 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9751cbdb-95f7-45ff-9d7c-1c9d421bcf24} 4500 "\\.\pipe\gecko-crash-server-pipe.4500" 1952 2597e4d6458 gpu

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,16499457134126535438,13541761630554494740,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,7301121149076175773,8726299046624377049,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1448,4591309216377710889,7562456477045492395,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3916 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,10127068003804067974,10079486837152361525,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1448,4591309216377710889,7562456477045492395,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3820 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,11285894471594861613,9978850342830463474,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1952,3339810784037535296,3402860724065174713,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1964 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4500.1.1317123764\1937928418" -parentBuildID 20221007134813 -prefsHandle 2392 -prefMapHandle 2388 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {50045418-226d-403b-baf5-503a729f3dac} 4500 "\\.\pipe\gecko-crash-server-pipe.4500" 2400 2597e3ef258 socket

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1448,4591309216377710889,7562456477045492395,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1448,4591309216377710889,7562456477045492395,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4524 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1448,4591309216377710889,7562456477045492395,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4704 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1448,4591309216377710889,7562456477045492395,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4856 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1448,4591309216377710889,7562456477045492395,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5748 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1448,4591309216377710889,7562456477045492395,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1448,4591309216377710889,7562456477045492395,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4500.2.133523319\1412888777" -childID 1 -isForBrowser -prefsHandle 3432 -prefMapHandle 3428 -prefsLen 21603 -prefMapSize 233444 -jsInitHandle 1164 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4d83e754-ec3b-4f29-ab46-6e19b36404a3} 4500 "\\.\pipe\gecko-crash-server-pipe.4500" 3444 2590254ea58 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1448,4591309216377710889,7562456477045492395,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6180 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1912 --field-trial-handle=1980,i,10996743623565432697,5812880841555957670,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3796 --field-trial-handle=2248,i,13855338318338090741,5161502373146734739,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2880 --field-trial-handle=2248,i,13855338318338090741,5161502373146734739,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2872 --field-trial-handle=2248,i,13855338318338090741,5161502373146734739,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1664 --field-trial-handle=1980,i,10996743623565432697,5812880841555957670,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1992 --field-trial-handle=2248,i,13855338318338090741,5161502373146734739,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1964 --field-trial-handle=2248,i,13855338318338090741,5161502373146734739,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1744 --field-trial-handle=2248,i,13855338318338090741,5161502373146734739,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4176 --field-trial-handle=2248,i,13855338318338090741,5161502373146734739,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1884 --field-trial-handle=1976,i,3381168687398409687,2721847073860808746,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1724 --field-trial-handle=1976,i,3381168687398409687,2721847073860808746,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4500.4.1317474097\15858223" -childID 3 -isForBrowser -prefsHandle 3096 -prefMapHandle 3108 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1164 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3a3e09c6-a7ef-4c6a-b9fa-ab51c973b187} 4500 "\\.\pipe\gecko-crash-server-pipe.4500" 3192 2597e429358 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4500.5.1841688796\445303481" -childID 4 -isForBrowser -prefsHandle 3776 -prefMapHandle 3192 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1164 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5e47b3e9-2e60-4735-90d9-1922ba74c78c} 4500 "\\.\pipe\gecko-crash-server-pipe.4500" 3404 2597e4ba658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4500.3.1851703955\528921912" -childID 2 -isForBrowser -prefsHandle 3040 -prefMapHandle 3308 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1164 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {91f1e54f-643c-4ce3-8a80-777fb5dbcd41} 4500 "\\.\pipe\gecko-crash-server-pipe.4500" 3136 2597e429058 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4820 --field-trial-handle=2248,i,13855338318338090741,5161502373146734739,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4116 --field-trial-handle=2248,i,13855338318338090741,5161502373146734739,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4500.6.1584386852\2121588269" -childID 5 -isForBrowser -prefsHandle 4784 -prefMapHandle 4772 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1164 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b0656f2a-ba0a-4a39-81c9-01ad8848343b} 4500 "\\.\pipe\gecko-crash-server-pipe.4500" 4904 25971b60458 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4500.8.877101112\779411690" -childID 7 -isForBrowser -prefsHandle 5716 -prefMapHandle 5720 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1164 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9fc08b40-b4d7-403a-a354-8a175a8d9e41} 4500 "\\.\pipe\gecko-crash-server-pipe.4500" 5708 259043ae758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4500.9.1209362044\1991055591" -childID 8 -isForBrowser -prefsHandle 5988 -prefMapHandle 5984 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1164 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7195ea12-6d10-4bed-aef2-c38e884c27b8} 4500 "\\.\pipe\gecko-crash-server-pipe.4500" 5996 259043afc58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4500.7.2088856590\632098601" -childID 6 -isForBrowser -prefsHandle 4696 -prefMapHandle 5228 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1164 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2a2bd05a-e5ad-4162-a876-0079f1af6360} 4500 "\\.\pipe\gecko-crash-server-pipe.4500" 5576 259043adb58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4500.10.1727292699\1071031451" -parentBuildID 20221007134813 -prefsHandle 5752 -prefMapHandle 6188 -prefsLen 26381 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1c044272-27b8-4c76-86f2-b54abc644d6f} 4500 "\\.\pipe\gecko-crash-server-pipe.4500" 6156 25905ccf058 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4500.11.1371361640\473466796" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 5752 -prefMapHandle 5940 -prefsLen 26381 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {239159cd-cd9e-4ac5-91d5-2ed13eb1de45} 4500 "\\.\pipe\gecko-crash-server-pipe.4500" 6352 25905cd0b58 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4500.12.1113416804\641283357" -childID 9 -isForBrowser -prefsHandle 6724 -prefMapHandle 6700 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1164 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {315b1ddd-ec9f-4d37-9252-215e1674fffd} 4500 "\\.\pipe\gecko-crash-server-pipe.4500" 6560 2597f895458 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1448,4591309216377710889,7562456477045492395,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4392 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1448,4591309216377710889,7562456477045492395,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4276 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5436 --field-trial-handle=2248,i,13855338318338090741,5161502373146734739,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5576 --field-trial-handle=2248,i,13855338318338090741,5161502373146734739,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5588 --field-trial-handle=2248,i,13855338318338090741,5161502373146734739,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1448,4591309216377710889,7562456477045492395,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4756 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1448,4591309216377710889,7562456477045492395,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2308 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1820 --field-trial-handle=2248,i,13855338318338090741,5161502373146734739,131072 /prefetch:2

Network

Country Destination Domain Proto
US 138.91.171.81:80 tcp
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 www.youtube.com udp
US 13.107.42.14:443 www.linkedin.com tcp
US 8.8.8.8:53 accounts.google.com udp
GB 142.250.179.238:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
GB 142.250.179.238:443 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 35.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 static.licdn.com udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 23.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
GB 163.70.147.35:443 www.facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 142.250.187.246:443 i.ytimg.com tcp
US 8.8.8.8:53 118.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.187.246:443 i.ytimg.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 142.250.179.238:443 www.youtube.com udp
GB 142.250.187.246:443 i.ytimg.com tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
GB 142.250.179.238:443 www.youtube.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 44.227.167.82:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 246.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
GB 142.250.179.238:443 youtube-ui.l.google.com udp
N/A 224.0.0.251:5353 udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 82.167.227.44.in-addr.arpa udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
GB 142.250.187.246:443 i.ytimg.com tcp
GB 142.250.187.246:443 i.ytimg.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 rr1---sn-q4fl6nlz.googlevideo.com udp
US 74.125.1.166:443 rr1---sn-q4fl6nlz.googlevideo.com tcp
US 74.125.1.166:443 rr1---sn-q4fl6nlz.googlevideo.com tcp
US 8.8.8.8:53 rr1.sn-q4fl6nlz.googlevideo.com udp
US 8.8.8.8:53 rr1.sn-q4fl6nlz.googlevideo.com udp
US 8.8.8.8:53 166.1.125.74.in-addr.arpa udp
US 8.8.8.8:53 rr1---sn-q4fl6nlz.googlevideo.com udp
US 74.125.1.166:443 rr1---sn-q4fl6nlz.googlevideo.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com udp
US 74.125.1.166:443 rr1---sn-q4fl6nlz.googlevideo.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.200.42:443 jnn-pa.googleapis.com tcp
GB 142.250.200.42:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 74.125.1.166:443 rr1---sn-q4fl6nlz.googlevideo.com tcp
US 74.125.1.166:443 rr1---sn-q4fl6nlz.googlevideo.com tcp
GB 142.250.200.42:443 jnn-pa.googleapis.com udp
GB 142.250.200.42:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
US 74.125.1.166:443 rr1---sn-q4fl6nlz.googlevideo.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.180.10:443 content-autofill.googleapis.com tcp
N/A 127.0.0.1:51044 tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 youtube.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.180.10:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 ponf.linkedin.com udp
US 144.2.9.1:443 ponf.linkedin.com tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 platform.linkedin.com udp
US 8.8.8.8:53 stun.l.google.com udp
US 8.8.8.8:53 1.9.2.144.in-addr.arpa udp
GB 142.250.144.127:19302 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
GB 88.221.135.104:443 platform.linkedin.com tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 127.144.250.142.in-addr.arpa udp
US 8.8.8.8:53 104.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 16.221.240.157.in-addr.arpa udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
N/A 127.0.0.1:63533 tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 155.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 78.169.217.172.in-addr.arpa udp
GB 172.217.169.78:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1---sn-4g5e6nzl.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 102.11.125.74.in-addr.arpa udp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.179.238:443 youtube-ui.l.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.187.238:443 youtube.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 217.135.221.88.in-addr.arpa udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.187.238:443 youtube.com tcp
GB 142.250.187.238:443 youtube.com tcp
GB 142.250.187.238:443 youtube.com tcp
GB 142.250.187.234:443 content-autofill.googleapis.com tcp
GB 142.250.187.234:443 content-autofill.googleapis.com tcp
GB 142.250.179.238:443 youtube-ui.l.google.com udp
GB 142.250.179.238:443 youtube-ui.l.google.com tcp
GB 142.250.179.238:443 youtube-ui.l.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.187.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 234.187.250.142.in-addr.arpa udp
GB 172.217.16.234:443 content-autofill.googleapis.com tcp
GB 142.250.179.238:443 youtube-ui.l.google.com udp
GB 142.250.187.206:443 youtube-ui.l.google.com tcp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
GB 142.250.187.206:443 youtube-ui.l.google.com tcp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
GB 172.217.16.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 217.135.221.88.in-addr.arpa udp
GB 142.250.179.238:443 youtube-ui.l.google.com tcp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.179.238:443 youtube-ui.l.google.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 beacons.gvt2.com udp
GB 142.250.187.234:443 content-autofill.googleapis.com tcp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.187.234:443 content-autofill.googleapis.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 142.250.180.14:443 youtube-ui.l.google.com tcp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 clients2.google.com udp
GB 172.217.16.234:443 content-autofill.googleapis.com tcp
GB 142.250.187.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 142.250.180.14:443 youtube-ui.l.google.com udp
GB 142.250.180.14:443 youtube-ui.l.google.com tcp
GB 142.250.180.14:443 youtube-ui.l.google.com tcp
GB 142.250.187.234:443 content-autofill.googleapis.com udp
GB 142.250.200.14:443 clients2.google.com tcp
GB 142.250.200.14:443 clients2.google.com tcp
GB 142.250.200.14:443 clients2.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 35.221.240.157.in-addr.arpa udp
GB 142.250.179.238:443 youtube-ui.l.google.com tcp
GB 142.250.179.238:443 youtube-ui.l.google.com tcp
GB 142.250.200.14:443 clients2.google.com tcp
GB 142.250.200.14:443 clients2.google.com tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 ba867085de8c7cd19b321ab0a8349507
SHA1 e5a0ddcab782c559c39d58f41bf5ad3db3f01118
SHA256 2adaff5e81f0a4a7420d345b06a304aafa84d1afd6bda7aeb6adb95ee07f4e8c
SHA512 b1c02b6e57341143d22336988a15787b7f7590423913fcbc3085c8ae8eb2f673390b0b8e1163878367c8d8d2ee0e7ca8ed1d5a6573f887986f591fcababc2cfe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 bcaf436ee5fed204f08c14d7517436eb
SHA1 637817252f1e2ab00275cd5b5a285a22980295ff
SHA256 de776d807ae7f2e809af69746f85ea99e0771bbdaaed78a764a6035dabe7f120
SHA512 7e6cf2fdffdcf444f6ef4a50a6f9ef1dfb853301467e3f4784c9ee905c3bf159dc3ee9145d77dbf72637d5b99242525eb951b91c020e5f4e5cfcfd965443258c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 7957c66bdba98a350cd77b04b045590a
SHA1 3b6bfb96b57abe1f6fa83bfe75a211cb7ec2f1bd
SHA256 c00f162d6e8de9236ba690d4fb66e0582397bf9d86764460eb96a1164f2d19a4
SHA512 9a7920ab954e5ab5b02679dce5874cac51702f4322c5c2e132119d7315f32b069d5d483bcb28d8a5757713aa2ff0d8eb664bc9461a11cced037ab1a8cf6e757f

\??\pipe\LOCAL\crashpad_4592_NLLJQVVIWOQNMEEY

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 80c7bb6c7c66d8c74158d233ea750f3d
SHA1 3dad895d28ebaceda7e8e89d0b1d1abf6d832006
SHA256 0a26e44ccb60b15cf902b47f17dd632d4e38e1809763d8117e8f684ecf24df64
SHA512 89c47fa226dd0c0b634a643124ebfc67a805353c1d06cb2e363f77845708126753068035a2c381eac372402f4ce76a2b0cd0a4e40bc651178f5f13c10634f1e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c1f02a07118a5c1da02db5a5bf67e3bc
SHA1 0ae458fc9e8a0aea7960a131f98964d781986a9c
SHA256 9d2e07457ef919f74a532f7bb4bae31a2aed62b54716c335a000442c56549c35
SHA512 486537ffafb518aa5967c0e55ee4aa8fa387a1cd1e99925846464163ea1c2ae4f9ac61f303e19bcc46d72a87dca323a880645b97c7fbb2076be9b78069b930f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 27e622bfd8cd8ba5f2c86e441563468f
SHA1 61e923a3470cdc0a68d1507a2a588e7d387403dc
SHA256 2e9052975d7daad124526b30807a16d4c5c8dfe6059ef7747e5cd70a5b11584a
SHA512 43ed6854ea001b9fa6e2557d8fe93147236b4dca16ef6003098603ac683067784d12ae39afb113adb586e5c0964c1b44e1eef536f8df652480a3ff04190d06b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f7676cbbdc02868cd58c065f607144a9
SHA1 01720bdfb3052c13bc245a8acbe3891e7556933b
SHA256 523663f51e432d6cc5c81063107535b6fd429b49a9024b9d7c8f7c3931f8ba7f
SHA512 0a5e03c492940552f006b4670b2bde0f1f2b4c44600d40e028c3f0923784d945408780080932fd8141fc27094f2b295fb562a53fa682e909c059d80d7b28bcd3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6be3e76adec91d8eb001a8934bd06857
SHA1 fb61b254be802ed99ba94287d9d28b8b8dfaa5a2
SHA256 7199be593767a94d512303454728c9daa79ead4c0082c2b8eb5dc2834eb56bc7
SHA512 ac31419f925b4f547309685923b569a4e932d22d7675f00971e3a755607cf414d76beb4803795470d53eebe17c070209d00f319cd521193aea51792e41f28050

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 8a1bd0beb57d1df69a13b4c21b452948
SHA1 009c7af9cb5419e196e4249e80b272d53a9eca8a
SHA256 d8082b2b9265e316efc79cd970e5d2c44d104a5cd15d21164711655244fd18a3
SHA512 d7502fb184870de91affb12c177b16520fabc49da9686dfdbcc85fb20cbc53cbf7c5e5aa6805ec9bd66f38c5120d7360314df7da995ba454d825484aa6f13014

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2f84204d9d1691ea6b51d254c9ef7d13
SHA1 b9fb28e41b8a580ec93c463e2d2b6dcf6d283688
SHA256 b182ba245b20a729ebb1cfe68566a8967835cf789be2caab5bf054063128b5e3
SHA512 74ec097f671448bee71fdc324c3c27df5ba04a52cb25a7dc3da9353f934b721a4c41b5c72285d497284d0ccdd15adadd3a490f53f2c1ed59f51fd996f4cade14

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 740bbfc48b071c5bc5284fb4a7bd56e3
SHA1 662a6d97dcba4890fde3edf79b0af6471c0b6d75
SHA256 6ddc2e9bf140587cf4c3c4855933c474cb15015719e7f1c1d821b9c1b73c2b5d
SHA512 f9ff88159c641ecca58ef1a60498ae6b05f9c3bb0a28444ad4c1c10b14e336f97227b35c57f6dbc08f3790be4e55a5e06954708f5b767f3cebbd97172b2815d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 bc6142469cd7dadf107be9ad87ea4753
SHA1 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c
SHA256 b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557
SHA512 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 585a05bd6b956d68448d7599bedf8092
SHA1 31cfeeb2581e043b3196b0f9caba90f15dfe2a3a
SHA256 ad43ec326264bc0899a9b692a57ddf1bb66eb21e4754eb1008ba72b409b3f494
SHA512 d896fa0c927a93bee995227aed8280ccb41105f2f47b06f5ad9c126d17ffeaad300fddea6af3fbbeb64e8e5d58df8537f918f14b00eff15b0efb1788a59151de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 564f4e31447f8d950a57b20285a7da8e
SHA1 488eedbb61ff56ee7412e2cab5243d4ba148efc0
SHA256 838ecb39912dcda957d8cb2c4f93768a164a898948a3b439b44876874330279c
SHA512 fd00d3703c80ddcebdde87b3c9090f01df5c44c6d608e383cb7cf4f6ea391448c2deb47ef83460193284862e0786b6dfae726065d156bb2697cd03a58af01dff

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\datareporting\glean\pending_pings\2f94f9f8-a5d2-49b6-9f48-4b80a8d6ba37

MD5 5e837c01c067eecabae7368719c5606f
SHA1 9d1e4dc22b106ea9cfd939a5b4bd5311fa47f94c
SHA256 12e1402d5a035fedb924fea1819944ffac697659054ba8f386c22892e2e3653a
SHA512 569be778c5b3a9a71b1f34c2943317d20cb822ad5f128602b389b19bce6f381eacacde34fdfaef30d2cd6897d630ec138c8b9683feb04c1f814a214554e6b853

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\datareporting\glean\pending_pings\505578df-ceaf-4121-be84-af4955649305

MD5 4dd422de6e298c7a28a49b2569c0b9ba
SHA1 1bcd0bd3d256fb3430a0f2c859934c2aa7bb9582
SHA256 3cbf6a33e57f3e8f1775663d780b7bd628447a912e903f8ecd03e0ab779d2dae
SHA512 dde8155d08ee45f86f9eddd2d1d856acdf345705c6e9aa8f24445e2bb0354df8ad62538322e95ca3b44d659cf48af407a9a5ad9d6c2806cb2a4a927bfde7cffe

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\datareporting\glean\db\data.safe.bin

MD5 af3c77c760806bb9bfa7917fda220b3b
SHA1 5334d7d0a5deb5fa722e834614991b0c020c2134
SHA256 af7c3a655a83703639752f6943bb687c60dd04916fdd2972ca23fcefbf693faa
SHA512 4f649c46f11b9f94ba5fdf2fadfddcef90eecb88a8164daf12ac7dd73ffdc46385842ad4b29f3e1c266e94a3f89c83bd0c20f57e214cbe6b8a557753c5df0c31

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\prefs.js

MD5 3f2bc809bdec0897d963c7105d7e6d1f
SHA1 5016600b47afcfea66eb772688d8241099b1d91f
SHA256 019350ae5f6dd5110468c49957ea541acf40a7c4cfe52c7536a07aa85cd17f76
SHA512 36912a1bc9461665bf6b570a11bc0d47e046155e6230f24d4bcb54b7cd7d45bd2cbbfc1bf7aca7fc969c1f1aa87f456131e7865e6f221a748c6747ed9bdd499a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\sessionstore-backups\recovery.jsonlz4

MD5 43cf9200e8dad5a3b5dd5c844aa28b5b
SHA1 c9deeea11e9fcb1290acc0d700e1d18c6eb9f9f7
SHA256 da103a818588ae644661a392dd468a1df6b95faa69f0ca9905435e1257d316d6
SHA512 401cc348966a1bf0fa75786af0d05e8d21fa616f944f8b3f4df7a92484fdd01a0f7b2ea98b0ae673210d0a5a6a3f82d352e7f25706020aac156aea732c4e5bd0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 55db3928652a9d650b45621078be84fb
SHA1 d354bc4e683d7d20f1396e0bee6b5c662831dd4f
SHA256 22f8e3f1d52aca409bc4a66b9d959f5214cd43de67cd806a8d999555fb53aeb5
SHA512 5bd09b0ad85861dbfb3dabf756d689bff115ad08b446feb39fcfdc8e1766c5b4475b957daa3c7aa6d3385ce2f766ffea2d17d9c2a08ac9d75ca836c728b84820

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9ca1b816f66668b095a144ee95d8ed66
SHA1 4a2a088ca4a4d88949bf77e20fbd205ee984df72
SHA256 682db656b59c5717faa5171cddf395fcb95271084ecae0b3ca2c5f2327a3ad51
SHA512 9eab44c4e2f6f8b1a9fda80435042d3f3180f7b4863f96f9115cc68d12f51fa85d478ce842588745f6d5ababf4a1cf5064459686b9c0b6f2f38fee22dee02415

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\prefs.js

MD5 e14df54f2ad3bf610099571cc1e66cf0
SHA1 938c1a9d8176d5915209b17153eb7bda99674159
SHA256 9c729f1d0ba923a5fe7d4e4abe43368933cc1e0ca568c3e4ce2da9264c830b63
SHA512 3753d3cc3e77f9e3294381eb5758debd1181f7a090cdafdc6394c5752fc6e814879960a4c040ede3c55d76e7dbf888e0423e9fbd89a2d3327a006de481f919d8

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\storage\default\https+++www.youtube.com\idb\1444641888yCt7-%iCt7-%r1e8s9p5o.sqlite

MD5 727300e83bcaee565d0e2d2565f15add
SHA1 891290d351a9dd394dd0c47607647430faee5852
SHA256 e7d496e88f896e94aaf02cc29403104c81c920cb43e5db6dd564f81333ef78d7
SHA512 62266aa617e1b7f5f5b3a9b3c66bc8b3b9d7060f24974a471a6cc600818290832a9f0bc4aa46176bbc1a4ef601636b305cda30ce6105cee40642921b0e033cd0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\storage\default\https+++www.youtube.com\cache\morgue\244\{3d674c1d-4b18-4258-9152-e7fe2ab7c5f4}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7be2b814a7c258fc620b96bb2d0a72d9
SHA1 b58531b709afae13b65743199b67e0e1b6b2997a
SHA256 653aeea6c35d514fbd477659064faf3d8c80709d75b22fddba8c71f283f5f443
SHA512 586d21d3025e1e27c4c50e92cb6fa670b50f544465d79ea9279d1db58b13fe3f7c71ab61e4a97ee942feb67acb1e6166d7671de8ca70ab6fee6b46d4082ff81c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 311b856e8a14cbe0e4d1d2a79d1d725e
SHA1 056c40005bdd20c90dbf279b6badb5b92fb7437e
SHA256 2a2f93507042a1f678f405c2490a43f662df0b99b8cce249ef9af388d94ba96b
SHA512 de3e3b84d985fbcd69697aa109775aaea1003e4f8a2f022e0ceb6f2b5604bb78e33a28257785d85029b0abd7ba5a1f12ef8c88b78226a8d6ac41e281f292ec5e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 b0ba6f0eee8f998b4d78bc4934f5fd17
SHA1 589653d624de363d3e8869c169441b143c1f39ad
SHA256 4b5ee509e727accbd11493dda2c1d512e7dbfaff66c4f5f7ea9c2d2ccd06151f
SHA512 e9a165da246c6b80fc38431538203cf03f95794184ff63f00c9500f8919a2028b803f64b670e685185eed72df0509e3185c9b434fdbf2bc7af36021d46bd08d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 f900acdff8ff4902779b6aa5fe8e1255
SHA1 dff6d34d1ff62da793fc64efe4d6ce69694d1fee
SHA256 5db080996d9db12bb0b75f9e06418287e1eef408368dc6ad748a838f0091690b
SHA512 1360293daeb3cac3f85e3709bff298e1e5f0583489acd0aaae10a941b78983e058ac228b6d75cfbd5125d8c12eeb8d8bdf09f85ead3787baff522e4383d69e4c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 58abb3d394cde5ce2e5ccf38fe91d5c6
SHA1 a4cf69466b156e65de8a3a67396cddf493204fb1
SHA256 8464f836f1bf72b659d05ac3d8742c7bd2125c6c5612221e40d41dc4b74095de
SHA512 b7ec1ef9b7317d0844b9939eb75cdec13f638e3e4e6f80dc03abd9e0b853836728fe33b85cec34cffda365484768a83508d90478024f9b985f9034161a956fd8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2ef80d91bd8233c692d6336a85778257
SHA1 5fa5be7d7da1089d6dd7bf4f708d5e89e418068b
SHA256 8ba1edfcf3b57aa38bfa7fdf42a1962bcae55eb4c79922f19b79b328a4858e22
SHA512 4612f392e465b96b501d52095aaa5e4cac9e59aa3da3ecda502bb129f7a9be8ddd25b84f1297edff809d57c6a6d6d4a21676b76eb314ff1a98beb6ff00f2aec2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

MD5 7a204d478c8dfe822bf86f9103bbd9b3
SHA1 7114b36ea1588d9372d730b2ee5dec7a3aee36d1
SHA256 d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb
SHA512 f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

MD5 946d5825a6f8b9ca2ff40476b1f57111
SHA1 ce5076d7e3ae393de12b389efd52b36dda0cf752
SHA256 68ad42d53d8f31e9da15b9f76b216745ad5850ea14fe35f692fc0d7dd0d0fd45
SHA512 947723466296a005b9b2ad13c011a2863732eb7aa0f9551f01b0b85cfc97e3d3311ab83c307c7ee3646f8e65ec2663fc476f549e46e5a6f766d734bdf5868c89

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 b6d17d698aacbdd445d77549a8362379
SHA1 e0cbe3fb323469f939328b1a49e8c83b9be7d9a3
SHA256 77930c34f2067c1113d49d003ca73c4f7b3ff56fecd7fd1a1c67d822bef2cace
SHA512 70dee44901471332731dff7d3475fd0821125bb980e2541e923992a5fd0f2c042a7ea48466ca540905a7902158c3159bd7df0f45322001f99b52559fd387bd43

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 5785e1f5903e9e13f36007a96d8386be
SHA1 0f251706691964b6b792c13234b90b3ad543735c
SHA256 009329b87858d9054bc3ec5606a271d0bb75711a7e080a1c0c9c8a6dc603d64c
SHA512 a9395b6122fdb12a111f46ac9cbcc62d8d8163d9abdfeab60278bc4d9dbc168e7b20d211d3761f2849bbe228ee53fa444224b6d94e076aebdf512ea7fdac957c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

MD5 d1a0d8504b6a46215e2a4cf521ddb7b5
SHA1 3d6e16808a1e17ccdaca99f37ed30468391c62e0
SHA256 cb357178d5e09917800b0669d958b5517c4f8b322c01f2adeca3ea7fa4e707c1
SHA512 2ee68d71b04a78e1bc353f66daaeac1ab9f2e1119d7b6974571f8ef1a7a20fc1ea3903f3d90f3feffe7d820339abed4a26cabb230ddba3baa415309daad2d570

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

MD5 ef11ead07b2e00d9328f5a303f3beaef
SHA1 740e3b351fbbfb208f330579d4b61a6cdff065a2
SHA256 d17d048e7c7e0d4bc2a133e8654dddc861d822293267c687017c7c003e964ec0
SHA512 792f40ea2e814d20f607189674adbc94b359a5264c1a21c903cb4bde58396dae9900ec29bfe6b59923502b323d891f18401ea568addbc1162539af42ebad6c4b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

MD5 48a1f77ccf0f523f5c2864f20fc9c4e6
SHA1 a97d896b97804750932a9e8444f7a65cfbb295a2
SHA256 0097fe392f2479647d8c9f3840c7ac49f8296b1908bf0e99722a86f223037ed8
SHA512 e89189bc54043bb14f6535b55ba9aec1f27cc36defeaa5274e5f22acc50854bd9b34073a41649a4cbd66abf456bca5b1a695354bc4de3569c9bba9a494e05098

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 b411e7fe5b20eb58689e9b36cf05a283
SHA1 9c4c072e0970ae88687f7df5eab633168a81f1a8
SHA256 8f47ce9571bbcc0ffac3a50cc2170739e0d241429d82a9f08c08c8e947fa7bd4
SHA512 c6d161190643617c2af0c0cbf203897956dcef6d3d921d59632afd0440e6c00f29c6940621bca093765d32d2cad361bd09877f03f4a400bee69295224c5c8248

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

MD5 5f5efdd040f2922daca602ce7b40d81b
SHA1 046975b03c432c1c82ad08e11ba0f62bb02c30b3
SHA256 cc31388d7013dc8778c15d6acf297704502252661efecd4e55bea7dbc2be1a16
SHA512 fd371cc68a32eeed0696a41dc3c451a3d58054199c14a627547b8707b5d1b572024dd52d843a4cf8ff01776caf9010ad3db60e78ce74c2bf4e8564e6bd605c8b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

MD5 63920b301a0969e4feb6ac870f99fa29
SHA1 738393a169fb989bc0cdd099172fb0a0b21b84b6
SHA256 314d4f341916761723de6ee5d83f2c8fc85fc00a484b0366e907f77367fa88f2
SHA512 ffd6daa1139424d20dce7bf3eff347361663ad63b91b7a547d7d0f1c8504d62ca2569543eab107ff177227d8dafc1b77d6f7fd6dab8e73d01ac6dd6c46764cb7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

MD5 c53fa95f889faa800d7a4648eaba5531
SHA1 657471773e08d46c6d1bf37085e8ed6a3ef036ff
SHA256 2c16279241a435edbd767f49f828f040d18f40ffd679d363c40fa81021821b13
SHA512 47080d1f950ee79798c77b0d97eb366e576f5c7affc7e9b878396fcb878cb81e6a95936a28351ea006b4416eebec64256a551131b56c4ffc6303a83c83bc2176

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

MD5 affec767dba2aa75c27c88b160ee60f0
SHA1 2a79d4b0e6e498a70dfc387509d95c0c85b27ce5
SHA256 a4c75677d61c01d1828e3656c392aeac8817144f40abff788535816bbeea8e58
SHA512 2749540e34e07823c8c6c44407d939d80e092f8d914e5d79ebe122de7d851f1b0eb7f3589b3e91083a1ebf316898b0a691ac752472807c9f2d8bb6ce5089f19f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

MD5 8b4e81a4567d0cd25527dbf0df606baa
SHA1 012205594ef41525f128c15329eae2a1fb157df1
SHA256 ba6a68bcedb0d03473013084d7c70aad7c21011393331f98c18e8784c990bcdc
SHA512 3705093cb08cb0344727fb26c7e144c8e6bffd46f983917506a2c0fd7597180b10984640963ed261206d22459fd114e9cb13cdc79de8b5da687b8074772766d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

MD5 d4bc4397cc408d1553dd47cbbec23b9f
SHA1 622e33f46ff1688ae0fcf7602ad89a5f5e69c8f0
SHA256 6ab0083bedeeec578fb35e21560d2b9bb110f28ae6b32cb8c79dc7a1d6d9cc31
SHA512 672eeb002ab524be8c06e7c48857fbefa8d950f3e13f8b93e137da6d0c07d80df6f9bc308015755f3764f93d71d2587f678ba1e9766e2626b6018c9f027942fc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

MD5 e4fc8b808bd6d5e565be37fd6b8bdd8c
SHA1 c1d06efbfc693f96145adbf41a2c3fef562dc53d
SHA256 7519adc2019a25dff7422e10da7ae39050513eea336252353d0729c78b0ee398
SHA512 73499f9db366db4226fa90ae11902b9cea21da7253cc366bf4811fa628e620608150f3f8a02bd3bbd79b48d93ab63862ad8993eeabcfef270a733528a7fdae6c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

MD5 8e8f081d5358c4a2e4dca2752d1d76c2
SHA1 2aa7eab947444f2ba3eb968995a562c7c322f27e
SHA256 d43764d48c8444d97e80fcdbd8edcbc8785acb24f1b9b6fc61fced177d120fd9
SHA512 4925a5ec3157009857fe92a52ee305c395169f613e8f893d1459dd79ac5b56b8b88307aa0be5be47f3ddf739e6e281b3542c52a45428f2b33b1401071e1c65a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

MD5 e684bcd79ef03b90019568b29e05a52d
SHA1 ee3e739e4e64b44fb089c48c16e010833cf7678c
SHA256 37d1d4cd91d4e20d4f20e3548e220d138659711ff11f51dc3d7064851151ec1e
SHA512 00c6170c1f9f423ed56dbe5c0ad342040771c066b37196b5e04355678d6b72f924fad9c0d7932cc9c9050157809b12c406024d728de259aa9b52b4105337a674

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57a9bd.TMP

MD5 9cc62637a47c456079bba74eb5f56fba
SHA1 865b17f0312ca4441fefaccfda231e4b9fd57a2a
SHA256 43f45c50e98e07e36361b5f59c6a7d1982e9b5f62c60eeed1a76cc92412b5a76
SHA512 15cc24614c5a068badf7714189b38d49ee402d1bc32164d5a33d2009367e07a795891835cef9834e98b7736d32ca3652841699e0595abc413c6fe8b0a4d82c46

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 d1f68cbb8f9adde692e4b333676fe7ea
SHA1 ca63406df25062e35cb637fa1228d44bf14666e2
SHA256 3192c0fa1973d537f40af6f03abb3cf31bc1e391ff3a547896bbef71ee44bd4c
SHA512 d9854837cecbe801f81cc040350e33ddfdf50fe0585d10372eefc0863922d3ee22fb12944509cd4f14640833da996bf4a06a2aa7d19cfdfe10997459fe858a15

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ee0a0be51f5503318e9d31d1ce91e087
SHA1 5e369dc6563b7b19bea8dfeda43af7a448a0309e
SHA256 5a30a225af988402404efa485f87a7233d2fc7b26d4bee4a3009df24bdea3358
SHA512 ab7a25daf6f270a56255c50e800e5c105e941966671e2e79cb883f2da6c96aaecb2ee649b2913e17e950fbe91ca8f8a7342b2ef32193bcde1c4901055f738ad7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\sessionstore-backups\recovery.jsonlz4

MD5 becdebd1e28aaa29074f6d19962c2ed5
SHA1 29ea074ee5d69e90e8dfeef7b163ec39a9a99724
SHA256 347e44ab72dcdbdfbe15fc4d8a9b9c0310c7f80c96392e20b0437f0e664d6907
SHA512 fb3531282830a2aed553867ffce84396fb6fc0cc7938d79ecf22aceb183bf912dfb5cb4d2f3ba0390f6e36b9e3b56b0047a8e036cecd0fa0f70f584cca2a7176

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

MD5 7ebc1ac326009bad5ac7a9b1bf15f12f
SHA1 2119178fd3d6647d72a3cffc850337f44087d6b1
SHA256 5152f7cf2d1df2a0f20acfacdc1b83bab1cc9182a050611b71e6dba55f02654c
SHA512 165d44a568a0b5ae6b90253876f1101200398795e5de976813ad78516ced965c819cd683fa5f7d70f1213a9ab57398ec5411d619650813c1fa4090fe6796032c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

MD5 d8397099c66f134ec6fac2f8e9280ec3
SHA1 c019499dbb2e11e71526ab59dc72360ebd592a38
SHA256 0695825471e6f7d24350d4776c0144a8b21640fabbf0919bec0ff43e40b7859a
SHA512 e2b64ad92e33e2cc924e1e678b9a48839a237acd27bd75aae34aa1f4b7a727a08f3b278610260ce091bc201fb1ad2153d61ecf0f036aa2260d161e40e38614e7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

MD5 40565ae77bdd56c5065c3040f299cbd3
SHA1 326505677956a0caa2d8c422b300e510a0c44099
SHA256 a366a1cec37da47e00204083349df8c8ab365b666391bad9298ffeb692539ad7
SHA512 630930aff08acd9b76e3267597fbcd35cc74f4faf0180d8b164896b8ea0fa487f92cd054f0ba3382dfcfafd8a29d7b202ba4c291c6be3f2900cc4f64963d62c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8cfe0503bd25a8628c3d0a861058dca5
SHA1 3c83097f567caa9545b2863b9fa38e3be87f26c9
SHA256 da1e607f374b8641192971fa62851b3f44e2290dc2bc7e555c265dd0ec34111d
SHA512 e4d113f76d401acfaf3a7c3c9543eeeeab87e575bfc5ca0c15d06b9509733d6ee437cc5b313c934f9f7ef19cb66893b127f33db354a06d3bf9a3b8a82994c6e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3afe91960650d83afc3a9183f9e4207e
SHA1 6ce5ff0407f3390f30422c1aacfa3ff5729cd3ad
SHA256 80a6e4ff8030e4d15807e1d84a933ab9e3d84fb83d76e1c7f91d2d31ee5e2eb2
SHA512 2cacf9722c2cf3caee9a3a117e71e526422aef4202182001008d1d26d2ed8f792e9e77112f9826d3759a235dec0ada9a9cf54d1d888eb28e0b3e58205c1226ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57b3df.TMP

MD5 05b295476ef8139f566b344464879e81
SHA1 4ff93e6916de85bbcd9d1c5fa0eb324a6389e299
SHA256 bf980b4f879fbe1066de887641251978214ad9f90a2b7b54d757c861e4373dce
SHA512 10e2520e2c345e5e7f235992078f3653e0fbd650533b83b471462bbdb6e674db173b156d5c3c64debde2d063f5ec8319e62e24ec87d4c6cd40ac6908d822656d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5b1ea51782680e06f95f16bc55edce2e
SHA1 3b67d5eff69ed0ff1467fced2349c5d3ea20e451
SHA256 dbc0ffe1a05fb9af147c72ec67c505d9086a351f8b29a711d7d0e3a2ef4a1f6e
SHA512 0c3a1eefa3b0fc8217ca59325ac371facc245bf6e694e635cba740f0a97bb335f99d6e366c5bc061c973f25ac9cba77730421d921dacacba524cd9d7a6d90ecc

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\prefs-1.js

MD5 73025923c93466d920b3f89153ab597e
SHA1 9ae06828b3f93f8ae7a37b7eef64fce67b8871c8
SHA256 ebcc5133bc74e1c30ff1371e2de156cd22b9e0acb7d69e97ffad7c71790c359f
SHA512 d67c90932bc3e03de4337abcb040ae41fccca0a6076fa7ead21ebba73f245deb6fcd83df00677ece9edba0b62a3597b87706699922bad096d594a18a29e1b9bb

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 3700f626487415c96012aef605746089
SHA1 a68fa745dfb7291f89f35e23d560e558796dcf1f
SHA256 52c5baa9dca34b4f716790ecb9bc20e21a10023a04f04dead3cef62af575e627
SHA512 2689899999ce4ae6f37a2ce999f12afed49ee5fb2c223506aabbdd162a53d848bc3f0b2ceed67dbda5bbfc5fdd67eb73c7e8dd6c6b139994542a9465c70777ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 d873dc62849016cbcb87c0ef4ce2f460
SHA1 1fc3266c2b01a6ea9ad96b1426b8df4b7965da54
SHA256 ac5703bb4b9fb1c8b54640f4bf24c7ac82c1d9ff9f286e403846eff73607c745
SHA512 f3558b784c62567cdeaa9365ca3f2c5c42d95c41dc2026c31cb35e5c1a074bd0d13ab3589335d56e5cc656cd2e530f48b13efdae0aa1b715fd5df70763e090f0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 47c2995c09a2ea4c32689d15cd5c9a87
SHA1 2a496b87d8331a1a7b2abc5afcb664184d45cd66
SHA256 1a5b676527011741b887d59b8dbb82d4138670760810cd13eb9d0e3385de8ec0
SHA512 620774a4aae29ec77d4e07132ce2a48517905e39bc512aec3e2e2a92578b2355847adb1398ef8e99ec7b0d01eb3d3209b1583037af8de1ef73d64798366d3318

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a03ea698-1c33-49de-ac57-793d9612ea4d\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 da19f763d0cc5e10c44cba67a725e951
SHA1 4f5eec0fc52635f57aaa75ae30f0e67c59537a30
SHA256 daa5316821ece9d643c6072aad924132316b21d3ff509f28ababd38e9da040a4
SHA512 dddb8f2775e0976c2185e0f13351de0e17a1c3ee1d0f04c126398727c987a890e691e5a8e047379d3e1b5989dbb373301b36c605b3cbdf4c522cb6b9cf26a31e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 192176d9b77ee49fd9e4aae5fb8b18f0
SHA1 2a54dba320abe34d3eaf9aecfcd7ed6957f2f0a3
SHA256 12a31cb39e0700155c61f4e5e6d08d46721016205b83022826e1823ac3e21fb2
SHA512 120c784cf559ef4920b8380f708acce751e62972f6f14af355745c8c28ba43ba502776e5a58d075eebe2992276010f846cb07ce5740112a7edbca016233ab740

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 ede93d573a1ae4b3d1481753437068b2
SHA1 645c6c94e8b99e97f8b58d06d51704656768bdbb
SHA256 c56765a8b9daf8a1d1bb48f6e84a8911fc4347b2ee5e451c7d47cb3cc983a647
SHA512 3deaed84a34955345abaad46c1bf76b4e61fa06d580ea1c9a9a3b75fdf760a580776edffc34c2773488eaeaddb17f01870127ac433ce700394e6de78ccaec7b3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

MD5 81ac05c6d01d84d913a56c11909cdc7d
SHA1 55f6bd5429c5a35ed53caae2cd50d856edcb7883
SHA256 b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5
SHA512 0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 f251744d3394e379f870a926549bed15
SHA1 edda59004a828848d42c1682811a90c44d1fa5e4
SHA256 f50d8f7dea72e21fdcb3df887955fcc71099b6806277f4a78bf9571092913a0f
SHA512 d56c9d5f2ea57ecaa5e2ac466e1714b11cdf5870d0561c5c74d4649c36d62e525f8091762b939993ef848c96be9e74f9cb53b672114f5a941762a6921044e84a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old~RFe57d83f.TMP

MD5 7f02ea1b4a4e479ef73df0f34ce7f94e
SHA1 5d84743c3f1f044992e68f4467d57e9c078593dc
SHA256 9c283f50631fc1ae204f02ec86d01ce87771dd8db82b19bff5fbd7d6756d2824
SHA512 157529cd34869e4c5b804c8e2757ec11060306b809163db8c73543b5d2db595be00f91491ce7750b1a13bede28ba141b7cf13e2c6a8c98221ce15ea9fa49bb1f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5d5ae084d1dd272918fd696b5642f403
SHA1 01f94a7d3bafb85472edc0aa15c131ef6d41e5fb
SHA256 5cb535c1c92408c1192d2aabd7877dd53820a76874d6482979ebcef62fb1489c
SHA512 a1239b3674cac02fae5c06f6d3acf8e9db9b3603f1c0efa3c17f80ba26b36d36d0206fdbbf5c9f5a35fb367f3cb7c453e75b86f0b3f6f1babefa581fe55dec47

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\prefs-1.js

MD5 571c9b9982b97524832f588a293d2531
SHA1 fb77c18c59f266c568603fb42cfccd4a2eee546c
SHA256 9dee090826e77f189c3db66678e92aba810080b441953574034fa0da0f842dab
SHA512 b2a0f3edfb488015c68ed450de299855fe2322ebfcbc33d1de1942dd11b24a88268627a32adad95240423a7f91bca7140eb3d0467802661f58f52ca8b1e4bc0b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3b18fb0ee02024cde9acce3629d32e22
SHA1 7eda5f3e47cfab0ae64c4fd097948e5a0c3946a9
SHA256 0e6a9587bbf246c3b6eae345a2a94d73ff981540b240efde7033a44f116f9266
SHA512 9532eff46c6408c8fffbd87298686d52383a9f2f69c06a5456d6e070c9dd8e684aa778781401383f4520620a93f327dc983f1b10c94b3e371674461259be5b5d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 dee8c1c956c814a36a20b5babbff1c5e
SHA1 ec1ec9618e66e2c3da40e763528f70732e9aa7d1
SHA256 fb49bc1afd6c6ea4ece2648d91b61ff8f868bb2b80142d67143ee8c7ea89a1fe
SHA512 8120b27940852a1915193681d8ff7b802ae22d8f3dccd5516f37bdad5cbb324225033a25981f826db6f498091d9da04a9f547b50628bde5acaf82b9f272c82dd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57fa7d.TMP

MD5 8f2c21f2830feeb0604ebfdbb1bc4485
SHA1 68d7f0ef87bb3bcb11531085cee076469f9aeb12
SHA256 eb35015aecb37e64e5d3cc1fe4ae271da77c5f7ab9f1d7dca264255a89922371
SHA512 d2d5cd540637423198db02978d3437494b91b33ef76ae6c05aef55892b9ea322fc707a878080c12a4bb2b2b599eea9d4525f772c77ae38561822044a043204f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 1e6b0b4a32863bd89bf70138700f1539
SHA1 b83807c1f24d853eed7ab20fa0bc8912c85d4812
SHA256 e7b7ca6a1bc9bda7c4e357e53d1bc760c3b7ebac5c3978838391a8a724125084
SHA512 f79c3e518202549f9d2207127bc4294b066f7d647e780ded1dd50c9e09b9e9fd11e6241e67c3b5d815818ccb7f8d2c408bb1455b1ec209611c6d5fe56ada6786

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 f53ba58e1f8a7f7116d9eadb8f5005bb
SHA1 3e78b5aa04f88986560cf2e5c6841d39ccb05ea1
SHA256 3404a0b68c6cea88b9939d7eda455b15ea85a759359356c8ed4e655614540d83
SHA512 58ce3af17b1ea34db51f53f9d32e23101ebcd35d7d4be8d8087229e8908c662721726e78b5eccdd3ca3c5c0635dcad7e8cfa4565b78a3616db65bb1ba20755ba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 02774aa0bd85c106ee5401715c374c5a
SHA1 980bc3973dcb9b4db17355a4da1712dd6d22fa5f
SHA256 b83c75c2c36796c14a67f42cc33079d3a7f149b303ec8a75adf54db8e57b03f4
SHA512 ed81da0aa60b135c942905d3fc12f2d05ce096246b0b2983ff7d4615dc6d68f6d45aa6e529282039e9e087ad74ac3b26273f7037a51785958966677bddf7df74

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 937e123ecba9e9b5172e6d9630373dfd
SHA1 d14b2d7507bfaf76dff921adb5acdc97a9d83c60
SHA256 55c70dd592ca7670cede56f41cc51130c48d85bdd8cf09ea5ace22e46e78c1bb
SHA512 79e0410cf08f778c84dffd4db86d7dcca60e154fa99bb7eb9d19b2227f8d42350915d922d221f51b6ead3706822fbb07bb3e8f4b278c35f39eae956c40842752

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f6f19cd3909cd08fdb3acee08b82b1c5
SHA1 0839d29a89d17e2b476a58a8201582d850a2385b
SHA256 ddd5ca9a1007a8024c8a03e64de7bfee9746987e8516a4b20f755fa79f5800e1
SHA512 090cd16e305bd1beb418239f1b4404535890ecd0175e65aff99f00fb33dd1aba51eec66f525cee6a11047ceb6b3b7432ee47dfb4a17c253ef342177df83def9a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 3b40598a735a304a93194868c712d563
SHA1 6ccfd7117bf97966c78900872119f749873e5347
SHA256 e8b23f654dc1dc41d425a7ba52885933403e1ee55867aa52f18b641e93a8cdd6
SHA512 4e159ca9cfb5ebe7af0e847923f82d4219a467121cb51be9a0f0f6a2345067e234df5ef51206e71c80e5727333a5917e0aa1ca2fbd7ba72f280b69fdb9acb3df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036

MD5 4e08eee044c91ace0ad7a46cd9542a0a
SHA1 b542dc6b9818c8c1e07563d3656389c67b3ed5f7
SHA256 e5602fcd6ae093bef4648c93d192f79d4d6849d783096aecfdd2f53e3ad85982
SHA512 72851bad9b83bfff6a47141bd5ad47bf1a2fffc7c8c62e611606b06208f5daa3c52ff49f60945ae58884e22476069b99c7a7f44f1ea8d624cf2ad4f4227d3b59

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 bd1a517cfd34f7c893e04d369f033888
SHA1 fee0b35e80e49676d3bfddff64980e8ef758c347
SHA256 cb96158d499ba8fda77b789277ba3ece2dbe5d2211836c9c74caf44a748a4177
SHA512 7dcb81b8a2606280219949fa832b6fa82315fd9f5dfb0e30be050657fc4792240fd078ff8675d107a209932f8b9bf8e794fb44ba3ea14ae1031c9ce5080850d4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe582333.TMP

MD5 c480218fc9e1fa12abbe417869c78d48
SHA1 23c928285fa583c760654c897ca9733fc3f93747
SHA256 0340313aad2e4510afbf36b285082e6e5caf7c7ffec8fcf784305871cb7a4790
SHA512 9028fe069d7f77651cc11d84c1619c4e8b5e9cc9e6436c5c1a277c9b2f0b8a2a16d04a5052e86417726009a2f3f5acd41794b141ff3dabad22988fb4fbd66132

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 9be568801737e551e9fc2f391623fd52
SHA1 95de8db9f3434479c7fe6f00bc3cd83f37643bbb
SHA256 0064a6fbdb475b6cb07ee78523d9bd2865d0dd1d7eb1c5ac71638bc9b3f2b163
SHA512 72752371d847eced2003e938f68bc45cbc468682e03d0a771f17fef88d2ee951f824e92c67b9ee9eac82228e1c2047e7e4c5c48a937a35ca769f5bb26091fbff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 10bdac19835422a57f007b277e6bd41f
SHA1 1bd2b94856eb0bbcabde0330bbc81716a7b93d11
SHA256 aad84034583371d992e91a0840c5835400f0e4673b4dc6ae82a21dc2aaa188e4
SHA512 5cd899b8ee6960736ae1f9d2a2074f638349cc991730a6d51693bcdccbc7d8ef9393c60a41ab663b4ac38f0b61d202a20dcbd5e1fce983507868768e9b912aa9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037

MD5 aac9daa9fbd0a896f415cb631da7f954
SHA1 94e7321a4d9cb4f42d662f5685a36920807c8c38
SHA256 c9da818db49a51bb93b938ccaf2941b1b3df40f0d1a8e8710cd14284b5c01715
SHA512 2dae89fdacc8c85ec21603c7ebe3b4f0d8362ea3678670c079745bde82737757c110f5d66ffe53559a8331a49a809005813e12b830941f0f72707ed43ebcc4b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038

MD5 27a05b77e7bba6c2b279f1a67cd6acef
SHA1 3164de3d460475f745bba673aecd9f7d799d7509
SHA256 71aca97ad43f1a016bcc6a04f90587cba90db71a03358130d686acf042e00f83
SHA512 5cdf58d637dc70be10b36d7ca7230404ca4cd58af53028183cfc28335dd8d3ccb24f0653c0844acf67deb18f8b529dfa83ecb2af34dc1129662dbdf20c0bba06

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 6bcb8c2cfb89114d3dbf98dafea81b14
SHA1 cd42bfc917f31cb58105b16b5b74ca106393e40a
SHA256 de61c923d017440133f295b8bc32f292c5999e8f19ad73d90c101219def896b2
SHA512 b8c7b24583792d54c34037eb2527ad00dc4a2dd5cbfe2294eb75beb62a0a6c82225be267b19b6e6001a27ea3d7d51e30944f6367d8528d532b50cf4f4acaac1b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9a97cbf7be68cfe18ad9213af5624d4d
SHA1 e4b50ddb68b390beb8815db85cbb8b5a590fa398
SHA256 7f7a181be56bc26522647605391ca257841c253c19cf6344675fa01734eb57e1
SHA512 e7beaac3282a928178f29231e8ff401c0c9d1f6e3da8d303690d10881e0f5bba0b66477bea4c1e80a44b2d3070fe07d58d0b349985894099f4162ae65b9346ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f4cea179c742afc40a91e039ef09be3c
SHA1 cd02853c3e3b16ccfb850068dcae14342792b4df
SHA256 3a4697a7fee08fbf734c29410052edb726d94c955e0e5e0451ea1fdd63ea9202
SHA512 769325ed039ef10924c25306a1f2fce3b8f2b07f1b151d91b428ebecdba34282506db249cece0767c57b57d5ee8e2165333ef3bccb8bab7ff898c927c8e42cf1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b14ecdab8f62e3b6646bc0a7805be7a3
SHA1 317963e1c957472f3350a391b553ae96e26f3309
SHA256 70cf45a7edf67161f23572a5faef83392adaed630338b1a085fdadc656413889
SHA512 ea3a8c07735dd71c5530fbd4bc7001aae6088646b3011742001209744895f0d5cffeb74971568d15507c2099bdcf313cd1a23684fa195b277f2d056d4e57a0c2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 be872a6b337a565bec5678b2dbe3240a
SHA1 d1cade488906f91364a339e40d75469645a1e179
SHA256 231e37d5e85c67a421c326f555f2da285e64685b8bd0282b428f640b02dddd30
SHA512 7c755c98945fbf19965ecce68bd8456b5d44f2672a004645ff5678200085043dbf6dc190f11894d0ac8811839924372efa45335d70a8907404b956c5c5d387bd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 96c2a567f298ffb0bccbcaf913c7496f
SHA1 d7d981cd97abb4f650003f8dd78ebdafac9996dd
SHA256 0e2d836f69f727f2705390bf6037bbed51775bf77351f1e75da6ae33e02f5168
SHA512 a143f850153ca729ce14cc582a3c841e0d22ea0820323c2dfa448977188c26709b43308985956a74f2c27edc2ff81f6fd25c08dae41018c2049a868b04bc3a71

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 84fb6cf4cf95500dcaaf8f188166ff81
SHA1 5c68f08e9f595f60f9835e7c5ef0c5d0fd497236
SHA256 e7684418d17e3450fcf880ea253d75dae193c015f714948d4b24410fbd2dbb93
SHA512 4fa04a1d77fdcb347f024ee9fc2ca55aacf09fa291b28ab7a5f5b0f8ae39acc0677e472fa8b1f64d3066b3451bbd1e25f02d9dfa51d5099a850af0b1db6cb29f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 183d8df28b084bdeabb0d92165987231
SHA1 89e1996d0ba9e11c70fcf836519ba07562905530
SHA256 3040a7f93c7cfc4efb3a78e5f93369c3bdb0bded8da35278aaa32bec459bf14a
SHA512 791129bd9b6226247820c1195614c8b8cae3059076cead90b42286f5ca7df45f4a5b0f12ebfc60c7a476f4470933904b38497eaff760d8635d9f97550aa56679

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 549da2b5793c4a701a0d042e3f061d53
SHA1 36d952a380fb03786f29ab0d3566bd300d16deab
SHA256 87f47e5c916b89e167bbe91afe8e1bef011ee2ad2bd779e4d1ab1c53564dce9c
SHA512 0e84ed9d17964fa878a58b7c18d4bb62b1ac019d4e92ed8c9b4488a118558e15d2d078f0e6681e22ec11234b7c82b2eea461ed1e8d79015b902189fbe73ad96e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 5ef0f6b28fda1f8299a0ce877491aadd
SHA1 20e1d0252e34f59c1bb8d4c7a60d197f7cbeeaab
SHA256 318bd2fc2d89d29ed97a4998e281f3fa317469c42b238f9141c707f2d81e6178
SHA512 4fd656989a6bc524ad20fd2b5764bd64c68e334395cd3dd72ef79d8764e5b3dbe3998862e752064cb5eb1b2c4d0c51da9a1d66bdfbfb03cb0e4e9bf49ddf40d4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 2b68e1da60f34512e7904a067d705fa0
SHA1 0f17d9cf1f5a1e5ec5ea96f8e78db62b52f10f5c
SHA256 cafbb45631e38b4f672243419307c0baa243f4cb3ed956075b48ecfc0168800e
SHA512 804e23ebbc715c186aa22e9b70bc3430307ee615acfc2883f4f4c3fd0d1a152d55e07ea7f1a18212373a199ab806f8d3cc71881a4ccc63b6099de18cb0dbb3c2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 3a0bb0bf2cb2cf094b9f83d3a6ed862e
SHA1 be709ffa395783851ba34e908fa9e7f8123959bf
SHA256 091bf962ce28195b4b89223b7854aed77aec1fa66a1d257a453a305002239a15
SHA512 f5f5cb3bcee104ea7f8447c79e4734a2fccf5b780ffd134d3e333945ceea7897ce213e7ba2629be7b8eeaa7f88d069bba0e481c7c33a74ee57a485de679be0ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 8b6c3f2a57276d42fa055bffbea8225e
SHA1 66ff4fbe2e149e75e7980db7b59bb065a8b528b9
SHA256 d66115b71e40734669aae2e487a743abff72ebca5c4ca08059bf09a4ecd6a722
SHA512 83b696239cfe99bc0fe4e4af86cda31db9847c0925278fb4e1a310695ba7c0606b1c69431f42115b6a6f8112464b5c084e926b3b98a6a56ccc21d8dd17b5bb19

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG

MD5 64d7e5215a8132a69efe9984393fe05a
SHA1 4e65f38ffd5129c85a3198f315a4322fc6887f4a
SHA256 4c51af50065367f6eaa21158b93a0dfb9a3d97eb779510d8001899305226bf54
SHA512 2b5c14c1c1f5dc9df8c4ea7e24a7427e3e03989ba110c1d66661e4a2c4e435522d0e8faa5f4f99beb7058a4c8003dccdad025846414251573f6e1f36dae9839e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 d9d596bd778c6192ef478cc43f4f409d
SHA1 a9c2ff803fb75b666b29d63e672fdcef31e24134
SHA256 05b1a822ef5b9512fb0eddc8d74da75f9c94620b1339dd4dc82ade6d998af842
SHA512 570e60cef8d0f72cb957ca711fd959f649f767e7d7394c2b4ac452c6deb16c3989bee86e2a2ad55cd233f250514a0690255d1303836d06eb93d05b2ae52f706d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 4de6ce1cf94eb946fc2d6ddca37938bd
SHA1 7d164e252d8d4e8e3a183d09e9d3819c72f43559
SHA256 27d5f643c7d0c751bdb9756e9fc32d550fcd946b0c66ac01394bc3d4bfd4bf88
SHA512 c82b71242ab9ab617535f86c365ec298269213f5c9322dacc579900c0b63b28109b648181dda107ec9e1063e8d212c414b460899a8a68d5ff096ab0775c16d31

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 a5a5f4eb77d0f3eed8a4cfd3c863292d
SHA1 f18de850ebfc7b27b9587b3612815f9e016b28be
SHA256 57adfb7bc131165f950738ef0a7dab50eed5cb9061cb3a87a8caeb32e3b115a6
SHA512 e42774bf895a5af642b0ca8524ffc337a19c7019e2d7ab71b3b1f3f395e3cd81017174df5b5fadad4dcb63b4301b84780be4117fbe0d4b8efefc34491d3051d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 9063cd5599deda36d45b5a1063a75e18
SHA1 439230d39401a12f67f1331ee9032bc185ab055c
SHA256 e0ad1020aea2b7a777ba9527f5431f0ce045608a113520d8eb4c564fe8eb347e
SHA512 703d29de4be7d981a9d902cc6d7022ce96d3c5b264c3888d1f0f65d3277dcad5576d4ef67ec7a7873c519974f9c275888970b7cfd59ec4987fd20093b48745db

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4b6fe53f76027cf6606d4a9a3ff17610
SHA1 9a9a1d217d327593b0e68570c799c19d2b7c2eb5
SHA256 37c34593e551c1e21a802cafbbc5d160fe8c71a2e81bd7d3933b95b403a51a4a
SHA512 1e6cded966c97387c691ae6a01bbabe87f6e183ae2cd4a7a1ceada9cee1c08add51628618d82cbae54647bf2b08ba56e05056543f9ce7fd923da0e1fb9d7fa72

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 3d4e09d84fee5edeb3523e922d1409b8
SHA1 db1036f31832751c4277ad178e73a21ae1fa7218
SHA256 9f405d40bd840faeb8a1efad37a3dd338575ad8c3760508918ce4ebe23d5dea6
SHA512 9803708db31814b88534829fa674a423c94be65d35611b41faf85209e885e42e37f040fb577f2dfa9eab1d0f11c5097aa4c6c454cea42fea4bafccf920d5575d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 e7c1faa804d50d36aadd9b589aa80ce3
SHA1 b2141b4a4b88bf9dd98e3bcd7ff817040ab68084
SHA256 743364aebd50510406d16d79afcdd4878677227e76ed46fcacb092d894b41ecc
SHA512 01a4b5a0dd3041e9bf895f09e7cefcb2d430f1650cf3a1ed2e9cff9e1f8484f93415dca201611f4a065014ceb5ebbb802ae7adede21fa11d2c24a9c3028beba4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 e91f20b8322e7933438b6fa1fe679a0b
SHA1 738d0b14b44193ef66cdd1159b459ff90f68e4d3
SHA256 cf678674558454e5ace4720dacb1e9d646b41573f35196ca5ca72d20f5b978a3
SHA512 4c8336f83e0f8701adfe933295eef9f13fc249077adb2eef27d63fbe710b604a3d13a64ff8ab833a8429ff07b234da5e94f64a55cdad7e69433171af3e50d8cf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 79e614eb3643b0609f2a3270068bc9fb
SHA1 557655ae08a7f7b27128c8c535ce2df952aff24d
SHA256 ae32b4938038a4b5eafd0da046c67f998bcbe3be15fac98a04226d32ab9bbd07
SHA512 3cbb041ea2e050c0c98a8e27e768e4c026536277ac8c133be1edf559b309a843a7bbbc87574faff718d5afbc87903baef709c635530e470d03b149bd5bb70da7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 59f6565002c395fd91fd677c12a0267a
SHA1 dec287d2d1ac365e1ae324e125fabdb78e0baae8
SHA256 213377e7b4ab115117eedcb9dc0d915c29be15ac9c7907b620a03344f7aed45b
SHA512 279ae38488e932dbf9ad1a116fdfb13dc88f4b9cfe5953b5798f6ab3ad34d01c15a6b7533f760860d84ac5851c458825e6cc6334256dcd9c781e0d673d2cdd2a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 f28ecd9f80412b24453c661278a0d1bf
SHA1 1cb32371b16a60973cf860af7b8da8df37d7d946
SHA256 e1cde5db1377335adac2737d791c9c7724560c5e6143876ea45725536d99da70
SHA512 3a9e4128445e42031b77b5b90872057fb24a6266ec09426559c13f82e27128309021f9e7c9692d876ec43b7b6cae7ff054878cef8d6a7de4d053fb7e03c08c29

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 241d28211452397582cee52fec43d562
SHA1 35d663497bcdc396338a8d3ac329f537c9bfc1b6
SHA256 4e390d8a514107f0b0120f8a94face6291364370f94143587495791b1542bbde
SHA512 326790cd688074622a93fd223cbaac5dae7aeb90727e11fc6b1b30eff447eb03d9626a5429103f97f2cfff678eab58374d859a51b9233704321bb742a7f11253

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-13 03:31

Reported

2024-02-13 04:15

Platform

win7-20231215-en

Max time kernel

38s

Max time network

151s

Command Line

"C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe"

Signatures

Detected google phishing page

phishing google

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{19A94DF1-CA26-11EE-B36A-F6BE0C79E4FA} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000002213d23592f6d648a137f9bf65c22cfa00000000020000000000106600000001000020000000816842ab05b93851a4343ab2be70de7048cd59572b45c83368312e41ec8d730e000000000e800000000200002000000082eaf44b0841447cfe506cff44603af8a180a2dcb049b69246acee1a0ef736c32000000049c3dd3ecfe57afc767730141d2cf3d8c459c388c2a2f3a3b03ac079e84c91da40000000e37de1751a95ff27da7ac01c888d2aa943233081c9d2600598e509272c01d816728a32eff99da770740b317f065c74a84fc5fd871b1e2de9a5f8965cf0459451 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\DOMStorage\facebook.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{19AE10B1-CA26-11EE-B36A-F6BE0C79E4FA} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{19A229D1-CA26-11EE-B36A-F6BE0C79E4FA} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2148 wrote to memory of 2496 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2148 wrote to memory of 2496 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2148 wrote to memory of 2496 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2148 wrote to memory of 2496 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2148 wrote to memory of 1728 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2148 wrote to memory of 1728 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2148 wrote to memory of 1728 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2148 wrote to memory of 1728 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2148 wrote to memory of 2688 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2148 wrote to memory of 2688 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2148 wrote to memory of 2688 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2148 wrote to memory of 2688 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2148 wrote to memory of 2288 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2148 wrote to memory of 2288 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2148 wrote to memory of 2288 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2148 wrote to memory of 2288 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2496 wrote to memory of 2720 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2496 wrote to memory of 2720 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2496 wrote to memory of 2720 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2496 wrote to memory of 2720 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1728 wrote to memory of 2596 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1728 wrote to memory of 2596 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1728 wrote to memory of 2596 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1728 wrote to memory of 2596 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2688 wrote to memory of 2548 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2688 wrote to memory of 2548 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2688 wrote to memory of 2548 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2688 wrote to memory of 2548 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2288 wrote to memory of 2560 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2288 wrote to memory of 2560 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2288 wrote to memory of 2560 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2288 wrote to memory of 2560 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2148 wrote to memory of 2788 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2148 wrote to memory of 2788 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2148 wrote to memory of 2788 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2148 wrote to memory of 2788 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2788 wrote to memory of 2896 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2788 wrote to memory of 2896 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2788 wrote to memory of 2896 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2148 wrote to memory of 2536 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2148 wrote to memory of 2536 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2148 wrote to memory of 2536 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2148 wrote to memory of 2536 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2536 wrote to memory of 576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2536 wrote to memory of 576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2536 wrote to memory of 576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2148 wrote to memory of 1340 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2148 wrote to memory of 1340 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2148 wrote to memory of 1340 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2148 wrote to memory of 1340 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2148 wrote to memory of 2360 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2148 wrote to memory of 2360 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2148 wrote to memory of 2360 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2148 wrote to memory of 2360 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2360 wrote to memory of 2712 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2360 wrote to memory of 2712 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2360 wrote to memory of 2712 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2360 wrote to memory of 2712 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2360 wrote to memory of 2712 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2360 wrote to memory of 2712 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2360 wrote to memory of 2712 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2360 wrote to memory of 2712 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2360 wrote to memory of 2712 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2360 wrote to memory of 2712 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe

"C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.linkedin.com/login

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/video

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1728 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2288 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2688 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2496 CREDAT:275457 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6979758,0x7fef6979768,0x7fef6979778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6979758,0x7fef6979768,0x7fef6979778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6979758,0x7fef6979768,0x7fef6979778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.0.40119355\1221040543" -parentBuildID 20221007134813 -prefsHandle 1200 -prefMapHandle 1192 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b21d78fa-27a5-4e55-8cc4-6c6acc77510d} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 1288 13309758 gpu

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1120 --field-trial-handle=1368,i,12207547014264588776,10457472140667814853,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1104 --field-trial-handle=1324,i,1975968502664023966,17539491855774366756,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1572 --field-trial-handle=1368,i,12207547014264588776,10457472140667814853,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2084 --field-trial-handle=1368,i,12207547014264588776,10457472140667814853,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.1.209419525\1541985291" -parentBuildID 20221007134813 -prefsHandle 1516 -prefMapHandle 1512 -prefsLen 21610 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ec634a6a-9c55-4989-8093-c9f69fe5284f} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 1544 d6e558 socket

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2076 --field-trial-handle=1368,i,12207547014264588776,10457472140667814853,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1472 --field-trial-handle=1300,i,2839552394927051843,10268539568119883783,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1460 --field-trial-handle=1324,i,1975968502664023966,17539491855774366756,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1492 --field-trial-handle=1368,i,12207547014264588776,10457472140667814853,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1088 --field-trial-handle=1300,i,2839552394927051843,10268539568119883783,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2496 --field-trial-handle=1368,i,12207547014264588776,10457472140667814853,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.2.280337332\1982685999" -childID 1 -isForBrowser -prefsHandle 2324 -prefMapHandle 2320 -prefsLen 21648 -prefMapSize 233444 -jsInitHandle 628 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0d1c0009-b4c9-4725-8b23-9d2b81318eaf} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 2372 1911b558 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2524 --field-trial-handle=1368,i,12207547014264588776,10457472140667814853,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.3.1362378960\1056248262" -childID 2 -isForBrowser -prefsHandle 2656 -prefMapHandle 2652 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 628 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8753bafb-e347-4503-9b6e-45fae7775c12} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 2668 d30e58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.4.612973486\1073476079" -childID 3 -isForBrowser -prefsHandle 3768 -prefMapHandle 3276 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 628 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b9781ca6-469e-4395-986a-761f58466fc3} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 3756 20342758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.6.71164091\1907216352" -childID 5 -isForBrowser -prefsHandle 3792 -prefMapHandle 3788 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 628 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {763c1007-aeef-43f1-a591-4ce9e40f7abc} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 3860 20343c58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.5.434955398\502174125" -childID 4 -isForBrowser -prefsHandle 3880 -prefMapHandle 3884 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 628 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b514f0dc-3801-416c-bfd6-a3c44f414128} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 3868 2037f358 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3492 --field-trial-handle=1368,i,12207547014264588776,10457472140667814853,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.9.1358049026\1614770459" -childID 8 -isForBrowser -prefsHandle 4524 -prefMapHandle 4528 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 628 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ae042419-476f-40fc-b82b-6c2e269fc268} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 4512 2077f458 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.8.2125117743\611087364" -childID 7 -isForBrowser -prefsHandle 4368 -prefMapHandle 4384 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 628 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {60816947-f631-4ba0-90a2-bbd094de1149} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 4356 20780c58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.7.591197661\998630076" -childID 6 -isForBrowser -prefsHandle 3928 -prefMapHandle 3916 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 628 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f731bae0-60c1-4514-8173-29a2eb91791f} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 3276 2077e558 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3616 --field-trial-handle=1368,i,12207547014264588776,10457472140667814853,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1120 --field-trial-handle=1368,i,12207547014264588776,10457472140667814853,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1376 --field-trial-handle=1368,i,12207547014264588776,10457472140667814853,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.10.1332260359\1185499992" -parentBuildID 20221007134813 -prefsHandle 3592 -prefMapHandle 4856 -prefsLen 26251 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a3f5de43-bfb7-41f1-b9fc-56128c8e26ad} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 4872 21fce858 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.11.1725956592\269870269" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 4968 -prefMapHandle 3592 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {dc49a082-60ef-43f0-b14e-ea69f2074c9a} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 4988 1c622558 utility

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4224 --field-trial-handle=1368,i,12207547014264588776,10457472140667814853,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2712.12.95936120\358258391" -childID 9 -isForBrowser -prefsHandle 5128 -prefMapHandle 5124 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 628 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2037703d-b352-4196-87d3-b4949d626acc} 2712 "\\.\pipe\gecko-crash-server-pipe.2712" 5140 1c6e6858 tab

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 static.licdn.com udp
US 8.8.8.8:53 m.facebook.com udp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.35:443 facebook.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
US 8.8.8.8:53 fbcdn.net udp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
US 8.8.8.8:53 fbsbx.com udp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 platform.linkedin.com udp
GB 88.221.134.88:443 platform.linkedin.com tcp
GB 88.221.134.88:443 platform.linkedin.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
GB 142.250.179.238:443 www.youtube.com tcp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 52.10.159.154:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
GB 142.250.179.238:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
GB 142.250.187.246:443 i.ytimg.com tcp
GB 142.250.187.246:443 i.ytimg.com udp
US 8.8.8.8:53 www.facebook.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
GB 142.250.179.238:443 youtube-ui.l.google.com tcp
GB 142.250.179.238:443 youtube-ui.l.google.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 157.240.221.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 142.250.179.238:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.187.246:443 i.ytimg.com tcp
US 8.8.8.8:53 accounts.google.com udp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 172.217.16.238:443 youtube-ui.l.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
GB 157.240.221.35:443 www.facebook.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 172.217.16.238:443 www3.l.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.178.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 142.250.178.10:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 142.250.178.4:443 www.google.com tcp
GB 157.240.221.35:443 www.facebook.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 rr1---sn-q4fl6n66.googlevideo.com udp
US 173.194.57.166:443 rr1---sn-q4fl6n66.googlevideo.com tcp
US 173.194.57.166:443 rr1---sn-q4fl6n66.googlevideo.com tcp
US 8.8.8.8:53 rr1.sn-q4fl6n66.googlevideo.com udp
US 8.8.8.8:53 rr1.sn-q4fl6n66.googlevideo.com udp
US 8.8.8.8:53 rr1---sn-q4fl6n66.googlevideo.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 173.194.57.166:443 rr1---sn-q4fl6n66.googlevideo.com tcp
US 8.8.8.8:53 rr1---sn-q4fl6n66.googlevideo.com udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.169.74:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 rr1---sn-q4fl6n66.googlevideo.com udp
GB 142.250.200.14:443 play.google.com tcp
US 173.194.57.166:443 rr1---sn-q4fl6n66.googlevideo.com tcp
N/A 127.0.0.1:50128 tcp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 216.58.201.106:443 jnn-pa.googleapis.com tcp
GB 216.58.201.106:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 216.58.201.106:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 142.250.178.10:443 jnn-pa.googleapis.com udp
GB 142.250.178.10:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
N/A 127.0.0.1:50209 tcp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1---sn-4g5e6nzl.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 rr1---sn-q4fl6n66.googlevideo.com udp
US 173.194.57.166:443 rr1---sn-q4fl6n66.googlevideo.com tcp
US 8.8.8.8:53 rr1---sn-q4fl6n66.googlevideo.com udp
US 8.8.8.8:53 rr1---sn-q4fl6n66.googlevideo.com udp
US 173.194.57.166:443 rr1---sn-q4fl6n66.googlevideo.com tcp
US 8.8.8.8:53 rr1---sn-q4fl6n66.googlevideo.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.179.238:443 www.youtube.com udp
US 8.8.8.8:53 google.com udp
GB 216.58.201.110:443 google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.179.238:443 www.youtube.com udp

Files

memory/2148-0-0x0000000000990000-0x0000000000991000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{19A6EC91-CA26-11EE-B36A-F6BE0C79E4FA}.dat

MD5 1c8157ac3355395dc6b647a06f8c2111
SHA1 af7387df721991d05e7b8df905c4142a33b09a69
SHA256 2989c997ff2ca144b080b0d4f2276113016d49153e1164c8460309f2d7dc8c6f
SHA512 52192ce7a9eb74d6fa1298aff678e0fcb2fdf4083ce150bd01364bae0c7a70036c8aa79cdc2125462859ec22cc8b802cab21b448344281ebca03048b9576af58

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{19A229D1-CA26-11EE-B36A-F6BE0C79E4FA}.dat

MD5 651eb86572377a73ad3edc70d6726f2d
SHA1 9e1f9fcbcd091c7baa30e2c2bc1071433810241c
SHA256 3079a840941c7c72a52a14077f42864de48f2650a87224fe3f186b9117e6af66
SHA512 a46e3615c7f0d98fe474fdd90e758d0fab922c6bf4596076e1950c312762eb4fe52a6b65bcc4e6a2cdfe6b00fcedc88f0c010d8907e29186c684b790083d83bf

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{19AE10B1-CA26-11EE-B36A-F6BE0C79E4FA}.dat

MD5 f97c496599032cd41ca548da600fd637
SHA1 6d41cf89c7578e1b0323f2f90064ef503541da26
SHA256 0c43d5d2d1e90de1352eb2b2e02eb500956e6b3349e7b7996404f6e127d6157c
SHA512 394a75aa8e3426aeb513c5bdc93dd5669b0a326cab9eb3b60b18e9fe77e6eaf86a9fddda26b3a1058fc91eedd7fa37a83b980c2c4b7bb0fe84be4c85204d83c3

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{19A94DF1-CA26-11EE-B36A-F6BE0C79E4FA}.dat

MD5 ab77ff70275b3fca258261d75848828a
SHA1 8e6334640ef8efa0ea5eda183ae5943acb1cfc6e
SHA256 d7520ec8bd17cc05ab17447cf0f3b04b9637e61b504d6d02c588c0bfa9d3033c
SHA512 82e91a76efdb424df57b2d0c9ea6c24ad4effa1db3db68d550dc52fc0f97d229f002f5fcccd98bdf81d2e695a633cac9b783658705a4c6590504c8891c5d2584

C:\Users\Admin\AppData\Local\Temp\Cab452B.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\Local\Temp\Tar45FD.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 ed680cff3fd3f646be6f05cdeefabbce
SHA1 03f75b12efed0587ba3a08bc76cff6cfdf9fc5f4
SHA256 6656169c41acf9ca32bf897fc43cdb759cfab5683029871312b8c117acc0e268
SHA512 7bd881060f5e9c8b2816e9530bf5fd15d0e891beec902a7ff2251178bfda017f348a568f5db6e16d1c233072bd102d54b1cdb8a671ac8c40151622362d457cba

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 a0a3dc5f0e43b06fa700cd63fe27b8b5
SHA1 2b2a658843149d0a845175c331ae2d864b688480
SHA256 efc0b1338ae2ebc4f20a7c0d2a435f3e281db8e487a3758f9c5dc5e993c54347
SHA512 26deea9740b88faa47af00db9bf2f860d43c4e71c291edc9a23f2d0742b1f7fc0a9d7fc5c4a15815b455e9ad8e1694b798cbfda1c677b239b5bdf38d5a9ab23b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f3fbb0713b14404de6d73136fe7bf48d
SHA1 a3c4afefea21c22037fbf7678d8037c081f62176
SHA256 5af622ccd5e9d061800c4181369ca71949c1bd5477a1a4b7f50e64846a02a907
SHA512 39608b0142c422a00a3c0023a751dca7ad206672c19d6ca9b5462f20ad0831456be4f3f6cfb0140024d47e56057a49ab0c3b0e3603415c22c152c311296ba02b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 b59c0c291b620daf7f6bfc80f3d610ee
SHA1 aef40400744aebe05ad170597070d4220f2b0876
SHA256 d8f640a9de2b1c65da8896811e832d909536d6ceafd1da1976abaddb37cb203b
SHA512 e86751e6f3f66078f04f28a31454ce4da92c844b43d921b4a89930f8e8887d37b3b0d806af9975bf1a8d81f5c82cb73e8a0e653fe081043ad04baf7f9678121c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 65a7dd52196ecdab467ee50844853403
SHA1 ba81c823f224b10d89ffe9306c74325f65883d3b
SHA256 cc561b0d093ca005c8698ab0e3f06080fed2f2360b3f4ab5923298af11532937
SHA512 a6564400a05a253247e81df554c465fb50a10ecdd2b0f6adce2590d9e5305db5f0d5c4492b98cb7f9780659d1a50acb60b8da5bfb36c225fded331f44d5cc2c8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b0420c5d1d24eed85bcc8087020561e0
SHA1 e42b53af1e844b0c109b2239ed1182d522ac14ae
SHA256 f992327b1dc21900661f2ad34bb4e23a35f70548f6643bef29f82added525abe
SHA512 38f990c35f4441bc5272e27019c26b7ce4c63bf0173a276f5ebe4c0f6e0a4fbad4440a2d9059344232c18c3d5c0e99b60eefd2fa8c6cf574dc2e776c83b8dafb

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bbe88997918e1457e202cb940de3a6e5
SHA1 33d314134baf8dd01fa29ed85b96062760132283
SHA256 79eca2b7a2ba531e8d5276048d9cd72f534c82fc52fced6dba8205bac2fede7c
SHA512 2ad0569df907680ff1a70a847f2452a18bc33e166c2dff69aecb8864b0faf79450dd000034419a90acd5cffd52f1e4a0738941827cc06dffc64b25e18bce0aed

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 583a610617e8de6182d087da180fe77c
SHA1 d17636672a9a68c8aa376ab0dba5e11cdc5a1525
SHA256 d4e16c36cbee31e14374f77c242c3be9d537b04bed647acb92d624ab94141c98
SHA512 6802fe1af7dfd08cda05760ea7e1c777aa14d9f5a30f890125b04776690b235de47ee1161b88a6d1c6bc562357cdf958861158540945d368388041c65aa88229

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 5c9a4a9b4c742f345e1b7f2a76c1d933
SHA1 776c8cef9060605d2cbe6d161c8a1a69b07083af
SHA256 b05cc9c2152f436a58e28896c79d0977fe1d86ffa601a0170a415378e5a31410
SHA512 eb9dc2a315cfd52366a05dea194fbe18e81d7fa13c07b132e8bb06e1f0df26c2d3258be28f08c15fb36bc3f22c15dde5e75b5a3cd29422f00e2fc791f4afa730

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bb2e18d7e3456198969fadb4e1208c63
SHA1 f4240949bb7b3c5d10f320306c0d2d6c0b1d3907
SHA256 eb3e7d2047a512f2034b0e9e09ed4cb0d75a71858fa23d8c2aa87844c22bf6a5
SHA512 e224a2ea5a08e9f7981f37892e74059dca6b3ea9ab3c9cc4133891c9e99d64791f2db01330376014806d4dee6d01a46baf83f6ed1172f2008c56772a0d90e283

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 d3061f2a093fb2b1125b770a7719608d
SHA1 ad87dcd627ac8fb1fc777dfb04beec72de1963f3
SHA256 a90ea16a78bde287c4d8138ba7c482884617338de36edc59ccb22a2f4e4208d7
SHA512 e0feda9faaad14c180bdbcc4984c61da32326cc8a126a338193f99655f8eedf7e6f17143ead6626a99671777c2e869d38084e9d25645bb9f48513eb565314931

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 d55994dcdd4b219be1abcbe56a99720b
SHA1 f4b546a5fc65bcf2b9ab1ad2391f9bae87f36ce4
SHA256 e5db27ee22dbd27b16ed1f10b65ff0e574cabe32a64b64751bfe6239ae241ff8
SHA512 ccd8bb10c7bba2a457eebab07598fcf4e2bed3a4fdb4b5fbfff915a4d4f34ebb744e75e86f4c6967e926885d18a48f6204c2e9722b63b048a63baf3d1e2db60f

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YT4IJQ91\3m4lyvbs6efg8pyhv7kupo6dh[1].ico

MD5 3d0e5c05903cec0bc8e3fe0cda552745
SHA1 1b513503c65572f0787a14cc71018bd34f11b661
SHA256 42a498dc5f62d81801f8e753fc9a50af5bc1aabda8ab8b2960dce48211d7c023
SHA512 3d95663ac130116961f53cdca380ffc34e4814c52f801df59629ec999db79661b1d1f8b2e35d90f1a5f68ce22cc07e03f8069bd6e593c7614f7a8b0b0c09fa9e

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\t83hqs9\imagestore.dat

MD5 5124f08c855e36b9284840e16f2c87d8
SHA1 a3c15a038e995d027434716e76f8b0a4a4b396f6
SHA256 fcfaf2dbe3507e54be56493f8918031b5a289515ac2e9eb49587bb0a3558d489
SHA512 4b2c846422e57d929ad17d6f2a3c2119c27cde00eb5bca4c9b12a7250817e72913e0bd24de8b26a3bcd6401afefc2bae96dbfcb94f58f4a1c6760bb3f790a48e

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\t83hqs9\imagestore.dat

MD5 357ca391afbfa0c18581aefdda6e64fe
SHA1 454ca87c89c57c26024a7d44900f617a643b62ec
SHA256 bc9a755bbebfef2d9313274207d80f17153c8e58b829d166efb35714fe84b615
SHA512 d43a5431c66989f91e2c37fd6f0e8017007e2c7ffee71ce584673fdf117e193ab51cc2611674691937c3920a01dd21aa05c98aaadb4b603cff00c6270bc75620

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4R90HQQX\4Kv5U5b1o3f[1].png

MD5 a81a5e7f71ae4153e6f888f1c92e5e11
SHA1 39c3945c30abff65b372a7d8c691178ae9d9eee0
SHA256 2bc7a47889c56ad49f1b8b97385d5a4d212e79bb8a9b30df0665a165f58b273e
SHA512 1df32349b33f6a6fcb1f8b6093abd737fa0638cdd6e3fd90a7e1852bd0e40bc2633cb4e13c4824fb948d1e012e5cb9eed0b038b121404865495d4e57e123db69

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6WEH2YLI\favicon[2].ico

MD5 f3418a443e7d841097c714d69ec4bcb8
SHA1 49263695f6b0cdd72f45cf1b775e660fdc36c606
SHA256 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
SHA512 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\t83hqs9\imagestore.dat

MD5 99e70201f248d483cd1df8dccc88d16d
SHA1 687d207f3e7662620091a8e8d07b5c6f8fdcee44
SHA256 c3902d395c93aeb281c98ae48823b6630508a28f29f8871e71ed5e3b7c18672f
SHA512 286d9755c0ce56e5bd0f5eade274bd2ad6d2c6a437346acbb853ae2402b0899876cdf316079d1e6e819fbd08ba7b1d9b10bbf431c75e4692c18c7ac8ece55a3a

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YT4IJQ91\favicon[1].ico

MD5 f2a495d85735b9a0ac65deb19c129985
SHA1 f2e22853e5da3e1017d5e1e319eeefe4f622e8c8
SHA256 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
SHA512 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\t83hqs9\imagestore.dat

MD5 4bb81ad158f06d23b113851bae479d44
SHA1 0073af2dd3ec58416736999dd0ddf8210c693d90
SHA256 cc8ddd8dd320aca53a88a1e743669b0509ca5977e3fd11f50d54aba3e0642b2f
SHA512 7433695c83b5b34edaa8df0625110bb7f4774b5393af578fbdddc44988ef05479bdf7c22fadf8f2fd9cafc39196108155269e8e5ab218507e66e456934dac496

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\MMJLE2BO\accounts.google[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\BRL64UL6.txt

MD5 86ea708f4a16ccee0ef7f3b361ffe73f
SHA1 2723f163b85e0ae41d6f5f813732cef9d7fd210c
SHA256 152d50bbb26a632686a2045d0642c856462c6825f528e46fa7428e56867b31b8
SHA512 7289d62bbf0494fc16c4e2f41c83ce6be2e53d0a9084827421c6a46f7b8cd78b0d5c02018767fe5f7917f1e9136b2392b8c3bed6fb3a929ca703e9804c6ef743

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 1eafb519e220f8c8058e5fed5b8b655f
SHA1 5887ec025353d6d46390446e36f4ddf516be6c07
SHA256 df15aa54bf7155a9027096e97a16a7ed7488f969c621bc46adfaede91154c4d0
SHA512 10d14f6f744673776332797f8b556253ee67fd5d866ba531d99d49a2d6c906890bfff95a378044f33aedd6f4afab6b18d217d29c0b879be3a8d3a83c11bc48e7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 e9fa8d394d252a503cd0d7b96f5fbce6
SHA1 5683fb3d55c85a1769d91e25c538292b118e2c35
SHA256 e148ada5a11905ba6ee26565d8f4554748ba72e0e952762d9ee0f17196354057
SHA512 ecf846de0c0fc1658df1f6ca6b487122232c26da50cafbddce55f639b83ff23efef309013267496310fc459ec7ca61b14256a5191c70f09f0b7dd12baf6aeeaa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7a731394d1c54a44b57eaa78098bef33
SHA1 22a43aa050c4f6bdf3ad7d91ef678f4a00ee73b0
SHA256 fbb26c42a2896f66baf369604d9970dc747e376505f4af940ac596a29f7541b7
SHA512 ba7f3a9707bdc65d572c17e24f8fb22c299ff6a5d858649597d66f5280dff0788f5e14fe6eae1255f006e566f468f487e8c67235e17f735107aeac2f2b9806ff

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2698b69890c9badee8373e4013eae79d
SHA1 fc108141302a1309470022d1a4e37dcadd2d641d
SHA256 678a679c9cd1acbf55758b04ba649a4abcacf294d2abe383614fb02ac0b85c1a
SHA512 2bf2b7da76e9e49f27a559da8945aa6d8390821927db7631ec4dc9cf665cf07cfc83ea2739c20d60e1200d91fd58c43faf0833d65ebaff31ed3a603b1c43d503

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a639b17eb3a4248684d76b31ce7e954c
SHA1 f67ecf11cbac5afd58b2537c107ba570ea0d1ed2
SHA256 8c82f9920360b20e9134830f1b862b7d9315ef27c04f8563e6000f4827089eaf
SHA512 692d6711c88ffc05d4a0384b889908769e8822c15cfa5e08739d2d5ccdb29e27b6771908473250c4b05730b74ecac221723cfac57f994c24e0176fc09599c0dd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3f6e023e59297cc12ffd90eeaf2306cb
SHA1 9cfd22c538398f6a1babc6869594dba7641a41a3
SHA256 63825c4e57c65cca5146649d78305fac5f248548e29fb2269c1bb88c4eb482b8
SHA512 ac569bcf572fd4203ce4ffb9f0a6bc416969cc1c46722d78f5b01379b389e54bca18f020bf58553c9ff591d28bbef1a0b90258fbcf2a4e2478dcd5ff3744e8a9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1e9fa23d766a34955c98eb3c3b4e6db3
SHA1 a10c9130a00b569a0b06c1d0b5d54e1fcda0d54e
SHA256 a72c72d3a37674c4ba6108014eea09cbb7955e913fc22bf296172f71da3cc42c
SHA512 cfd6ff72a71620d9ce2cc823d52b4516cbd20533f0ef79936bbd8837fe3ffd55237097c93f705a1ad6012fe8aab917e7c0ae095ee69972a20bcfe30b25c788de

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 18689373cb275e6c3eff5b0589aab2ff
SHA1 2d7383e623fe4c86786f757e5ab20ffc2a190a51
SHA256 6def282fdab4669d00c424c7f938182a01f8069d6ed768cb98313bcc00866781
SHA512 81f133fe9a71bd6f6569b6db61624d939459c2f558dbefc9590995f014a79b4a54a0e0ba81ffa236d02cdc819a0b3bd871677d6bb4e6072e648a74a73e26b423

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1343fd9d7e86975341bd6a9fdbbb6904
SHA1 1cee97c2bb8ce30ff838bdfb73414b966801b426
SHA256 235c848891d8d47360c19ccd909c9d221276311169521849c29826403c03f374
SHA512 24f0b8a61754ff49970de6a0a25b3bbb1165b302d4dc555977e98566476438b6ac055c7d337bfe9028348e14b453aaf05353f4fdda101fe7c4cfd0a41c08568b

memory/2148-854-0x0000000000990000-0x0000000000991000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 11b9ef326a4851ce75c5768187b8d574
SHA1 ebec9cc2871219a70441db5dbab6d6c1e73b70fe
SHA256 92e236809af52434ee84e9dd0494b4748b40d3b6729a76c9f5d456dee9e6c7bc
SHA512 0e8f39bcb557a7ab92db8e26c3d913f722ca84d2e7ba6bee706eb3aa21ae86a924e6abf529a62b6f7dd7104bcfdade25fe7b364d138fb2da60e71399eb79304c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

\??\pipe\crashpad_2788_NSJYYCSXWXQIXURF

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b1fee3378105d4427e34138152ad3b5e
SHA1 4845fcb3a9ff081312f35ca20fb8bd39b848426e
SHA256 8266aaa0fca10c9a269342ea7c403fd69f2c30a58d050af9f5408914f5cb7ffa
SHA512 1ae6fa26ac0f4c5b103d3344d6ba8b92bf2e5e9aed7aec464d7fb60a9bcd1f8dbd28394547834342cba08a05f72cf70b4c63a24c57c098110f68c2ef4380918e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\d98eb4c5-6bf8-438b-9270-f89172b702ae.tmp

MD5 4dc73b14b24ebadaf70d20d1016aab97
SHA1 978c9d300a7d0a04d7f28294fe3452f19880e553
SHA256 dc8c5a698fd8954012c17fb135f681fcae527e40ce80c8478f0a42e623d5a6d5
SHA512 b5a77e0b862a19b69a986f79323004f67369d0fc10e6d4b20f8ce38a0dd9fba7345fbf6c01c4fb6b90dcb006e95669d66bdc848145d5b60a6481dbaf36650a10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 265db1c9337422f9af69ef2b4e1c7205
SHA1 3e38976bb5cf035c75c9bc185f72a80e70f41c2e
SHA256 7ca5a3ccc077698ca62ac8157676814b3d8e93586364d0318987e37b4f8590bc
SHA512 3cc9b76d8d4b6edb4c41677be3483ac37785f3bbfea4489f3855433ebf84ea25fc48efee9b74cab268dc9cb7fb4789a81c94e75c7bf723721de28aef53d8b529

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 8549c255650427d618ef18b14dfd2b56
SHA1 8272585186777b344db3960df62b00f570d247f6
SHA256 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512 e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jc9ad0k2.default-release\datareporting\glean\db\data.safe.bin

MD5 fd73e8cd5b1f9da07720faadcf8c787e
SHA1 7973caed7224dcdf851afad88730b6ddccf6a4bb
SHA256 cf4d6efca127ec523f929a5938c4fd611e182276adf3dd1b56314fb0612d4e49
SHA512 d99c3f1db7d2316dbea236225e0d05a8010365eb2ec7d852f655664618717a62c5751fc46a2a1a61d58746821722056b9ba4e386bdd929d8aea43c91ca05c8b4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jc9ad0k2.default-release\datareporting\glean\pending_pings\d91d8d2e-42b7-416b-b841-2ab96c97d4d3

MD5 6b7d2f5201090130e6dbed2c7a395b9a
SHA1 d836ac2f93e38b8aaebdfe377af6c7443585cc6f
SHA256 ae4d44e41eb91017c9a8dc4f50125c4f41133a36263fce39c9e5311961a754b6
SHA512 bed219909009f5c075337347b2adc984888474ebf4aef08a1a19f8d5bf6c7675be27c02880449a969485cdbc607dfc96d5af2c07d3deb3fed7d0e34c3c6be173

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jc9ad0k2.default-release\datareporting\glean\pending_pings\5d610572-9890-41e6-950b-9cafd026dbef

MD5 a7140aece867d8c4337ddf36d7b291f1
SHA1 2f050193695588724ff0c8c2405493ca3c5b95f5
SHA256 234ded2020f5991ea98a3e9624766bbe6ade1f111948a41bb5fb6c2485f5948e
SHA512 85748e683b1b2207a6d6457293a688f893419db11475b199f88fe4f2eac405dd357ab0cd2128b6dc1be7330a1ae4067b43b5006d163fafe0b99ba6a16f05e341

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jc9ad0k2.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 85aaa97ff9ff96f9a8b1584d83712cdb
SHA1 ce4ad8715360c73c1e9cd49f2850f97cd324e1cc
SHA256 26389cf79caf5b9898ef45149ffbfab2cedc60ef9b3321d876fb0fcbb5f62167
SHA512 adda931ce814f3516b60f99a79182de666ed29e4f499469b4aef7806b6efb06f815aa263f04730ce8c96e26e507593171abb3d8f7bff99f41bcb5a99bfd65108

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C

MD5 76e6910e5a84e5ac595d8a7fc41de0ab
SHA1 31cd4699bd778bd33823765b35fe4156781d645e
SHA256 6323985cf95f4070b25de82e4af772643808d2350e2bd2d27c5d8e59fcb03b6d
SHA512 1daebe4f366eba3f7feeff16db2657969ec795ec11dbf78d57888c0d4b6e339386871b1d36e65d171cfc403005ceac43463c004b133e67b37862e01e51abd36f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486

MD5 fb0cd142c12ef222396eecac0c5b9303
SHA1 7c202fe783235b7a9e8a1b14393c166b42d58fd4
SHA256 5655f4e20ff1610e90fc053eb8a87db731d99fd2624c04bdacc9387490b2c9e8
SHA512 15102efcd0c5a1720eb87397eb3f9df243f956e2022fccab3a28aa07bc4d743621c729ac25c8eb5dba93fd6bea56f82dc641a0f770341973eaadfc95d84791ca

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_4FF70BED6E50B22FE9799AB821C4C486

MD5 49397d9134232f158527b558308aac99
SHA1 f95aee009e258dd2cf113cd213ea9d3cec182966
SHA256 12e21a22bbe3c6b496589b5d5f3e66df6dcebfb89edf5df46eeea7e4f5432b3c
SHA512 208a24e807d0d8a5da7b407fc1120f0ae16f6e0a3a01fb319a7913e06c6934f113e536b9964107534f5a0dc0008699250ae116d164e1fcffb3a49fca60dfb969

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_82FCD36BCC5FD87B35DFF8FF8B1DC2E4

MD5 f6284d70677a687299a75eefd2ceb4c9
SHA1 43d3d86b150dce18c191e81714f25ba968fdc976
SHA256 755fd91ccdbefeee4f4d66f839a387177e4c24faed5665f19cdae5fde61a1eb2
SHA512 1fcefa27499b2ed3a7020f7d88d248a87b594075dda7623505476c99b781c34207ad69257f80c9355a696c50978cfd2ba251570871573074ae0ad65aaf1d7d25

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C

MD5 b240d1ba3b7c56d8831221efa6612764
SHA1 1a18be9ad9e83e5e6c0e43dff484c44d01abae0b
SHA256 4cebbbcc6a7fb2d6e7e44104b756e561d1057695dce61834251884da3719d8cd
SHA512 0317fa5f99ebd922c1a1811a1158186995c575fefcf2b72c3588705341eb3b1c8e90a1e629de08d2f00e94a4131af4a6ae3dc4b1f7433270a2ea7961f971e428

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_82FCD36BCC5FD87B35DFF8FF8B1DC2E4

MD5 83c972772397f561ee3c89f3aad5ffa5
SHA1 a63af3dc7eb4ed648938dd023f7a862cb0e73f91
SHA256 3e52a530346e22756ffe008c4760fa3492a035950e2c4866481ba799dee4199a
SHA512 f74ca721569216a7e24600ab5a1397b783f8d192a46a5551a18a7a1a1c416a30253f4aa40963e4ca11b4a85d413a081e1399161b0876e39b51bd14a88e83b293

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 8d3a6a1af8bd6909c1c423d4d5bf0c3d
SHA1 1265338e0dbb5172ff44e2e79648e5a95206a1b8
SHA256 ca578712f2d4dfdb9596700499ca1882ec85566f4455483e87cc22f14969c0d7
SHA512 8a8d478f8942435ef5a8a9cadf3dd248fac279d2acf344927805c1e905e6ff2bb0fd062d05a107686d3e0d7cef6ca0895c0ee162beb61350e381e37f2d2016aa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 6dbab31be7fddd3a8e3afb16767f82e4
SHA1 d5aeb5fe916b015f4c1c32348cc59582accf9fe8
SHA256 87348840b2a999a1e24f021f4bc732f3251b731027f5df5d39e783e6dba54a92
SHA512 8f24183cccbc98c982798cb99acbfcc95759ddc2424ee9f52126bc9b29f019c597ec9cfe868cdd4e61fc1564dc1461894b4442b0cea0418fb9e876959ac15e80

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jc9ad0k2.default-release\sessionstore-backups\recovery.jsonlz4

MD5 f0ce67b4971636cb34cb0e552e536e06
SHA1 15168a98b2c35557597dfb00f95ec35ca5bb8b19
SHA256 649f08667e8b7347bfb418e3b9a317f7139bff372ce9d4c0163d4d20fb0a9f90
SHA512 6f0b207c0a4533b29a5a5a2f6ec7afdfc91e1ffbd3c0f7f82be916acf839b05c5cda99bae4dafc096454247588796c444b493cdc133ca8e1b4dba8ca8a18400c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf76ca51.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jc9ad0k2.default-release\prefs-1.js

MD5 28b8646d2ad7f41e066e8201eb65a25f
SHA1 6cbbdc5d13f890c6ea5b0568ac6dd099c443b065
SHA256 fb563e6c9d872d7d1dbdf50df8f036e838ed3e9d98f583f3d2210a7d566ac3d4
SHA512 b9fa77db2a56441936ae6950871bece5d081be27c0beb7efa90ca10789b5fe4321f805d9997ddb4611ea68eab485ac1ff5e4792bfb1d2d303236fd7d4380aa62

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 caecbaf849e764236f2f89c10f3029da
SHA1 a3442541976efcdda571dd0fe2710e49b694a2a1
SHA256 90e60622c59fbbec1736a0c651658e7d6e507399c784257deafb8ab5bd47959c
SHA512 9f93e2ed4b638aac7ec39bc69c9e6829c0f2f867d7e422ed2e73162d03ceb8a8905c057bb0ff5b782380a193c4e7c6cc2eefc448f249d66ea65b3315448a6d62

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jc9ad0k2.default-release\storage\default\https+++www.youtube.com\cache\morgue\172\{69570adf-9a08-4573-a9e0-ef60810c66ac}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jc9ad0k2.default-release\storage\default\https+++www.youtube.com\idb\2702002883yCt7-%iCt7-%r9e7scpbo.sqlite

MD5 7df3a55e22f84f694ec91d2e2abb19fe
SHA1 26bdb9679501ec926d65ca42ba6e2ddef9e0c4a1
SHA256 7361f408427acff7b56629575bb75dc547cbb50fbe4c6460efe738f1e486ef24
SHA512 21df1cbd372d6fc3a3fc33c37926078b3c3c6f93db3d9112a7d7ff25101032191a50484b19c6986bfbf00ecd779e307676118fb3b225f043bd0dee60ba53e996

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jc9ad0k2.default-release\sessionstore-backups\recovery.jsonlz4

MD5 84d66354ea2c1acdeb325c5a19b0e409
SHA1 5fe6b76308968fbfaa24056e866fc88b928bac20
SHA256 8def99ae40024a7122da7ade4b9b33614df0f9a6a88551996eff9511fd6600ff
SHA512 1a7e43c572d298113a58bbc85723e856ad8d75d9467d67811b95597167936b9ba5f85d297f8b727f041409b008c78982b67a3fae60c34f25cfb95d76a64b5a41

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 96c491039ffa48e726d05f8aebd10b29
SHA1 e654cb89be9c7a894e84cd4667f1404d4a0f82dc
SHA256 1ba6107d9f6874a928f16d0780e70e4a80497c49f01f9d40cef691d50fa871f6
SHA512 0060075aea0da82820f96005fd71621a0cfc1b2a8d6131150d98dc49791feb78bca4b37969d39e7b0e15a175547bf416b367d58c1021c8278d09a7352d57270d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\jc9ad0k2.default-release\cache2\entries\B3316860430DA0966649580110E85D2FFB7B5A61

MD5 5c70eddedd1061f3fe8b1e20018340a1
SHA1 6576f6ae08e05d9770e999587ba0ede4b4694275
SHA256 359f68b9febd8cb2324136d7c672e7f64a0be57c7141ba126f43e72a71b87693
SHA512 38c1363371b306a2f43ef1388603275fedd2a562f9a9997e72ef1252179baf450a5731e879f1a3f7d8d51c6c1f4340aa0e0a66297433e22e85a9a9c268c49106

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002e

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002f

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jc9ad0k2.default-release\prefs-1.js

MD5 032765cece0af54c53fa5bf9697012e8
SHA1 80408744dcc20066d1d0960393b5dc2c6a4b6de4
SHA256 ced806f884be726ee644e3fb1072dc936809e5e57d095ea8ec785f5dd242585e
SHA512 f35fbbb9d2f61bb0013d3aabe69f0406dcd291885670bc16a1cf121147c9d2ccf16affb116d8c4568da43fff11b2bd9c95f3ce790b0489fef7e0283cda4aad78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5437bc2b1f992dd9fad6ab0c5984d67e
SHA1 0a53cf96989d63425ce4dc6e865c840cdd1ec6d0
SHA256 14dec172cadf0adae52401994e47b7a9fafc0bb0df3d3e4bb26e7efebf955da7
SHA512 9ef04010daac27fc1e4655c4f77f0efb9fec8d31da0d242ae80e4836d1a156507d575d2b6b47008d99d4957ef472469db994cd213cce2a5565df5acb06a33868

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jc9ad0k2.default-release\sessionstore-backups\recovery.jsonlz4

MD5 6d8a8650103fd69607d29a3247515ecb
SHA1 77c4a556592770539dc7880aa88fc157c3712dc2
SHA256 ab06143dad40f11c4d7e3e18165577889988d16f35cd773f5f4985b97e145c94
SHA512 3ae0cbd88c9e3f3c265ca33df24e3481f71fc4b0feb587f08f759f06772592cc38cb0f5489cd52c4c9c591e1e62fa18e5009548cfd4c15e9ca82279b9b204e70

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\11cdafd1-e892-4b21-b97b-f33e97fdbdb1.tmp

MD5 e9c6d8b8f03b2f1c03cfc2be799eed4f
SHA1 d597061b6363fbcdcd80e1940568e3388caa23dd
SHA256 867b19acbbe96b313c6edb6bc84927530b75f598cd3f934fa92e6672005fa652
SHA512 4d148300782737055fc2e2f65fb4d0e98cd3d9f19dec912c61165d6e1bf5bc4bf6cc623e9f351fc5764046eedffc0c1e735fb94d4e113af661ca6161fba20a18

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jc9ad0k2.default-release\prefs-1.js

MD5 46a8dff19dcd3adc4a91bfc9619e6944
SHA1 e751c76a5e6ad7fba7e13eab56354f0710b4b727
SHA256 be7826f28260afa9c629b8d6c15c3d77c2510383ff8854afaf8e0baf9624a542
SHA512 117a8173372bbe112ba927d656bac354c8e203a53781306c3e268920eebf69a960f71fdcedafe8f7577e93a88b4c4a1c909d5c305d1cf444754e1cbc5d076805

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jc9ad0k2.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jc9ad0k2.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 c33002f96b4fa24a2ec5473c59f28214
SHA1 388340f2e5d02992429b419e883c11952d33d1f3
SHA256 b0017e76d938b9558c7dbf30c6c5808a92678a82019786917325cd2799bc80d9
SHA512 142288685f6e322784ce2d84fdee2d4c9ce5d1201173b93d48fe35e8b8309a28dfc492b0e8a56eb918af746b467ac8395e9ab374217d676885c888538a1318b5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 25b636af3740c358b116d4c82a513271
SHA1 9ce1cf44abf2f8104e96f5c85b64ec498f03b9c9
SHA256 c867e358e1d06b97bfb78094270ad1da7cff8268c9971b988ca27e0196ff5282
SHA512 21b52819f34e62cfdcc0efbb41cb6c9006ea1b274c3d7193d9eac7e01ce8f76f3ecf6e4d502487044dda6ba37ad429ba494181026fa5fbcdb832c47a9e3ba529

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a170a078bb8ff4183d244f01c5ecb883
SHA1 ce42d2c0a5531db1e67d0b4741daaec3bbd6858d
SHA256 05f0414fb48af8a70b98ae4665d5f30190c6f124484c1f4d9afab009e3080066
SHA512 0d1be2e1e7d4f4e7079e2864397ee4361b4d1d96169a46d7b255d2d01257fcf690cc52cda1724c0aab44fbe9845694178f41cd044efc2721c2304668decd856c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6f1f2c00b82646ef17be4966d8f0169b
SHA1 325278cf53c20c1704d8d555eebf30b8c7ad38e8
SHA256 35501894d6429eb0fdd9d20f50c7b330ec823f2b3120c0317250eff2bbc37686
SHA512 5d70c497d1de46230055a75ebf31cf6e8fa4639e420aef1e4820943e4f8c79db328a791fe99a93dd7001fccfe710089003ec1688233e35c3015256da743ef3c9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 997a227afec52f03075a80939bbed652
SHA1 e971092362e8a66d83898eda1c19d40ed3669c8a
SHA256 ea66d182d7b40eed8ac45ac91b8a92fcd630c45814b4371e3e460c03fa91dd1d
SHA512 7882ddde4d7f687cb9ef0822705d19259a04dae47345f34214a97ccae85928d08dc0614dce5be4aab748779dfed095d4795fcc592daf391758d7ccf2d9543d4b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jc9ad0k2.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jc9ad0k2.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 1aa127a62fc27cedfe67e2ff597388b7
SHA1 eb1831553ae497bc8f9d41aad7787b9b9d7c9d0d
SHA256 cebe8ab3bce0d46e11f6afde911fc37dd28a685fb8f1df15d1aadd0e7e95f191
SHA512 93cd81de7aeee718a3b9c9d1b972214fc6a96752a1dcaed10a609888d4aed5f0be911122dc01e61fe8fd0c0ecd687c5e588502f2c5c970ff04600628c97b5937

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cf905bae2c6939db6f343361dd7b2b33
SHA1 215154c8f7e08ca37bdacaccfcd598d36a490d0d
SHA256 40378873d7ba27895303a76f5b5c2203f3037b3a0b28e7e298ab2ff9af13e6ec
SHA512 97a75f79cc18cd4030281096cea4dc274d7aad0cad507117cc426ada32b196142cd664889d8de0c225aa13e18161fed4681774249bacd8de6224dad326ee9df9

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jc9ad0k2.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 64a52144f9510b1e08a058166e82afe7
SHA1 4a39fd2b7a1e8ddc73dc9c18f11128cb271239e4
SHA256 b968f4a4231c678ace8ede06e6b40878440c68134fc84a510d30431b40f553c8
SHA512 10b257a5c0ded474ff8c674fc5992ec53bbecc330543b3fb837837f846866ac3448fe830dfce26f561c807681331af2d6509d3d83ef076644f11e4ba5081740f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jc9ad0k2.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jc9ad0k2.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bd4b21d111699b77c966ef7b340dc93f
SHA1 79fb3a8c2b662202bb8a9c2f249c83746eb170a2
SHA256 467c8e0755ce7c04a1c3a6bc5f0a21db1085c6551e9d8b443f7a7870b26722e9
SHA512 6324f0fb2cc9fe8726b3e2faa7e5c39deabed0574ef61ab9dd2403ed26532f9ea94b2795c26d4c595d28aaf5eaaab06948ad24ba2f2a53d9aac18f756a845f3c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 26782fd5cdddffa0cc4a79ed28308c2f
SHA1 fe6ffdebf55089ba69b1d5dca1183e04a97621d2
SHA256 4dc28cf401424f103a80b0c10f89b3092d81791fc0728ff096e02717e6d774ee
SHA512 50bf7aae05f99c9f6c553beac780f6c753b46b13703f0891c2d5971215ea07899e600c1037b399502e652bd423b3ef9b3207517ccc1a8cab6f3eb33cdc5a1a06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 4486f11de53acd185d66dadb8562ae29
SHA1 bd5eb668d5b8cb7b69053aaa53f27d982bb9e6bf
SHA256 1cb1efd5ff163730c975291d4713a9e3ac527c91b2db04243b967ebce1d17d86
SHA512 c093344106f917da9e90f0867702b301edb5e3ce1344a39aaf9ee75aa12b95e0857e86f9d025c50affa471200a107aa92f6250c4792386d4577814db0a70578d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9dfe1c69c0a2065ff1f54430acc5f39d
SHA1 73a8c76d2f9129f0fd03523098e6cecdef3256ba
SHA256 79e4febd7a40b485913baf47967eb805f83209ff5d20d4cd6db02fec775a975e
SHA512 ab4da2a1887cb934a50947336f9a642d0e8eb1f0ada3da21cb4052067e04268b59ddb89689a1f3c729c6c307c628953b5d7dbf99965f94e3b567c2fd7b6442f4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9b19d067718e228b5a528a8b8872b2e1
SHA1 498b4406e15fcb23e36e2135c38e8ffb6bb7099f
SHA256 4f295666ee714931c8e28f178bb56a6e987dd76ccbc1ae106203af2bf57445e7
SHA512 4996bf8866fa920b6f773e8bed146bc91d44e3057c17e202bd9e863df216776df64d29d6a3568799b311335d38fd7430a7d5a120fe33f8cb84bc44b6c80edf9e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5f5ed5b8acb19954d0031f39716226c5
SHA1 d6f6bb3c7ca00d12201b551a615d1c14043d558e
SHA256 4b35e54bd0e2dd3f99e81d4d69a4a0d64ef54cf3b7b1030fccf2ea5fa5bcd264
SHA512 fd7611d3f95077f418477cfee0726af7784d19d8ff1d6f2acaab0306320d0c30a2d7113310a067959230cc7a8014bd0a22ab89aa570e31ef5bd1ed397f81c008

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jc9ad0k2.default-release\sessionstore-backups\recovery.jsonlz4

MD5 b86371be401b636c2e949a22de78b02c
SHA1 e31089cda33ca5eadc4edd8afee7d880d57b3d6e
SHA256 412984d9c1bc0261c176a1ef4aec2b33234b2e58d974886e62e4450437e33e5a
SHA512 be72dc1b33c0fb69452a6a6bee7beae23d2e2d520a20f9d154a679e86fb7caf120579190965ae55e70429c1ec1d90ebfbe0f23888f33034f8bf906292e873805

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e4c671a84a3777733883dd916c14eb02
SHA1 92c1558112e0e7dff5d18244283ef38719605202
SHA256 867a06e34331f17b0d0ce4d92b5d76652f4cde3e6cc1217986937c462ccd8ebf
SHA512 fa9169aea92326d7b9a167cdbe0b82ec6f43b9df853a4467b58ab12e903d94b4cc184615611e1e4f45a0a4bc966967ae1f49dc58382d27c2ad0633fcc590517f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 18b65e813f8b0fe3033ac33a15bef9b4
SHA1 36c41e368fe7a022d383faae8a279fec4e41e1b9
SHA256 9a562fddda5c1541f5078bf311d4a0dbf4f595227adf905e204fcde8e6064f06
SHA512 b261c73f366ef840cd32266535c38901d9e5755e4e7b2d7a20aa258778d3352c90501f233cc3490fc7e7900fb661ceb16d465d00387a7c910144d778355cd5fc