Malware Analysis Report

2024-11-16 15:58

Sample ID 240213-d3grlshf64
Target 9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe
SHA256 9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9
Tags
google phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9

Threat Level: Known bad

The file 9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe was found to be: Known bad.

Malicious Activity Summary

google phishing

Detected google phishing page

Checks computer location settings

AutoIT Executable

Enumerates physical storage devices

Unsigned PE

Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Modifies registry class

Suspicious use of AdjustPrivilegeToken

Checks processor information in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Enumerates system info in registry

Modifies data under HKEY_USERS

Suspicious behavior: EnumeratesProcesses

Suspicious use of WriteProcessMemory

Uses Task Scheduler COM API

Suspicious use of SetWindowsHookEx

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-13 03:31

Signatures

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-13 03:31

Reported

2024-02-13 04:14

Platform

win7-20231129-en

Max time kernel

77s

Max time network

151s

Command Line

"C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe"

Signatures

Detected google phishing page

phishing google

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{0A4F8681-CA26-11EE-834F-6AA5205CD920} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\DOMStorage\facebook.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath = "C:\\Users\\Admin\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\DOMStorage C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{0A4D2521-CA26-11EE-834F-6AA5205CD920} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff6f00000019000000f50400007e020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\DOMStorage\facebook.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath = "C:\\Users\\Admin\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000046332ab722508540bf00312f0a24f1200000000002000000000010660000000100002000000015cb4868f293d88ffe3f758c1398ffd95bde8047cfe9b1f50b9975de6fbf2d4a000000000e8000000002000020000000c13d64c73b7c36ae20681b4b495ca2ecf222e12872285ef970b60b82ebf4c13190000000fed92405f54ec7f5ab7c3421295549a1fb0a900d92b2e780793dd7b0b171266e35a9a8bae9316e38263e3c3177311f369b32ddf8e4927a147ecbdf93f6c3c59be927c9f968edf15d132a912d8913ff214f690b1c2dc936aaed4a0f9037b5d4a1a33840214f7c119caf772f074e53a0a795db237f97e53ca1a04766fbe391c70f7a602b93eccaeb04d58de69cfd1b4f01400000003ccd17116a0e9d5d932c404489ecc6c80b0f130acd39f235ae8ae012566563968893f7524d522c8d2b3fa9baf0ae4a7204f8c851b220ce5f4fba0dea003fd33a C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2972 wrote to memory of 2740 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2972 wrote to memory of 2740 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2972 wrote to memory of 2740 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2972 wrote to memory of 2740 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2972 wrote to memory of 3004 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2972 wrote to memory of 3004 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2972 wrote to memory of 3004 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2972 wrote to memory of 3004 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2972 wrote to memory of 2996 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2972 wrote to memory of 2996 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2972 wrote to memory of 2996 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2972 wrote to memory of 2996 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2972 wrote to memory of 3048 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2972 wrote to memory of 3048 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2972 wrote to memory of 3048 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2972 wrote to memory of 3048 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2740 wrote to memory of 2580 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2740 wrote to memory of 2580 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2740 wrote to memory of 2580 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2740 wrote to memory of 2580 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3048 wrote to memory of 2592 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3048 wrote to memory of 2592 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3048 wrote to memory of 2592 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3048 wrote to memory of 2592 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2996 wrote to memory of 2500 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2996 wrote to memory of 2500 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2996 wrote to memory of 2500 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2996 wrote to memory of 2500 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3004 wrote to memory of 1948 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3004 wrote to memory of 1948 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3004 wrote to memory of 1948 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3004 wrote to memory of 1948 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2972 wrote to memory of 1488 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 1488 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 1488 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 1488 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 2336 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 2336 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 2336 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 2336 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1488 wrote to memory of 1016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1488 wrote to memory of 1016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1488 wrote to memory of 1016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1492 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1492 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2336 wrote to memory of 1492 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 2428 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 2428 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 2428 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 2428 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2428 wrote to memory of 2344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2428 wrote to memory of 2344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2428 wrote to memory of 2344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 1940 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2972 wrote to memory of 1940 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2972 wrote to memory of 1940 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2972 wrote to memory of 1940 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1940 wrote to memory of 1460 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1940 wrote to memory of 1460 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1940 wrote to memory of 1460 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1940 wrote to memory of 1460 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1940 wrote to memory of 1460 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1940 wrote to memory of 1460 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1940 wrote to memory of 1460 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe

"C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.linkedin.com/login

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/video

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2740 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2996 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3048 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3004 CREDAT:275457 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6289758,0x7fef6289768,0x7fef6289778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6289758,0x7fef6289768,0x7fef6289778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6289758,0x7fef6289768,0x7fef6289778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1460.0.150814626\359059149" -parentBuildID 20221007134813 -prefsHandle 1224 -prefMapHandle 1184 -prefsLen 20600 -prefMapSize 233275 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f22bb798-d1ab-469a-98fa-6641dc160a64} 1460 "\\.\pipe\gecko-crash-server-pipe.1460" 1300 102fd058 gpu

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1080 --field-trial-handle=1260,i,3613963417150718403,3383768982254980561,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1376 --field-trial-handle=1468,i,12991615199356041591,5231046601336541255,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1084 --field-trial-handle=1468,i,12991615199356041591,5231046601336541255,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1456 --field-trial-handle=1260,i,3613963417150718403,3383768982254980561,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1580 --field-trial-handle=1468,i,12991615199356041591,5231046601336541255,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1460.1.1186464644\1016505892" -parentBuildID 20221007134813 -prefsHandle 1488 -prefMapHandle 1484 -prefsLen 21461 -prefMapSize 233275 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f9562558-0dcb-43fe-a0d8-d8fce5c87bf5} 1460 "\\.\pipe\gecko-crash-server-pipe.1460" 1500 e71558 socket

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1156 --field-trial-handle=1264,i,17251903189376865895,10114514741292705297,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=1932 --field-trial-handle=1468,i,12991615199356041591,5231046601336541255,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2140 --field-trial-handle=1468,i,12991615199356041591,5231046601336541255,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1480 --field-trial-handle=1264,i,17251903189376865895,10114514741292705297,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2404 --field-trial-handle=1468,i,12991615199356041591,5231046601336541255,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2792 --field-trial-handle=1468,i,12991615199356041591,5231046601336541255,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1460.2.612129009\1771718616" -childID 1 -isForBrowser -prefsHandle 2156 -prefMapHandle 2152 -prefsLen 21499 -prefMapSize 233275 -jsInitHandle 728 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d257459a-196d-4006-a5aa-90784ff5579d} 1460 "\\.\pipe\gecko-crash-server-pipe.1460" 2168 1b469d58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1460.3.1809856158\392826602" -childID 2 -isForBrowser -prefsHandle 2308 -prefMapHandle 2396 -prefsLen 21540 -prefMapSize 233275 -jsInitHandle 728 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7d41e512-aed6-49dc-a0de-355a18d1e57e} 1460 "\\.\pipe\gecko-crash-server-pipe.1460" 2296 1b80ee58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1460.4.687236018\1914517815" -childID 3 -isForBrowser -prefsHandle 3020 -prefMapHandle 3016 -prefsLen 25956 -prefMapSize 233275 -jsInitHandle 728 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {491f5262-7ffe-46c9-8799-da09ad8bff7e} 1460 "\\.\pipe\gecko-crash-server-pipe.1460" 3032 e5cc58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3384 --field-trial-handle=1468,i,12991615199356041591,5231046601336541255,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1656 --field-trial-handle=1468,i,12991615199356041591,5231046601336541255,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=1552 --field-trial-handle=1468,i,12991615199356041591,5231046601336541255,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1460.6.819771716\1859459014" -childID 5 -isForBrowser -prefsHandle 4132 -prefMapHandle 4136 -prefsLen 26212 -prefMapSize 233275 -jsInitHandle 728 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b2573a3a-9570-40ac-9c65-da1c49b58395} 1460 "\\.\pipe\gecko-crash-server-pipe.1460" 4120 21a06e58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1460.7.1814659477\1962533890" -childID 6 -isForBrowser -prefsHandle 4320 -prefMapHandle 4324 -prefsLen 26212 -prefMapSize 233275 -jsInitHandle 728 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {196b93b7-2248-4e38-b41a-a9d787ede9ea} 1460 "\\.\pipe\gecko-crash-server-pipe.1460" 4308 21a06258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1460.5.1153894661\184207841" -childID 4 -isForBrowser -prefsHandle 3872 -prefMapHandle 3892 -prefsLen 26212 -prefMapSize 233275 -jsInitHandle 728 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {09d3cf53-f491-4d30-a8d7-bbd47b20cb88} 1460 "\\.\pipe\gecko-crash-server-pipe.1460" 3124 209f3c58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1460.8.2012778666\2131273134" -childID 7 -isForBrowser -prefsHandle 4464 -prefMapHandle 4208 -prefsLen 26387 -prefMapSize 233275 -jsInitHandle 728 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5f54f8a6-2f27-45bd-9f63-6242d6783f16} 1460 "\\.\pipe\gecko-crash-server-pipe.1460" 4524 1cf9a558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1460.9.571044269\1404541703" -childID 8 -isForBrowser -prefsHandle 4668 -prefMapHandle 4672 -prefsLen 26387 -prefMapSize 233275 -jsInitHandle 728 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bfe6d86a-1904-43ef-9029-59146dd51bc3} 1460 "\\.\pipe\gecko-crash-server-pipe.1460" 4656 1cf9b158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1460.10.794192294\42194396" -parentBuildID 20221007134813 -prefsHandle 4464 -prefMapHandle 4380 -prefsLen 26387 -prefMapSize 233275 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bb9bb7e8-848a-4807-940e-92515bc49d11} 1460 "\\.\pipe\gecko-crash-server-pipe.1460" 4944 23f12558 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1460.11.1609597684\297995223" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 5048 -prefMapHandle 5044 -prefsLen 26387 -prefMapSize 233275 -appDir "C:\Program Files\Mozilla Firefox\browser" - {25d7ffdd-f922-4d79-b27b-f8193d7acf02} 1460 "\\.\pipe\gecko-crash-server-pipe.1460" 5060 1e0d8558 utility

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4404 --field-trial-handle=1468,i,12991615199356041591,5231046601336541255,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1460.12.1388673658\1437379231" -childID 9 -isForBrowser -prefsHandle 5300 -prefMapHandle 5296 -prefsLen 26387 -prefMapSize 233275 -jsInitHandle 728 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7d3cb395-0407-4a03-b201-5c6b6650da09} 1460 "\\.\pipe\gecko-crash-server-pipe.1460" 5312 1d0cdb58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4424 --field-trial-handle=1468,i,12991615199356041591,5231046601336541255,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.linkedin.com udp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
US 8.8.8.8:53 pki.goog udp
US 8.8.8.8:53 pki.goog udp
US 13.107.42.14:443 www.linkedin.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 216.239.32.29:80 pki.goog tcp
US 216.239.32.29:80 pki.goog tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
US 8.8.8.8:53 m.facebook.com udp
US 8.8.8.8:53 static.licdn.com udp
GB 163.70.147.35:443 m.facebook.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.35:443 facebook.com tcp
US 8.8.8.8:53 fbcdn.net udp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
US 8.8.8.8:53 platform.linkedin.com udp
US 152.199.22.144:443 platform.linkedin.com tcp
US 152.199.22.144:443 platform.linkedin.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 fbsbx.com udp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 accounts.youtube.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 92.123.128.167:80 www.bing.com tcp
GB 92.123.128.167:80 www.bing.com tcp
GB 92.123.128.181:80 www.bing.com tcp
GB 92.123.128.167:80 www.bing.com tcp
GB 92.123.128.167:80 www.bing.com tcp
GB 92.123.128.181:80 www.bing.com tcp
GB 92.123.128.167:80 www.bing.com tcp
GB 92.123.128.167:80 www.bing.com tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 location.services.mozilla.com udp
US 44.240.103.52:443 location.services.mozilla.com tcp
US 8.8.8.8:53 locprod2-elb-us-west-2.prod.mozaws.net udp
US 8.8.8.8:53 locprod2-elb-us-west-2.prod.mozaws.net udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
GB 142.250.179.238:443 www.youtube.com tcp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 push.services.mozilla.com udp
US 52.10.159.154:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
GB 142.250.179.238:443 youtube-ui.l.google.com tcp
GB 142.250.179.238:443 youtube-ui.l.google.com tcp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
GB 142.250.179.238:443 youtube-ui.l.google.com udp
GB 157.240.221.35:443 www.facebook.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 157.240.221.35:443 www.facebook.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
GB 142.250.187.246:443 i.ytimg.com tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.187.246:443 i.ytimg.com udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
GB 142.250.187.246:443 i.ytimg.com tcp
GB 142.250.179.238:443 youtube-ui.l.google.com udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net udp
N/A 127.0.0.1:50266 tcp
US 8.8.8.8:53 accounts.google.com udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.prod.mozaws.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
GB 172.217.16.238:443 youtube-ui.l.google.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 34.120.158.37:443 tracking-protection.prod.mozaws.net tcp
US 8.8.8.8:53 accounts.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
US 34.120.158.37:443 tracking-protection.prod.mozaws.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.201.106:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
N/A 127.0.0.1:50358 tcp
GB 216.58.201.106:443 content-autofill.googleapis.com udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 216.58.201.106:443 content-autofill.googleapis.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.200.14:443 play.google.com udp
GB 216.58.201.106:443 jnn-pa.googleapis.com tcp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 216.58.201.106:443 jnn-pa.googleapis.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.234:443 jnn-pa.googleapis.com tcp
GB 142.250.187.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 play.google.com udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 www.facebook.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 172.217.169.78:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1---sn-4g5e6nzl.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com tcp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
DE 172.217.16.131:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 beacons2.gvt2.com udp
US 172.253.113.94:443 beacons2.gvt2.com tcp
US 172.253.113.94:443 beacons2.gvt2.com udp
DE 172.217.16.131:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.179.238:443 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.179.238:443 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 157.240.221.35:443 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.221.35:443 www.facebook.com udp

Files

memory/2972-0-0x0000000000740000-0x0000000000741000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0A4D4C31-CA26-11EE-834F-6AA5205CD920}.dat

MD5 5fd8b800253acfaa2faaed6d3ed499cc
SHA1 53899495a3a3f73d9dba7a8e8625b2679df40254
SHA256 8a330f6a9db056318b4adc0d69f0dbcb124684990fd08764ce74b1b589611736
SHA512 dc45efbceeb3846edc3968077ec5d2c1d584a178adc475a859e2ad9434036d7fa08adea704ecc673cc52bd26873426fe55aa43c2e000d9a5a8155f0e3450c584

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0A4D2521-CA26-11EE-834F-6AA5205CD920}.dat

MD5 8069f8a2af6008df4a2e13bc1dc2d7e0
SHA1 e51bc0004d9eaa369b71accea6712483315d8562
SHA256 16950be7da9499331fd2dc61ee6757438993a61a15adfff5c5886fdc5bef6206
SHA512 e45cd95a3ad31f30539ed431c16c97cc9682fcf3649aa39c839b0fa6628521c55e8b9ff7fe8508ba5abb4ace9725b31149387e4f8eb27df198d292f6e4267c33

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0A4AC3C1-CA26-11EE-834F-6AA5205CD920}.dat

MD5 1c16d251b3fae027625d7137d34f1f66
SHA1 c857c2e26d3d273269499917c2e4235da2b04a67
SHA256 997677e7b3c683b63fdff2f35c6136d42e538d1938f572ca47652dc95703eedd
SHA512 53d1828708e19732e1625232b9b9d39459821e23b9cda8d8a884d6077660308bb222029f2b6c02713dda18fd0155148f4c302095d1e8a353b8d7495451b89f48

C:\Users\Admin\AppData\Local\Temp\CabBB4.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b3948e5de4dfe10a70eccbbef55a01de
SHA1 4fd58d776be84b2e6788543ef083a09453e5cdfc
SHA256 97bee67b44bfd5bb963dc05810fc40590fe864f629bdda3dc4bd661530477455
SHA512 054c605e0b3e83cd89cffe0f9b15b8b39f4895b5bb14c9fbc9c4e73e6ddfd2df6a44271f83e0cc9de8762236259687979358d2e173a4e0f6a11c9af499a6a0aa

C:\Users\Admin\AppData\Local\Temp\TarC32.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c369dd1cda160ef00b7adcf2d11974b4
SHA1 29360526a0ad28dfe4bbb391af56e7479a5f67fe
SHA256 00a8fdd79ffe63f59cd718b4fe944ac8ed624c29ea6fedb0063ae453370b200a
SHA512 d0cb3e94ce77a5a5a2b4a2973391a0155a90fbc7833abe490df0a0056dccf33d35cd83f315591e251b189f54078013dd9452b570ae81c94953b9cb52ec461b7c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4A9377E7E528F7E56B69A81C500ABC24

MD5 3e455215095192e1b75d379fb187298a
SHA1 b1bc968bd4f49d622aa89a81f2150152a41d829c
SHA256 ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99
SHA512 54ba004d5435e8b10531431c392ed99776120d363808137de7eb59030463f863cadd02bdf918f596b6d20964b31725c2363cd7601799caa9360a1c36fe819fbd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4A9377E7E528F7E56B69A81C500ABC24

MD5 e42fd7a2a456894feefbd985f928b1d1
SHA1 fcbad6de14cbd4eeeea3d3e00bc65aec5e194327
SHA256 32f83af5b96c4bb46718c496ebefe80edfa7de05381ccef0706bbc0000c9d536
SHA512 ad5e5b22a17abf234b2ae96392ed45adc6dc1bbebb6b8898c7126028a814b6b2cd935b8273d881f954a3fca27c23dc86fcb4c81477863afd51654c3e008b3ff2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 8f0d436e9cfe8e2fd9ab9a599a8f0924
SHA1 dd410f08a4d46f29db9fa636ce25e6cac410feb0
SHA256 11c6270db3598fb28380963f636ec19753984cc7c7211c392472c094e6ef9459
SHA512 377de5d24fb12aec36ec4a11834ddac5242422b38bf0f23eb3d5a1573e657f0f208cddc8b771935cb44d7e3f6838691abefb2ef5d26b0b82e6133782f81dfffb

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 e6dc563734264c64405515dbd1d2d0a0
SHA1 3990c1321a99f5c1d33dcc0a2b106bc492d67923
SHA256 ca765acf0b8f4004415ec632701b27c061db5472ab03cba918bf24af7739bbe1
SHA512 28d6953dfaab7dc193e5526e8836755b8013d6132391240a269cea441961dab1294903af9bb0e8145a4ee6ceadcc1fde68458eabc3c0fbcd66d2636fb96a95a1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 97bd86f43113cb64ef9dfdf5ef6e5b2a
SHA1 0b8390ff88bbaf48b96f5f81b68e91e5154da2b7
SHA256 96574688b482fa00374aa2b6c062a1a939a951c19affa4d3b1b84487b664b734
SHA512 1b98df961bdd0ace5d7ee566dce19c44c8e1672dd7ce9995ae2e058c82fd833d9cd6c5cf099e6a1282f7464f9301d87f2dc052046a1abf069a470b301637e974

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 403c253a4c108b001ec33ef297c6453e
SHA1 bd1ca791dfd64b06e5d7905c594d763035729538
SHA256 a641fc5c26e8119b8a8013361cd9a826cdcb999eee7af00b926289148ab6768a
SHA512 67663e57c9e2de5362e4003d893a667b55282988f13ec6298a3ccae5271ec4e7daf44c1796d19fa866702ebdc61a46063bb329b1c7582a58c16ef3463310519c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e6e5f8b033837864b69f084b5a82a9fa
SHA1 6d6b82b5850b8646ba37897190db0c1ba82dd942
SHA256 b2a3d12ad20471c6da10bf9cfb45a9af9808781adb290e567499816cc43a659d
SHA512 eaf8fd97dfda3118452cda48149ac88cc4287e9c80fd73bb271dd42ebc5d2a35fb8e050f50ece51c4cf222ad0dca0854b87b1b9c26bc634c4834e0b19d953d74

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 a61d029ff0941719c2767cd19d4fde20
SHA1 0cb452b43598711974c6b4ff0e6630ac13ae5a6d
SHA256 484ff273fa3809c8cc12d4dcdbd470f478892a15538f2f1a3c25d9cb682c760b
SHA512 19dcef9f6fcdcbf76b22f8788f12f029caacc564e5f284a56284aa75563df5056fb12a5fa57643c1d03186d5d0d06e6c00053006c12d4680afa2146402db316a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 a0a3dc5f0e43b06fa700cd63fe27b8b5
SHA1 2b2a658843149d0a845175c331ae2d864b688480
SHA256 efc0b1338ae2ebc4f20a7c0d2a435f3e281db8e487a3758f9c5dc5e993c54347
SHA512 26deea9740b88faa47af00db9bf2f860d43c4e71c291edc9a23f2d0742b1f7fc0a9d7fc5c4a15815b455e9ad8e1694b798cbfda1c677b239b5bdf38d5a9ab23b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 326b49f85abbff45c0955022babc0048
SHA1 2deb9e443a0373ff5cdacb98ba398367376d652d
SHA256 1a0148963351ce052dea3b942920e8e2b1e759d283a9bd9f8339bbebf9a17e0e
SHA512 f2372b7318b86745ff0df0a2135c3934dcdaed77312d6a355f28ac66705e4a0612255b4afdb839ba881b3f0c204998a33a34386767bd086d73615227435b49d7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5325dda72cde52db78b443e2b8c598dd
SHA1 faa2b411952f61cb5a050c3d4d86caa27f44b316
SHA256 2ba87f42af0290b99e51a1423c7418021bc678941c49c1f6fd739cab4885da16
SHA512 23fec4e3393df623e63e3fdb0c09c5abb76b6354630890aac71ad3c492bbd1778abe5d3bcd386282b7955fd6394fc7290247ef15dc6973c458b925a226e142e7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 d55994dcdd4b219be1abcbe56a99720b
SHA1 f4b546a5fc65bcf2b9ab1ad2391f9bae87f36ce4
SHA256 e5db27ee22dbd27b16ed1f10b65ff0e574cabe32a64b64751bfe6239ae241ff8
SHA512 ccd8bb10c7bba2a457eebab07598fcf4e2bed3a4fdb4b5fbfff915a4d4f34ebb744e75e86f4c6967e926885d18a48f6204c2e9722b63b048a63baf3d1e2db60f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 36911f4ad460b425e9989344f25f366b
SHA1 eb66c1021ce66375c79085aaec85069238578ae3
SHA256 1b39d0902be82f3a088427edc03c52af2fcbbeed80b2f5d0f5c3c3d392729bba
SHA512 e076f6d488463f86d8d16375106a47f2553654901de076275596f1c22f99d4c8859d7dcc0469a9a0806b1d1df6a774a7d919f79ca21d1be25bf540091a813016

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 f4acdf5709e68c2728c570229bc50fa2
SHA1 56c1031da4f109867e71c95a4cb31f68b1826930
SHA256 fba78306242f604825eb2a88e42cfa91da547ebc980e17ce3fd17ba1e41c4418
SHA512 2fe2d0d67c727e89a98865e751ba0a6c233ab6d54dbe19a105ea81c6f397a427af69b05a3cc070bf67336c6fb8ce289317fcdeec073d70ab4d52e616ee14cce1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 2577cf77cc7cba7c1b7ea17f2b2dc290
SHA1 838c69909c71e569619dcb7c71da87c24faef1ca
SHA256 6c5528c9f267bd28c3663bc2b1344d220035d73eb6cebd45631f393ad2d9c5e9
SHA512 c788115d47f2bc791ec469b3a7d8557556261f28bd58fc555c5fb3d72926eb73261c5a81915f57ed6e4e68de959dc0301681379e4bcb7a77c804ba3423f4c1d4

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\n7bgnbu\imagestore.dat

MD5 c121d6b6ee084e77683a9b60d41f581d
SHA1 9f5496dc86b53c6558732b1eeb2a2c1ce9c015fd
SHA256 e8c165e90b333c04f344606dea08cc40b2c8c85f4487e9f5967a01a8462abf72
SHA512 5baeb00e9d356b2804982e6213f75aa2d94b055db064fa18b1797144d9eb23842a5d4c45063f903e08ac08dd1091a2f0c4b9cc1509843ade2c19e86b8820ce25

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TH6R5Z04\3m4lyvbs6efg8pyhv7kupo6dh[1].ico

MD5 3d0e5c05903cec0bc8e3fe0cda552745
SHA1 1b513503c65572f0787a14cc71018bd34f11b661
SHA256 42a498dc5f62d81801f8e753fc9a50af5bc1aabda8ab8b2960dce48211d7c023
SHA512 3d95663ac130116961f53cdca380ffc34e4814c52f801df59629ec999db79661b1d1f8b2e35d90f1a5f68ce22cc07e03f8069bd6e593c7614f7a8b0b0c09fa9e

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\n7bgnbu\imagestore.dat

MD5 71dec2266cd4e928c0c6f14e6faa2157
SHA1 b4fb20bdab5f44859fe0e0222e0e188a31fd627b
SHA256 b439334df64229389158e822fcdae81facca5e3183e07aaa508a9eb156fc20e9
SHA512 45d5f0e3aceb57ae9e587c09120a9eceae305f5c737ca1710ae34794d5a46d9ecab02b0ee525cbfc399c4ffe53a01aeebfa0cc9f7c7a4337ecbcbcec04a6e753

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TH6R5Z04\favicon[1].ico

MD5 f2a495d85735b9a0ac65deb19c129985
SHA1 f2e22853e5da3e1017d5e1e319eeefe4f622e8c8
SHA256 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
SHA512 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\WINYFQER\accounts.google[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\141U8VNJ.txt

MD5 fc089317b6bef2bf2b0276649d78456b
SHA1 5d3db8a61814803b378634db00986e10305bccb5
SHA256 d0e73aedc5b222786eba4277d7c4a28f422e951f83ca90c4891049ad7531b769
SHA512 6ca08541e25e6237b7edb37ad0ffcb852f36b95f5f0529084e9d1954023b6e2a8eeea4b47a489009192fc6aaa02d4d24e36092d28ffdac1ca14c12724655639d

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\n7bgnbu\imagestore.dat

MD5 7bfe9d89ace406d635611546093c4d03
SHA1 cf380678f911714584f8b63ac8122977bbc7a6fc
SHA256 4f1d96bbe7e1651a53ae9281f18672ca8a400d3218589a3a8e11b3147117d2d7
SHA512 ec8e56abd967484adbf82fa284f8e34333628a8d0e1ccca9e2ae611031fe533e9590660ea321982f3e466ce909617f82b7ac2c084bdf16d863e360cb600a3012

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y51YN54H\4Kv5U5b1o3f[1].png

MD5 a81a5e7f71ae4153e6f888f1c92e5e11
SHA1 39c3945c30abff65b372a7d8c691178ae9d9eee0
SHA256 2bc7a47889c56ad49f1b8b97385d5a4d212e79bb8a9b30df0665a165f58b273e
SHA512 1df32349b33f6a6fcb1f8b6093abd737fa0638cdd6e3fd90a7e1852bd0e40bc2633cb4e13c4824fb948d1e012e5cb9eed0b038b121404865495d4e57e123db69

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 0b7e0b2b6799bf08b736e3d31e552b07
SHA1 021879c7095d478917625408569c98fa37270ad3
SHA256 8dd40e4f148a1938c2e02b0d5b5f27804e2998093a8a2cb9f015d9982aa2ba6f
SHA512 7161610171d9e6426341a99179550db352e2e78b50fdde4991ad14bea3fb36717c2a47de10e4b545ef1faabda1d700db87355cf31c9f6fc36496c8e72c2a0e4f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TH6R5Z04\favicon[2].ico

MD5 f3418a443e7d841097c714d69ec4bcb8
SHA1 49263695f6b0cdd72f45cf1b775e660fdc36c606
SHA256 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
SHA512 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\n7bgnbu\imagestore.dat

MD5 d6c4c80c48fc8d129631ea1083b52ea6
SHA1 5eedb4279a78415101dcaa7b84f8538fa53d790f
SHA256 501086d749a02881bd8c479cfd02b0b2909b73cf09d11ddf77198978f5b4f7cf
SHA512 83e72d2ad8ac9c8be82e6feff1a19dc35ab0aaa36f75ffa05acbccbb03e6d9cd36bb8e44b34021eeee24001e9bbbe68217bdbc722f9483408592c7859c73bb86

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 0cae0878704dbf16731e7884fea4d64c
SHA1 138fd41b824b890a770bab106126a76ce734b9f3
SHA256 ae288a3ee03d653f73d1119b923767263110a525a953204a5347ae0f88bfda1d
SHA512 3b866dad6393198dd52f3217df29067549cefd1b6b47656b69b825ce1f8ebbc953e25faefbf67491b988207d87ac428dbaef208215c5fd1736cff11f8d318416

C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

MD5 da597791be3b6e732f0bc8b20e38ee62
SHA1 1125c45d285c360542027d7554a5c442288974de
SHA256 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07
SHA512 d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

memory/2972-976-0x0000000000740000-0x0000000000741000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 fd594fb3d522c7a9f8c0fb3a5681ce2d
SHA1 49754d03b252e227e501037d3aafc0833dc55b2c
SHA256 606ae4a11c4621c74b7b28c56ea91c7eed02bdfc9f97b55ac51744b7ec1b52a3
SHA512 8e28213f3d390d706bec610924ddd1158ed1980bd5369c4791d5cb78baa96ebff86f9b647ac1b02b93220117803f539870b037c93aeedcb1a6796ea6b84b3312

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 8549c255650427d618ef18b14dfd2b56
SHA1 8272585186777b344db3960df62b00f570d247f6
SHA256 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512 e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\a8757f69-8176-483a-ad94-9c1f8577a785.tmp

MD5 c687f210f34d55d08394558c5ccf0206
SHA1 603983994dabdb1ed498802c7177af3371b58a15
SHA256 bdaee4353277c00cbaae6831533f15b9edbb813bab9dd9c617f60aab698eb4a8
SHA512 28b6961e624dde1aec906cb720a90676c757d616045d9736a43ca743a5b5dc427e1eb768599a20e248b5124b61a2958f4374c09c9b0d0ae851a8c768e2353e32

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\f93f65d2-3ba8-42a2-ac33-360104676a70.tmp

MD5 ada66106e63e0aa728b7ad1e5420f145
SHA1 b8606b9423f73c805a59f2b0594949492d3b97b5
SHA256 aa4445293df4f41f09ea1eb25113864fd60988f20a8d307c247d7a88f90f85aa
SHA512 5c49e641eaf966b060928078e7e7a8b0ad28c1acb668d3fbf95a643a88315eba7983d248dd0096f77a3803758ca171b92e8a4e31aa41095c42f439061f710a8a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_82FCD36BCC5FD87B35DFF8FF8B1DC2E4

MD5 6c43cbf7220ba6724dc14dd6cd0e29d7
SHA1 714b162429999354895d6fd606214ddd7af00217
SHA256 930d803647608bea8734f02585cc88fd6ee2e62a4b0557e4756159c175919c4c
SHA512 e620d20219e755015b54a4008f7534c497da42eed0cd9371ef9580bd2af6e3369e411f77b20b5907ac3b7203aabd8f123828db54b562ce265648f328788484ee

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 8d3a6a1af8bd6909c1c423d4d5bf0c3d
SHA1 1265338e0dbb5172ff44e2e79648e5a95206a1b8
SHA256 ca578712f2d4dfdb9596700499ca1882ec85566f4455483e87cc22f14969c0d7
SHA512 8a8d478f8942435ef5a8a9cadf3dd248fac279d2acf344927805c1e905e6ff2bb0fd062d05a107686d3e0d7cef6ca0895c0ee162beb61350e381e37f2d2016aa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 f56a3b791b8e4f5e96a169785d0c8ee8
SHA1 2e341ec647c171924976db8a5f87fc6fc20f6b37
SHA256 86c980b455a16f923d7a0ed3531c59241e4a143a2b2993a2679c9a22a9a55694
SHA512 393cee5deb7d1e9e419ca80886c54a98b9c778519d806d07c1dc6589a7d4730016492abbec18d505a78fb4c465631833cac4e41b85f45c058ae9c5a48d8d6b05

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\datareporting\glean\db\data.safe.bin

MD5 923ea6e051c1ccee8fd5af30ef9ed3c2
SHA1 54765d12ca140760737b98c2e39363ac89bd6dde
SHA256 8603a09670c1b37c3d1f7a4424e7475ffff837c7f5c0007bcfec7a75004634b8
SHA512 ad941b706a23795ce4f735b0732f0e44f87c40cf07bb3c71863b055c72a0ed3d96f250924955cce8ec1461d2c6e3a013aec4ea5f066c623da0818ac156832a9b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\datareporting\glean\pending_pings\489d226b-f2ef-4c2f-8204-d96db8fbdd4d

MD5 6529d96c94cd09f6e856169aac11c794
SHA1 aeedb84b4168e3b9731dc39160682a435b618579
SHA256 cbb81878459d48bec4c12876e4222332c04f3150b80adcb68b961d98f5a5a169
SHA512 4fddef0607485d6f94bb05337ef372c226734185378f02152e4f3bdac9b1161118d90574b96ea4e54f776d5e3b29b845dff42650efb6fdf4561bcc982f459196

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\datareporting\glean\pending_pings\a55be128-fcc4-4454-aff4-c136add5a312

MD5 fe3d1a24d8f1f22b1cc4bf125922227d
SHA1 32299a06b0f6103801b32b2c161f832591eb77d2
SHA256 85777fb4648d14094090b40ce4f9c4e2853df9b7121788844980a46b39826247
SHA512 7299130a23517ded3f0d87f24557a2c7724446d3f84bfaac8f5298d1ccdd8870fbc7aa5a7d2137ae8818f3f5590c31bb19f535bfa9f35792b236ed896399f3a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 94c7bc223e216a2b36f2d8b009aa1e10
SHA1 b587a1dd91bb9073dbbef76c84b7343bdb566525
SHA256 a619dfb980454857d6cfdaf05f15799546cfdd1eb8315bb5ad300dbc9b662df7
SHA512 301e33d4407d1c308fc8141e50385e0718b20398fb18f2d07d7777f7b18d44e94acb88346fea183afa94182df5687f02515f94ab71e16fe315a4dee0ab5bac94

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\prefs.js

MD5 36c4304d8851b26f5cb6b2c4bf9c3dc1
SHA1 5af45e7bfa095bdbee31b4426d22ea7c9158cdc3
SHA256 86d7c89636b2e2daf868f231e887a16ed2507f011459c6493c299f41b473cea9
SHA512 bc517733d3ab9a794794f7b5c058831a7f1f0b8618938d82b39e33424e6412e34cd73a63c134b0bea52081f3d1c3cdbd058db99c53034df77fa26335c54d164f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\prefs-1.js

MD5 6361260e679037f54585989c9790af55
SHA1 6423b57298d55462c89fcb1db61b24064bbe19bf
SHA256 e9f1eef2077c08dad7f99ac6f4091f436f0ce73ab51ba61b7934ea0f1d6c267d
SHA512 2f41de8ef5375df7be309eaf92cbce4b1a44590957bdce3523a07a0996a7cec5a0233f7c0f970de267ad65e9f4be20c3887ca78dd028338d2b86bc117d8d8a03

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\sessionstore-backups\recovery.jsonlz4

MD5 d003357938b173bc3f8f692a39358bab
SHA1 8c48e982c1d0a3aab8ec492ff8cf9fed6a3e55e8
SHA256 841f4fee6ccf4d1fce9f9bf2cbb3ae703fe6b5cab837cb577a3ca28fbe01a316
SHA512 721aa3302801dcebebb697be84e107c11fdb024b134f2b85d76cd3a4f5626831d7edb7c5b8024876066b71ce2fde05076962ac614d27bfd7c7f25b297821ed66

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf76983a.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\storage\default\https+++www.youtube.com\cache\morgue\229\{502e8072-bdab-4e5a-8d94-49a1b73fa3e5}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\storage\default\https+++www.youtube.com\idb\3437113113yCt7-%iCt7-%r0e6s0p2o.sqlite

MD5 cceb829861fc0fa0470e5fb42864b14c
SHA1 5dbbd30bec12758837bbc5170755690757ac808a
SHA256 c2361e2d79c63cc21f72e3b8bd394ac14c2c945cdf9c8b173c3fc81cbfb1149a
SHA512 c9514be8f1f61ff11520e6b7eb4ededd6bf62f3f97be903681838e5fdc60da034167cbf10485c3068c8a0de09001b9564ac4866ce3996ca67fa6229d8a58acd4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 614fdf3009310f84a1f6769e8d0c0149
SHA1 0c41a786dd2756915e364ee394016c2fa402b40b
SHA256 e0cad73a0957a7b5720ceb6525e4679f4909396f0e692928f9a513823940698c
SHA512 0cf4db2021b1d3fb6ce43be6916206bb6c38a53c8d2068eaa5505eadc22963277335186def637ad00510edd70f5f06dab61ba811fd4259b75f0cf44c4b12822f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\sessionstore-backups\recovery.jsonlz4

MD5 548f78d75947df56c2d4c4b9128254c4
SHA1 791fa0f288413bfe7823b08feb806c7f494757e1
SHA256 c9198833eb0ba20a5fede9066222c754d0b31f896f7caf37cb71a0145d4122e4
SHA512 e5785112940fcc9e693bede3299de1ddaabd7aeb5069ad96ee1a3444cd33f67649948d268093e9ae721f69e2ba1dae50abdfa98684a1f83327348167a7f59e0f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\olrckem2.default-release\cache2\entries\B3316860430DA0966649580110E85D2FFB7B5A61

MD5 6574492c1f34817c8f17ec5e695181fe
SHA1 cfe5251ea6ca26553b85b4c96eb8d74ec2c7bae2
SHA256 33ea230e5747c7f3c1ada36e6d75200f05cabc59e629389ce96074587eb9c2c7
SHA512 bf32c477fd85f809757ff1c2e7411cbd57f460e4c92a7a2342341aaa752b599ab376bda9edac6d7501f9755b4c02484f9bb8822929fbcb5c20345a6a9d9eda0b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\storage\default\https+++www.youtube.com\cache\morgue\66\{b5f1ab08-1e83-4e2e-9392-7e09daf3a942}.final

MD5 7981f433590b9d8b8a3ddcbd9d4a83ed
SHA1 58944a6101a8cd3e37574d26f2d03638c0fe2b2b
SHA256 097ca92e3fe122231764cb6d23deca18894c83cbd4128b39e925c88c061096b1
SHA512 67e541767b07de4f4a1b88b13c5ae2f0b0df41c09b22648d8681cd7e7cb2cc7d0c15f685f8d6165317fa5956687f46731867892d3e811b78a9b6df2eb3565d4f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\prefs-1.js

MD5 cefaf3551bec1fdf91ceec67b6f927eb
SHA1 2a9f818d9fa6455d1a26ea294c798b8acef73b9d
SHA256 02dd949d020921ebe3bbfdde5b0451c875c6660ce1b1682b554a4018aefa3f22
SHA512 bcd62780472187d4c53d150e15586751370c04bd44418d7d744e5c058a3c11f8b5a39e22f445f78f8574d20f902d74d45d930559c8d480b2dc00a70479505594

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\sessionstore-backups\recovery.jsonlz4

MD5 13e411b2583a1318d01bd40b84cd9d00
SHA1 a7bedff9f0d3f00231fdfadd07122821202e582d
SHA256 a5fd6902e41af1c091ae772dad3d95e50458b3eb29a52f64dc28a1039bacda92
SHA512 16635ceaf7dc9a7d9b811dc67cbb2a5ad835d4fd47549b996b6054634e61dbc900eb1bcd7c3e3a8505e9500630e1c6e0f79bd0b8cd3d0a0a703aa418b06e2453

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 32e71e20960e65a045b6589c1e6664fe
SHA1 997e6d55ee266a7763c231281d5394c3c1489a78
SHA256 5819677745cab3051cf07ff4f801a2b98a7ab29151a8a111979386b380aa88c3
SHA512 1b9cadb508a8327b4ee7759c71f1fce6746d6df362aa116f3bb51a77154fdd5e6f005e980a9571f48927fd226ca697a7c1a23df51cce5f936974118fdbb4fa0c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\5a8398ec-c233-4f25-9645-514f63ebe7df.tmp

MD5 2c322339c7d7a97d7828431c3ceb1c7b
SHA1 ac392044f8d66920b16d158ee87de957ed5597a5
SHA256 83c48fd7e00864359fc8bd17ff016fa074d845c7ea527905aa7a8b827a18b945
SHA512 bc8be4ba378833724d29fa262f20a66a4fddcaca4ddfaef9d8d82c74e452d008bb5c89f5b9e3b77f8e9a41d55f49375ae741218d51330d5797dfa8db89103aa9

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\prefs-1.js

MD5 c8a5a6b93bec73083ec35af00d96ea50
SHA1 65a312e00a8a533c1a4eed084a0276f25704187b
SHA256 df19bd8695a6bc85e1f8fa8ea9a86f6bbe69d8251c54e89071095531a9b73029
SHA512 f4d4729f01e6b6a996e1940b4c1ca8c0fdbee03e03e84911bda1eb1c127098dd55f92fd407803e3420c5be3f31d159d1a012ab877e4d703dae5bd2063aa045b2

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0c8bd2d5b6aed771137ad0dbb08d9c5d
SHA1 225f595a85fdf1a6e9b319fda027c522b31f78e9
SHA256 5a25882ff8693a0e1387a4d02077a4c6c7fb79542ebcdebddff4d40b944f2fc7
SHA512 6c7de556be1c1377d9ce7257fbbfa9cfdcc6d4d699c9cdf7838589ebbf8d8462240d3d3e37e603e439d625ebd853e3e7ad7ba23a295feeaf7fda64e32777afd7

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9092fe4d6547f92bc08c6f3b730aa2f8
SHA1 2e4b61eb8e0412bf7fba3ade6e7b29d367fb81d6
SHA256 d0b04eafca0be4c3a53c9b58af658ef115a749054732c0ae4fa6911b9bbcb273
SHA512 e8c090bc2d7981a14df66715fbc2080f46d53aa1350675523e291a3e4989a086bb9b7df5bb6442279033d956bd2bd9766dff96f4866a7935c3a28608f89c708b

Analysis: behavioral2

Detonation Overview

Submitted

2024-02-13 03:31

Reported

2024-02-13 04:11

Platform

win10v2004-20231215-en

Max time kernel

150s

Max time network

151s

Command Line

"C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133522709715579913" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-768304381-2824894965-3840216961-1000\{CBB82046-FF1A-4D1D-B20C-4B753040887A} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-768304381-2824894965-3840216961-1000\{21B26BFD-BEC9-483D-B20C-45DBED2CCD81} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 5052 wrote to memory of 3092 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5052 wrote to memory of 3092 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 3664 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 3664 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5052 wrote to memory of 3984 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5052 wrote to memory of 3984 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3984 wrote to memory of 1624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3984 wrote to memory of 1624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5052 wrote to memory of 1284 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5052 wrote to memory of 1284 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1284 wrote to memory of 4768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1284 wrote to memory of 4768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5052 wrote to memory of 232 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5052 wrote to memory of 232 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 232 wrote to memory of 3576 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 232 wrote to memory of 3576 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5052 wrote to memory of 1016 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5052 wrote to memory of 1016 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1016 wrote to memory of 3840 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1016 wrote to memory of 3840 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4544 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 4544 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 408 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3092 wrote to memory of 408 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe

"C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9327646f8,0x7ff932764708,0x7ff932764718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.linkedin.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff9327646f8,0x7ff932764708,0x7ff932764718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9327646f8,0x7ff932764708,0x7ff932764718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ff9327646f8,0x7ff932764708,0x7ff932764718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9327646f8,0x7ff932764708,0x7ff932764718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,2565242042702464281,7179041146340448440,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2680 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2565242042702464281,7179041146340448440,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2565242042702464281,7179041146340448440,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,2565242042702464281,7179041146340448440,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,2565242042702464281,7179041146340448440,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9327646f8,0x7ff932764708,0x7ff932764718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,17374060067268843914,960576608240991957,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,17374060067268843914,960576608240991957,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2184 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff9327646f8,0x7ff932764708,0x7ff932764718

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2565242042702464281,7179041146340448440,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3924 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff921a19758,0x7ff921a19768,0x7ff921a19778

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2565242042702464281,7179041146340448440,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4036 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff921a19758,0x7ff921a19768,0x7ff921a19778

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2565242042702464281,7179041146340448440,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4304 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff921a19758,0x7ff921a19768,0x7ff921a19778

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,13678325925102376098,4352277835349688746,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2565242042702464281,7179041146340448440,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4512 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,4115234033024701630,13449352759631921929,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2565242042702464281,7179041146340448440,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4692 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2565242042702464281,7179041146340448440,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4860 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6068.0.721391200\1379753824" -parentBuildID 20221007134813 -prefsHandle 1868 -prefMapHandle 1852 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d7232886-f4c1-41b1-8bdd-5420748f352f} 6068 "\\.\pipe\gecko-crash-server-pipe.6068" 1952 1727f7d8058 gpu

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2565242042702464281,7179041146340448440,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5660 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2565242042702464281,7179041146340448440,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5780 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2172 --field-trial-handle=1876,i,6407300973103768257,1995976769758812575,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1684 --field-trial-handle=1928,i,4850379375956516706,4411095314610732689,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=1876,i,6407300973103768257,1995976769758812575,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1652 --field-trial-handle=1876,i,6407300973103768257,1995976769758812575,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1928,i,4850379375956516706,4411095314610732689,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2976 --field-trial-handle=1876,i,6407300973103768257,1995976769758812575,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2960 --field-trial-handle=1876,i,6407300973103768257,1995976769758812575,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1644 --field-trial-handle=1920,i,15751325861115970453,17377537376152427094,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3912 --field-trial-handle=1876,i,6407300973103768257,1995976769758812575,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3784 --field-trial-handle=1876,i,6407300973103768257,1995976769758812575,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1920,i,15751325861115970453,17377537376152427094,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6068.1.773495060\17239462" -parentBuildID 20221007134813 -prefsHandle 2388 -prefMapHandle 2384 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ea4c830b-d7f9-4a29-80c5-bdac1ebf04b4} 6068 "\\.\pipe\gecko-crash-server-pipe.6068" 2424 1727f2e6b58 socket

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6068.2.617228065\485869673" -childID 1 -isForBrowser -prefsHandle 3092 -prefMapHandle 3132 -prefsLen 21668 -prefMapSize 233444 -jsInitHandle 1060 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {82ae1c31-5045-4a5e-8b67-202c9a28696b} 6068 "\\.\pipe\gecko-crash-server-pipe.6068" 3236 1720a91b458 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6068.3.829170490\1728254464" -childID 2 -isForBrowser -prefsHandle 3204 -prefMapHandle 3196 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1060 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {66961912-3591-4fcb-9ef4-3ba60305afcf} 6068 "\\.\pipe\gecko-crash-server-pipe.6068" 3580 1720b50b958 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6068.4.1802947774\93597696" -childID 3 -isForBrowser -prefsHandle 3704 -prefMapHandle 3708 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1060 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {38b1d055-ecf1-4448-a14f-817e4784d1cf} 6068 "\\.\pipe\gecko-crash-server-pipe.6068" 3664 1720b509858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6068.5.1553799205\1988685242" -childID 4 -isForBrowser -prefsHandle 3896 -prefMapHandle 3900 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1060 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1cc64e88-f521-4db3-95b6-11b3c901cce6} 6068 "\\.\pipe\gecko-crash-server-pipe.6068" 3692 1720b50a458 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4232 --field-trial-handle=1876,i,6407300973103768257,1995976769758812575,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2565242042702464281,7179041146340448440,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5928 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2565242042702464281,7179041146340448440,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6320 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6068.6.97458137\1442533858" -childID 5 -isForBrowser -prefsHandle 4732 -prefMapHandle 4728 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1060 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fd03137b-e51c-4d93-8592-e25270c77e8e} 6068 "\\.\pipe\gecko-crash-server-pipe.6068" 4740 1727fe44258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6068.7.2051828298\688410424" -childID 6 -isForBrowser -prefsHandle 4876 -prefMapHandle 4880 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1060 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {70da5302-b7a3-4783-8e52-e0ac16df7b27} 6068 "\\.\pipe\gecko-crash-server-pipe.6068" 4868 1720c1cb858 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5012 --field-trial-handle=1876,i,6407300973103768257,1995976769758812575,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5520 --field-trial-handle=1876,i,6407300973103768257,1995976769758812575,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2136,2565242042702464281,7179041146340448440,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6208 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2136,2565242042702464281,7179041146340448440,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6744 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5648 --field-trial-handle=1876,i,6407300973103768257,1995976769758812575,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5240 --field-trial-handle=1876,i,6407300973103768257,1995976769758812575,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5976 --field-trial-handle=1876,i,6407300973103768257,1995976769758812575,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5952 --field-trial-handle=1876,i,6407300973103768257,1995976769758812575,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6016 --field-trial-handle=1876,i,6407300973103768257,1995976769758812575,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5828 --field-trial-handle=1876,i,6407300973103768257,1995976769758812575,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2292 --field-trial-handle=1876,i,6407300973103768257,1995976769758812575,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2136,2565242042702464281,7179041146340448440,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7596 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,2565242042702464281,7179041146340448440,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1992 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2316 --field-trial-handle=1876,i,6407300973103768257,1995976769758812575,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 67.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.179.238:443 www.youtube.com udp
US 13.107.42.14:443 www.linkedin.com tcp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
GB 142.250.179.238:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 74.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.187.246:443 i.ytimg.com tcp
US 8.8.8.8:53 static.licdn.com udp
GB 142.250.187.246:443 i.ytimg.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
US 8.8.8.8:53 246.187.250.142.in-addr.arpa udp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
GB 142.250.187.246:443 i.ytimg.com udp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 35.147.70.163.in-addr.arpa udp
GB 163.70.147.35:443 www.facebook.com udp
US 8.8.8.8:53 118.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 35.221.240.157.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
GB 157.240.221.35:443 www.facebook.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
GB 142.250.187.246:443 i.ytimg.com tcp
GB 142.250.179.238:443 www.youtube.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 23.147.70.163.in-addr.arpa udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 16.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.187.202:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
GB 142.250.187.202:443 content-autofill.googleapis.com udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.200.14:443 clients2.google.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 ponf.linkedin.com udp
US 144.2.9.1:443 ponf.linkedin.com tcp
US 8.8.8.8:53 platform.linkedin.com udp
GB 88.221.135.104:443 platform.linkedin.com tcp
US 8.8.8.8:53 1.9.2.144.in-addr.arpa udp
US 8.8.8.8:53 104.135.221.88.in-addr.arpa udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 stun.l.google.com udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 142.250.144.127:19302 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 127.144.250.142.in-addr.arpa udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 rr4---sn-q4flrnek.googlevideo.com udp
GB 142.250.179.238:443 www.youtube.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
N/A 127.0.0.1:51506 tcp
US 8.8.8.8:53 rr4---sn-q4flrnek.googlevideo.com udp
N/A 127.0.0.1:53379 tcp
GB 142.250.200.14:443 play.google.com tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 142.250.200.14:443 play.google.com tcp
GB 163.70.147.35:443 star-mini.c10r.facebook.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 163.70.147.35:443 star-mini.c10r.facebook.com tcp
GB 163.70.147.35:443 star-mini.c10r.facebook.com tcp
GB 163.70.147.35:443 star-mini.c10r.facebook.com tcp
GB 163.70.147.35:443 star-mini.c10r.facebook.com tcp
GB 163.70.147.35:443 star-mini.c10r.facebook.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
US 8.8.8.8:53 youtube.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 www.facebook.com udp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 rr4---sn-q4flrnek.googlevideo.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 127.144.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 142.250.200.14:443 play.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 beacons4.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.179.238:443 www.youtube.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 www.facebook.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 142.250.179.238:443 www.youtube.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 beacons5.gvt2.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
GB 142.250.187.238:443 youtube.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 beacons5.gvt3.com udp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
DE 216.58.206.35:443 beacons5.gvt3.com tcp
DE 216.58.206.35:443 beacons5.gvt3.com tcp
US 8.8.8.8:53 35.206.58.216.in-addr.arpa udp
US 8.8.8.8:53 beacons.gvt2.com udp
GB 172.217.169.35:443 beacons.gvt2.com tcp
GB 172.217.169.35:443 beacons.gvt2.com tcp
GB 172.217.169.35:443 beacons.gvt2.com tcp
US 8.8.8.8:53 35.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 180.178.17.96.in-addr.arpa udp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.187.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 234.187.250.142.in-addr.arpa udp
GB 142.250.187.234:443 jnn-pa.googleapis.com udp
GB 142.250.178.4:443 www.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a57cb6ac4537c6701c0a83e024364f8a
SHA1 97346a9182b087f8189e79f50756d41cd615aa08
SHA256 fe6ad41335afdcf3f5ff3e94830818f70796174b5201c9ee94f236335098eff8
SHA512 8d59de8b0378f4d0619c4a267585d6bfd8c9276919d98c444f1dbb8dec0fab09b767e87db972244726af904df3e9decbff5f3bb5c4c06a9e2536f4c1874cd2f2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 5e77545b7e1c504b2f5ce7c5cc2ce1fe
SHA1 d81a6af13cf31fa410b85471e4509124ebeaff7e
SHA256 cbb617cd6cde793f367df016b200d35ce3c521ab901bbcb52928576bb180bc11
SHA512 cbc65c61334a8b18ece79acdb30a4af80aa9448c3edc3902b00eb48fd5038bf6013d1f3f6436c1bcb637e78c485ae8e352839ca3c9ddf7e45b3b82d23b0e6e37

\??\pipe\LOCAL\crashpad_3092_CMUWVBUKJKDMTZEY

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 cc4425234e8dee7dc70c31be89318b5b
SHA1 0c13acaa2d37efc8f910646f324fa4c65b070a7c
SHA256 6670e576c97510e09c64d124d6520888087f31e6b35bb355b0b49f866efed258
SHA512 22656a69cc0e4064bf8c7461486c1d000954228551aed8b668e3fd84469c518f2a187171252ff6cd74716d3af878283f544e51481187a6d1599a96957c2e7a38

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 31039a985a33187bad7b2e2486325a47
SHA1 1cb8392e9a8e56f86c13786938e7ca6742d9be1a
SHA256 aa429a6002caa14451f207209fe3398a3604b8eb92f49317c434b4be2512e62f
SHA512 e9b9a01f4050acdb5abee51c60b568938ecf1d0ce19ce68fc9eea9a734e9eeccec2e8ea80f67a67d8907ae30cdae28243bdf9f7448b4b387418b37536fec341d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 da720017583df8212fd69f8fcd7b6b6e
SHA1 0ea9e35cd6c6dd27a9601b0ec3a30cc8283dd738
SHA256 7ae143ff4808674a468026efd4944dc2007b3f6424ad789d88c0a3d31a625e1a
SHA512 4f526d979a5e772bc7cc8692fec922332ab8aa932573f93225dcb7908b55f42daeddf3f9d4b54ee47b042843d82483caee91a0273bdded58dc2a41b60b4ce0d4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 75d7193585ed9d6b2a12de1b902c64a9
SHA1 d216036187897bc2597ba9ecacd11568c6efc0f6
SHA256 7f670c372f8ca5ad881806fbd863177f3e67ac8db8215be24010394b41eb48f4
SHA512 cf7867c036f86148f1c75e47a427aba016743f465c36f5ccd5d45343ff568a6cd2e4b3e03ed05922ea10af22fbcbd6d6528cabc7e1eb21cb5c493a2b8510f886

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 175fbe0d8e36eb5351378c33918f1dbe
SHA1 4b890a760278a9fdabc4811184e08d6a91bb5de5
SHA256 71e1166264d990b9a100ccf939408360f76971999a9cc77716bd2dd0f9474539
SHA512 f7bf2bae1ee610e65d6b56c506a51cd18f23036d405ad2f7a218f6234f032eea6193814b6a97fbb341bdf469908cb8c40bb9060b0939f3de9972d5ea780392c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0f5aaecce18e8ea99111e1f9168195ff
SHA1 bd0192164b41b7e23194807603d527bea9f2cba9
SHA256 2e16f1d15223ebcd9bde476d67d1c4a5365eebe1864a6de334177a4efc3fc486
SHA512 b47a75b1813d3b3a00663a00ce6658d65ab00c82a1987163f27c37c2a05184bfa3b98e13fb07d1c9c26f518978d2946b996887e26a33d368fa71be20885345a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1a97cd8d5a984db862da37210eac140c
SHA1 43f58559f14197bc121321322a353495a2012993
SHA256 7bae8976c2ee43c55d7f98ddf3ca259daade97b1403492abe55c396c0463d95a
SHA512 d34586984fbcd16a291013fc33c1c68301b0f142dc59d290b07a94f28a8c87b0a756f31f2b1a3ade780fa4a38e3831c1fd2b73543beacf79aef0fbe90b8dee54

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0d8dfa11c2065ac7102d7840cdec1b53
SHA1 2d07df75aef5a21b15083a91ddc65f5ec42b249e
SHA256 e7288731e386b666c49c6c1ac234599a3b5a489b9a25b7222dd17a238e688b8e
SHA512 07d9be1875c8d1dc67555d429d0f5767ec1f225d11bcbb8ea5fa492e9f18e735239835dda44f4d0ff1ffcba742645e832510d8849fbb26622bd237efaf3719ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 490fa1463fb964ba1c66694944cec946
SHA1 a8fe48c58439e339e31d5f80bd8056a7ff281fb3
SHA256 099c68e8848fe673b8f07b6eeab1682d75daeca4325b69c0ca995ee44601f8a5
SHA512 b458af43c71bd05bbc7e16de5f98b672d178addfc848291871b636e69fb2b22bd99a5e2a5c504d4d524cf231b5a5a7e68de4e93760809a349209cb11be9c0691

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 8549c255650427d618ef18b14dfd2b56
SHA1 8272585186777b344db3960df62b00f570d247f6
SHA256 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512 e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\sessionstore-backups\recovery.jsonlz4

MD5 a78809853c9b96a92af0be01f047d958
SHA1 5aad563328e307e8c7ea9053362d273e81e938dc
SHA256 e552f40d9a054e5601e1ab3ed510f830789ae3c9d65bce27d666eb6f4a47a778
SHA512 1f3c5d2fb27842043a0c167292f07af84ed35f9ce284497847805faf5c734337c6564ec15e43d4359a2da8a596a4662238911a888206f073c2f81ebd8c07d96c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6c4f9907f5010fc6699b695bf2c9efb4
SHA1 b68acfb44cb2a88a24bdb3a67407381aeee82335
SHA256 561d43266311a05d28c248e5c2ccfc7c12e593c053259293ca6ef6a41969b942
SHA512 5cd0d14bcf842997b92ae6e7a536bd12a1a8f8ade5ca7c665fcd4e5867cb01262c1ff6ffe221c674573cd37a833c434902572a812f4703662309c9956a606398

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 7a204d478c8dfe822bf86f9103bbd9b3
SHA1 7114b36ea1588d9372d730b2ee5dec7a3aee36d1
SHA256 d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb
SHA512 f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6f6d0c5ff87d62b791be9555624992d7
SHA1 1d919a815b93d767cfbc6135ef493bd82b528aa7
SHA256 036221ff7ed724adf002a3f9d3073aeb7cdc8728bc3c53db4e805c3d56f6ccb9
SHA512 dc4cce133ad7b343736140226c6e4ad5bc29442973a38830e4e637a5c0b7360db84da1e4d26eeaa943616a1c34efe0739a5a57c08ca38c3c26caa4b88b49f145

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 5c666f6ee1124ca75e0401a2c397219c
SHA1 67a3035f837ebb80d8d497c390c58e13fdc951f1
SHA256 7599abf57bf5610a7b3d4a8741adecf8a6889e6b41149c4f720b94de4ec438da
SHA512 6dc9cd7e37b7b1583b1071a53f25646620f2dcb8d985d4511d629f5443ab07cb2578ff3a612ac8995bf840098275455ba46eb0a790e429c3e0d3d8eb80b5fde6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1e21e117d3938714ba61c4ab1c0d852b
SHA1 c5ec14dd5d19e069908dc1532771f5460cd6e053
SHA256 dec32f683efbb4e75d2a3cc1261e7e6234bdd383261a2cec2e4f98e9ee0285d7
SHA512 77e921576e0ccd48bac60e4f1421e38955291ad0347cbadda89b9cabc5a5739ba80e84520ea7126b8ad026e121bd0de1a8364410cb3d659e4fb36bb06dd84eda

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 6db2d2ceb22a030bd1caa72b32cfbf98
SHA1 fe50f35e60f88624a28b93b8a76be1377957618b
SHA256 7b22b0b16088ab7f7d6f938d7cfe9ae807856662ce3a63e7de6c8107186853e4
SHA512 d5a67a394003f559c98e1a1e9e31c2d473d04cc075b08bb0aab115ce42744da536895df2cec73fa54fc36f38d38e4906680cfacfbf4698ee925f1609fbb07912

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f745c6c1b321b11f9f8787b5500bd72d
SHA1 2af091d2a77d8d21912d03d358a08a0e6fb3be0c
SHA256 ebce6645f5854db05a63a8189fe3992bd9d295c712af5bdca431c151b0447320
SHA512 3b842d7d781bc3b85b09cb8f198c4a70541f9d912fbdc085bc7287936a3d3dd6d02dc641d2a5d97dd9440cd922263e763eb7dc9fd2d808ae07fedd112c956d1f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\cache2\entries\F96A1A8368D3C3DD1FA81D170326E6C1C65D342F

MD5 e1d51a306d399e8fd16f5b8b95127ce2
SHA1 8c95aba4e58fb6b0e6bc4501624ea40eccba2112
SHA256 5a73ed7725545025b7672cab05413fe6f41f60307fd7ec650e9ee4b24432ae64
SHA512 6eec80b3eac42d88447e7716dee81a74a5d8e3d11dac5ae9a4a94548d28116b0ad31ad198e12128a14451a948ef6fad3f796594818cac36843f29b20d27dcf3f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

MD5 564f4e31447f8d950a57b20285a7da8e
SHA1 488eedbb61ff56ee7412e2cab5243d4ba148efc0
SHA256 838ecb39912dcda957d8cb2c4f93768a164a898948a3b439b44876874330279c
SHA512 fd00d3703c80ddcebdde87b3c9090f01df5c44c6d608e383cb7cf4f6ea391448c2deb47ef83460193284862e0786b6dfae726065d156bb2697cd03a58af01dff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

MD5 f900acdff8ff4902779b6aa5fe8e1255
SHA1 dff6d34d1ff62da793fc64efe4d6ce69694d1fee
SHA256 5db080996d9db12bb0b75f9e06418287e1eef408368dc6ad748a838f0091690b
SHA512 1360293daeb3cac3f85e3709bff298e1e5f0583489acd0aaae10a941b78983e058ac228b6d75cfbd5125d8c12eeb8d8bdf09f85ead3787baff522e4383d69e4c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\prefs.js

MD5 e5118a71aa17b77eb49b035f8f304224
SHA1 267c3bd2cfdbcc48c5bf1b8c84f8633f34ff329e
SHA256 c5a93f0abf604a43bd1c40b8a797568cf08c169d693d32277debf9622f52b381
SHA512 b0fdbe5b393330831e6df0239e0018ab4b7efb358e35b116b6922609900b80f080c4f5d0b7fa93db5a655e231721ffaf7b7114e96ee262ed066af7f4c8cf35dc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

MD5 5785e1f5903e9e13f36007a96d8386be
SHA1 0f251706691964b6b792c13234b90b3ad543735c
SHA256 009329b87858d9054bc3ec5606a271d0bb75711a7e080a1c0c9c8a6dc603d64c
SHA512 a9395b6122fdb12a111f46ac9cbcc62d8d8163d9abdfeab60278bc4d9dbc168e7b20d211d3761f2849bbe228ee53fa444224b6d94e076aebdf512ea7fdac957c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

MD5 946d5825a6f8b9ca2ff40476b1f57111
SHA1 ce5076d7e3ae393de12b389efd52b36dda0cf752
SHA256 68ad42d53d8f31e9da15b9f76b216745ad5850ea14fe35f692fc0d7dd0d0fd45
SHA512 947723466296a005b9b2ad13c011a2863732eb7aa0f9551f01b0b85cfc97e3d3311ab83c307c7ee3646f8e65ec2663fc476f549e46e5a6f766d734bdf5868c89

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

MD5 48a1f77ccf0f523f5c2864f20fc9c4e6
SHA1 a97d896b97804750932a9e8444f7a65cfbb295a2
SHA256 0097fe392f2479647d8c9f3840c7ac49f8296b1908bf0e99722a86f223037ed8
SHA512 e89189bc54043bb14f6535b55ba9aec1f27cc36defeaa5274e5f22acc50854bd9b34073a41649a4cbd66abf456bca5b1a695354bc4de3569c9bba9a494e05098

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 b411e7fe5b20eb58689e9b36cf05a283
SHA1 9c4c072e0970ae88687f7df5eab633168a81f1a8
SHA256 8f47ce9571bbcc0ffac3a50cc2170739e0d241429d82a9f08c08c8e947fa7bd4
SHA512 c6d161190643617c2af0c0cbf203897956dcef6d3d921d59632afd0440e6c00f29c6940621bca093765d32d2cad361bd09877f03f4a400bee69295224c5c8248

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 5f5efdd040f2922daca602ce7b40d81b
SHA1 046975b03c432c1c82ad08e11ba0f62bb02c30b3
SHA256 cc31388d7013dc8778c15d6acf297704502252661efecd4e55bea7dbc2be1a16
SHA512 fd371cc68a32eeed0696a41dc3c451a3d58054199c14a627547b8707b5d1b572024dd52d843a4cf8ff01776caf9010ad3db60e78ce74c2bf4e8564e6bd605c8b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\2a8a4ea0-c460-4589-9fb6-59f897523686.tmp

MD5 b032f0c8a26f3a32f089931909115031
SHA1 61229b93f998412dffb353ebe0205e53973040c7
SHA256 3249d5b311a6d28faa4674d05f74b9a67b1aa8074a998b877571bc94c4937760
SHA512 7a540e22c6d4dd4be44eea33444673180e05fd4a45398b078e0e233878237f7a51a5510925e2e386b938ade09b514e3858eecd7ebd7605d795e9633398b0ba51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 b485213cd8c8e6ffc8873b2b0ac54c98
SHA1 5b254e171084c0a6fe4015b8eedf71ee2d5d8915
SHA256 694f17dc3b365b498cd9daa706379a927d59285528c88429302a61ba650bfbfd
SHA512 3180eb7d41db1f678fba81ce6b456be2bec7717c5ef614b83aac78cac7c4a9bac04d7b7e0801201204f68a32499f3246b5bca99e01f0b2575f1a6ce66b2b46bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 63920b301a0969e4feb6ac870f99fa29
SHA1 738393a169fb989bc0cdd099172fb0a0b21b84b6
SHA256 314d4f341916761723de6ee5d83f2c8fc85fc00a484b0366e907f77367fa88f2
SHA512 ffd6daa1139424d20dce7bf3eff347361663ad63b91b7a547d7d0f1c8504d62ca2569543eab107ff177227d8dafc1b77d6f7fd6dab8e73d01ac6dd6c46764cb7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

MD5 d1a0d8504b6a46215e2a4cf521ddb7b5
SHA1 3d6e16808a1e17ccdaca99f37ed30468391c62e0
SHA256 cb357178d5e09917800b0669d958b5517c4f8b322c01f2adeca3ea7fa4e707c1
SHA512 2ee68d71b04a78e1bc353f66daaeac1ab9f2e1119d7b6974571f8ef1a7a20fc1ea3903f3d90f3feffe7d820339abed4a26cabb230ddba3baa415309daad2d570

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\cache2\entries\967A2F1B96722BA7A1E25347A9086C7667DF3C61

MD5 fcc157cc3aeebbecccd50c88577bf259
SHA1 3fd7697e82bc5bbf850956e1c2c3d5ec1621ef3a
SHA256 b1138c51e927a03e2d205d11f9396beb4b221c48c632b41874d0b897ae3228f8
SHA512 094294b56a267004f47301b79b85851eb01c4c355b6b4c15c251d13b1e2898c09f1d5c86ff1d46ec4a8773f925b784039d24bbef16e4fb1278e88a68140570f5

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\cache2\entries\15EDEF29650D758897E738A3C3DFFADCF8E3DDD2

MD5 b959e63205411cb7b035d48e936613b2
SHA1 30295f46c976bd69a49baef43d96407c8e660c3e
SHA256 89765ad3924b8f1181c291ae9a003930e574d299952c1976dd3e9405a0052ace
SHA512 bbd8c991e2c680f7e5ff72b85fbf76dec3e780d9136bbb1f0db530443350d61bd34771aa3583d66cd1087f8530d4dd6c177815b9795de0be1c60892217d0b43e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\cache2\entries\0BA951CDB4DFB73E7794ADA447F16757550E9D60

MD5 a5b4d37625069218aebb360f0097a684
SHA1 3f07fd2871359a241b4f2cb921624dbbff2cca5a
SHA256 032bb64b2e1abdfb9e8b70b54359b3a053b5d0551a267dc4860696cb490b18fe
SHA512 d1569892c5e4525913955fdda2e9e749f5445957c464c26052c7f4c4ccaea657b8b77a0d81fe0340ce5f8857ff0508bd304502b6fb65e5aca19b8cea33a7c8e9

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\cache2\entries\AB7DA7E0FDF06FAB6B51D321741F1CF65D4F3833

MD5 3931204d03dc3410aa46cce68fdd4367
SHA1 5c72ae39c52233212290d588bc3daa1039abe596
SHA256 2ac03240ac0d8d34f621466e638eadaf6e2586a3ffd00f03b48f7a1de46ac605
SHA512 913a022da63cc6ed5edf318019e30b105d83d0ef5c18bb07b96ad35200f5a838424b0b61ac382674c21920459e234e20c21e32a697c7746108aaa0773748873e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

MD5 c53fa95f889faa800d7a4648eaba5531
SHA1 657471773e08d46c6d1bf37085e8ed6a3ef036ff
SHA256 2c16279241a435edbd767f49f828f040d18f40ffd679d363c40fa81021821b13
SHA512 47080d1f950ee79798c77b0d97eb366e576f5c7affc7e9b878396fcb878cb81e6a95936a28351ea006b4416eebec64256a551131b56c4ffc6303a83c83bc2176

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

MD5 e684bcd79ef03b90019568b29e05a52d
SHA1 ee3e739e4e64b44fb089c48c16e010833cf7678c
SHA256 37d1d4cd91d4e20d4f20e3548e220d138659711ff11f51dc3d7064851151ec1e
SHA512 00c6170c1f9f423ed56dbe5c0ad342040771c066b37196b5e04355678d6b72f924fad9c0d7932cc9c9050157809b12c406024d728de259aa9b52b4105337a674

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 d4bc4397cc408d1553dd47cbbec23b9f
SHA1 622e33f46ff1688ae0fcf7602ad89a5f5e69c8f0
SHA256 6ab0083bedeeec578fb35e21560d2b9bb110f28ae6b32cb8c79dc7a1d6d9cc31
SHA512 672eeb002ab524be8c06e7c48857fbefa8d950f3e13f8b93e137da6d0c07d80df6f9bc308015755f3764f93d71d2587f678ba1e9766e2626b6018c9f027942fc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

MD5 a7d020971edee484ea885fc4616e9b94
SHA1 8886c765643c22961bac6d7b2c3c8ecc81b06bb2
SHA256 b883ef00d35c211c6e80e81e27765a3a13cdc958461edb8c2c04841a8a6a44c5
SHA512 57532c64e20bd6e59771a201e5c35d821092813d6838b13752ea2f85fdcbe02cd22b2d318a4aa0f154e1490f89d6f7e5d20adf7211829c1e052fd5d7ffeb5972

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

MD5 8b4e81a4567d0cd25527dbf0df606baa
SHA1 012205594ef41525f128c15329eae2a1fb157df1
SHA256 ba6a68bcedb0d03473013084d7c70aad7c21011393331f98c18e8784c990bcdc
SHA512 3705093cb08cb0344727fb26c7e144c8e6bffd46f983917506a2c0fd7597180b10984640963ed261206d22459fd114e9cb13cdc79de8b5da687b8074772766d0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\sessionstore-backups\recovery.jsonlz4

MD5 6627913fea588141f357aeaa0573dbed
SHA1 972d82285f570cbcc594c654b537baaebce2e28a
SHA256 25008257b24fa23131a8a249c9cdbb953c5352fdea2791bf0ca73f75600c45f7
SHA512 62afd8d580ee7cdf0188dd1b9afca22d0271e4c4f1190c9200a2fa0d596e6e0cdc04f4f32db09a8436e2dab64acd9bea990876fbe17163a8fbf4ff9a420314d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

MD5 2efe732da132b815ebdb45e61f1baf05
SHA1 12d135e908ae982f4c62665c4eb2d2d9912795dd
SHA256 f99627f0d1bb86eedbc0cb49ab8edf2e4e9be79b4c4782cf1aa0ab6f3818c4bb
SHA512 ecb7badc41c3c2890e5fcca48859ab1bfa9cb50bfda1d59d461407bd6d754eb1fa4f434459c91fdbcf42adb531b545e0ac24f8f79ebc726f373aaf43916ec834

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\cache2\entries\2025FBBA85D974958F09A65C98F4D5FAC1C3E966

MD5 f418cc17bc76cf1d891884d05c9eaeb7
SHA1 6b4e52abb8685280aa526a0bdb4263a19c2f5cff
SHA256 a1237cb2c023b2ec5b7530f1bcf0d715784b84d3533266a1ea2665fe4492da15
SHA512 749c09d7e7d3462939ec8867c4873fef4f97302e7c53ea4e7d0222c20b0e6837a86168df24e8786d7f913c1598b868f39215b3057fdb1515d858d65193ef93f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 291fad9df018daaf69cfb35e0de6b3ca
SHA1 3ce961512c4c3c5a3696b564a0e4fa146099bcd5
SHA256 9b85a18d63f345c56da13179951753c88bbc8d7b71dd1078cd6d4d356646e88a
SHA512 249f5c31c953b733cd7067514eae9a787f1cd7f701a6d8fb6d45e6dea1f466495c4793c9b5bfb6c087c51d56840962068beaedafbe34db6ce0a0f011b936086a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1848f4b30907f60a186cfb7d92be57d5
SHA1 567a817131c78462f70a42839ef5311dafc5cfc5
SHA256 3ad226cd67062a8ff8758e54cbad87332a02cfd2c5edcb35b9e38d1e88e384bc
SHA512 5a18ca15652845e0f99999a8578a590393e415c0a75ac9cebff9e4c7bbc95e92f8e9be0bbb9549092bf4c0cd2b1c07fdcd7dddb3235f56da83524e77e1f11e01

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e26b3fdbec239a6429f6a7728531503b
SHA1 24b6eec94bfd6c18e30d4a1cdda62c0f1fa001b6
SHA256 5e7932ca1917c33b1fd2cddf5860ce448b67edc8a8704e3dce52c1fc155f3804
SHA512 58652230c8dad893b44cf34d9c0892d9eb58793f7a5aa05460b4b580d4a0c7b09f29891f57823348a93112e981b65dd766c2ad94681a23f346d3aac396bf2acf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57bab5.TMP

MD5 12a47d855578cb35b62994c41a5fc0a2
SHA1 8865597432f7a56aa6e1dadbc41fda0d857e8463
SHA256 84eef9336d8fee87e3b33fd054422ca13c7e4ec916280e4a8587ea9c348d8342
SHA512 8ce32afafbab018c389ee5fbf3483649e7bc1ad946e3d750377f7e39702395f309570cb8357fcde14539c5f914aad001c6f23240f9072c53a0475087f227d94c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 feb8680f4cc6c71f75b080f816d34ee2
SHA1 062c996ecaa9b440452ea0de98bc6033d19938be
SHA256 f28b0c241256db57a28887cece9309afbd3ccce2dd524b21c1e26a3a914edeb0
SHA512 1037f47ced690cff5d8f61d66cada7a6b601fc71fa0dd1419cc3a9e5641f311a46b03937d0cf9153b2f8c06c20863820e17ffb2b4b9552c3c589b45cb2040a82

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 0d92d03e44df953ffdbe935873bb1623
SHA1 5695996b72dfe93288b93420a9a6537deeef9a9c
SHA256 dbe9570b88cef6dc37c8b1c084174642b6cf41c9d0b4f65e9df722dc000d76c8
SHA512 bbab23ba10b9a05cc9a7b95ddc9f11a0c3cfcffb0a4f2514e66e75b80f8937e646b4856af91bf36abbf46a2fce2173aba1ee899a352527656cfa1f9d27e84541

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 6bf750bed1099db2c83401e48eb363c3
SHA1 68fae81d6e42b7cb8756cfbce6a99df02b141e41
SHA256 0a58c87dc09e82e4fd9d2f428dc46db9b5e55770f821e93f19576516e157dc41
SHA512 08a7537ad70dd555153edce90c070dce94073e23662aae2bcac1180dd4b8f0aacc44746d9d8d45e74a6c87a529c6e9cba29ea831dcd30138c1f30647dc9b7011

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 79dc432bee3572d6feaae48fd7d91667
SHA1 a2210ed192b293dea6318ccc88551da23f58bf56
SHA256 e951ebd163c010dda8b9a8f7db29de3e0482b78bcd02499fa4e5c0ebbdb75399
SHA512 663f6fc49ac857d61b68dd8d07bed4b93a207910ce381dcbb9090dff59da11de795f23c291f9379026e2ef168ec7d96b9c9b7cb31402ea5723eb651c7d10d09a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 744d68a1ca6466a2cc03cf23af2ec6ff
SHA1 6b42630ba2f75ab97e55aac76929f52ee740dae3
SHA256 d40993fa6be3223c8b437cb877f2ebc33002b516b1b258f533b775f6490f3e81
SHA512 14ac316e07ba1a4a578e09e2a3e06bca27ba21ab1508fe230d8533a379fa1367ac4ec2b3a08a792e398749d964e24cc4e87989678f64611159c48b014e9f2171

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57c4c7.TMP

MD5 84d3f89b375cb9213610f9f980f4592f
SHA1 bcbb85f98e37dccf8177fae0edc83ab20592e19c
SHA256 e8c16c400307eaaf6e57c3384572ded1571f76a5ceb7e766d626ad3b4e18fe96
SHA512 da16a531e7274f38fff2fcc81ae681946f83a5114e88cfa16ade00ad9a4e671891c6858d1bf3887680230c65146189fa74d44540d7b1367074ad0d32852f89e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\0ab13ac9-b6f6-4b28-b64e-292c2aabc4a0\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 a4cb96a7411a7fd1201aac643b0be734
SHA1 f5643cd8db338e897ef19bf578ef93d63c7c18be
SHA256 903b73a40050721d345c57716bcc088c25a7f4b39172c18c90045e0cab77ab73
SHA512 1863fc0582b64ab49b5c64e53e5223b369ce6ae0792cfd8713d0ff77272c99f69987151cebcee7244abba3b590037f5ad233e3086995b32d13eecb97b693f8c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 dade8792e9e796867d019e4e8f2187ab
SHA1 78f56012b323070b31cc8412c0cb6c1f614c2db9
SHA256 7538e0beeec03a2521c8af342d84cd9e09d99cfad6ec6af2e471dbd363df6866
SHA512 5424465bdc953c703dffbad311c2fb12fe9a518eeee1de12200e67d0505e2b3604813dd70e3b8de341dac3744da3aabed7ba5d632129acfe583e7872a955de14

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old~RFe57d06f.TMP

MD5 f00d4ec27dcc250342306687225271a2
SHA1 d780ed039ed4b106253ad66e63135ab0c10feb86
SHA256 a93e8609702a81bc22554b7df79f74c24ea5e7a83c4463b148d2a39c804a5054
SHA512 d8c69c09cbb75819b08c5d675ac23c7a8e50a5665cbd7aad51c9245a6b9c76efb329b7dec44123bf91a50b907d3960461b0858620c35428bd617b05c6f98791e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6742ab60e6fd876c7c74a503b83c429f
SHA1 a5747e665d9c7b5701bc8b672f3f4772337806ae
SHA256 b1bcd5f372f56f8a67247e9bf0fd971ccb4d39ed0ff28f4329c810cfffc5317f
SHA512 509ccfc482f689b73ce7833d9e7d49ad7eb531b33707f7a7c3efcc641ed33e4d598f7dffa8bcbefb6eae8257e2f1c61f8f5ff3026f964af9f9f2db1101310875

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\sessionstore-backups\recovery.jsonlz4

MD5 19f0a34087d25641826cd19844bfc404
SHA1 79fa33e3bf44241c32c861376b21b1e53b7a6aec
SHA256 a8ad213b315126444d18211541810f8564edb5cd04cd93cf57ce8d4d8219747a
SHA512 eb22c20fbe71b429dd6cd9b4c28679c25882ae412f9e826c86ac134b37353377a7f5b8fb25190080fd40d4a420f42a8fa2823bdebaeab5500f2b4034e46c4964

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 1133ad982d8ca4ee9db72f87768a77e7
SHA1 1ca26bde11bbd9a084f2a5e9a3823864d066c543
SHA256 632539d748a3df718471812303f1112d342dc3f7ec96b51e72a46dd2e6461eaf
SHA512 293fa5a67daee3cf2df65c5faa2347cd78bbf2be53a7116cbb6226b1dd5b06b120e6b03af81d26394d438d55ef70cc2bb3788515b649c060558a37acdf3cc11f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 d43c776063c665339058a1ea46c14a56
SHA1 4373a861390032147263e9fce572469b1a5c4235
SHA256 eb4b46da87f4f48a6d2330c2ca24e5ee8f911e20ad414058398b28b12c050f7e
SHA512 3fd5ebb770d223ee1b372cf20eb95518bc5421a9f95812ba05133a215c700a097ee2fbe6016622a6b9082e62215b1bffd00ee36f67f3b46e76addc3eeaaa5a04

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6ac5868cb9d1ca599187f43ab4766ee1
SHA1 6a7be77999ef66c8396cae3991ca67dd69a5a6f6
SHA256 580b5ebf2befd760a753194758cdf0a0ab1385fe146b75af23945cf182416bf7
SHA512 c7fb85648865b44899b3e0a55b8813f0f6d321effd369b58dbd093ea4259eac2425e5a62552a1fc01eca3d52a554720e117b8293c4cb25681f7b824b928cdc35

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9639ebf39fb5f832c05d6d9bb3daba11
SHA1 80013b5b828015cdb332ba63d2a130718ed01a82
SHA256 62058ef4d6086f7862ea3af2edff72f14b98da95d292babccc39925c78547d5f
SHA512 f005e2da383a68df32aa49266c1ad1a673550f1ff3282c57d49c869891c2f690d0da2c4a945a85eb6ee74036c4c60e60144182b59d7b0a77e6b93384771c064d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 8cfd1c8620845c951ba81fc0c9ccdfaa
SHA1 8ebd0cdc46be653576e73aded75eb576e07c9823
SHA256 85ccf2c3971483f2f6a7051b8d51a1e99d382097e65628bb5b13f813e7fed19d
SHA512 8aa59572d0faa8c7f6b54d2465d12ce089e797e00bb3d8ed2bfbe99f7433e91c9e30ed60fbbc3448c7ae89ff6fa32e2037b411f951d6a09121f326d903973248

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 297a55702f973f699fe2dcbe91650118
SHA1 55e8e38f5020e42b85c4505560615a926dd32770
SHA256 6bb17ca84945f08d6c8d6c33d4fb72db63fb4ff7d9e815dd8f3d31fccd5b92cf
SHA512 f4d0a9f520b9e2581cb1370c3b5d7706d532042ab5bca7d7cb0df16bbd56d2248cc1b4edddaeb41dc7ad97310e22047fa3f06280d77aa01fb39e2b782f42f737

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 39f5f7b82884097b83aa76bec996cf7c
SHA1 fe8172f0d3dcdc788b0cfcbfad6eb6990e1e88c4
SHA256 8458ddad600b03f978ce4aad137833c09f8f740729c7f864fc2c1178ae3c9f2c
SHA512 8e529621760b08e17147bd34c517faf198311caed1326b253bbefb7db4bc63c08ffddf5cfb7145b44ab3a48d5eab00725a068ebd8d2164758a3edf70e238fbc0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d729bcacb659c7df88e0f19fec2c171f
SHA1 1f3700d79b1b27fb1649485be566ee326b219fcd
SHA256 e88d7759bce960506b0becadd40d2afe3ced75e4773ab1018e6b4cb43ecb8157
SHA512 af7cd3bbd828f60babb150ba32536afa2b6f432a0fcc658fcddd4bd514ed191ae684d92ca5ade6759f3374e37f19fd9d599cdea2d363e639600957cb40102065

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 bf3cdb35f1a409516c47aa9a291557b1
SHA1 85de2a7d0e509449ce841dacf5aa1d93cb724813
SHA256 a378ddb35c30795203e97f29b787b7d7ec0171e2cd6dbbcb6c9056713abb3daa
SHA512 f5995322d595f71b3d5c4b14a6c38f18de5f9a5414cad61d7e272bd06999e718ab2420e868e90abf56cff50a068e0dddee100c2f71c078700bf814ce1184c02d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 b17becccd22ef948c27510720b409c45
SHA1 f9eb41295b4a53f4e8a37e49534fb12a7281b4fd
SHA256 3ff31ee6a9dbc080ad5e15bf0a934ec107237c019e7ab3bd18ac151c3b817e11
SHA512 909d1fbeaaf1140d061f84d3d4267e0498f74561127da222e3d323309ab8ba1afcf265c03789f74e146a6f2c1ca96941dd91a11a3968ebd1f061cec9c348bb69

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 f4fc4343f334832530663d48156ea2c7
SHA1 c46fccdd2231e626f9c330e185b6c8826cb10dfa
SHA256 11cf191a8d986a674c8d1ec64cba509faf6254d23a2b562261a13ada4ca07b00
SHA512 6cebad0037c08532d0a0dffe24f7a885b97fd526f70acce48b9634a00dfef6f7010c6e68f327af797a2ea8024f7e35d8766e734847c82bd7b00dbd5879449b65

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9fd42bb61c7ee8347159dc884a6e9427
SHA1 86c48261518deb72abab9a3f4ff6b9a6293d030e
SHA256 e57d048d534b5b07906668094fe564edfa20e4260ae480783efc6f47acf7765a
SHA512 ae93184b1a1c0d9f55bc04c97ee8e72754d318b65ce3808d72bcc70961aab31714908cb46287963b3b16d6d24b81630a678f6f567280520c1b379f4c60d777e1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 520d1ec36d4fb4a07ebba6225d541b00
SHA1 e98c3daa41c81a9b7ed943905fe3e844a07a4634
SHA256 bbb771034f5189f74c75c33b375c8ddf8e41b563ba2eb163073fae78e7c0fbd1
SHA512 9e8dc79bb5bb7c01a7a75a8997d21e6cfa951d240ef87f2fbc3ff3138e05db50336797532892d75c1a4641583de1801d9f54d9c0ef2f50db44f571f4514fd24c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a7269d686988447c21009681008feeb5
SHA1 ec8005527b1b4274d66562052bc6bcd25a27680a
SHA256 b2c67d2eb47871b51c87d2e3504843f2f960b9e82166aa9b146a8b998976cf8b
SHA512 07b2cd70ea313ee51b3de6577a7b849bc30c5f6555ebc76a31ef579db6b537901b9d041543ba3dc4452c5a67f38838e2490d8b5a47a78fccfaf0e4511e8055c2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 5fcf0ee07507015f0de2911d88f17a46
SHA1 77f30b929765bad17c3101ca1804117055fdc997
SHA256 11f8829f595084b34fec6672e544b5f0f1ad164aa13a12e23e634eb012b77050
SHA512 bcaf957908df87b1e2523f290c712fcb4e362598f25307e20ce0fbf5ccc433ac96fbd225a89f72364b4452e3c3a6157e92df18e97553939c48b5cd058d375070

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 71d338e450e50e0ff38e3e94448defa0
SHA1 f385ddea4e46a30572dcc338b4c676252c65a8ea
SHA256 220ceb151861ba26f3e33438d9ca9b5bd01858b9eeca67bfe02b82e8f41179db
SHA512 6fd660f2e2397ea4db3ca50b70164d115fbf2a367d285fe53a718af925d7e1fb9deb919f69504d32b125a48732742142786af48cc6ab9b20b5a536476cf3810a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 55615cf855c0b24968d12fac7ab39cec
SHA1 51da14e70a6f037251381a4d95d561fc3492ea9f
SHA256 f67bcb44bb3174aed52845e03462150fc3ee2e0d0a942dba62338ac3f623b74e
SHA512 c87a748bd2393b74fd3933336c60eeb848efa5b23689578c05de3a07ef084fd5ce5d0be1149311f71273c58b86fd0bf4adf9d2b44b7b6a743e24c20d8818a385

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 f3896e38fa4426c691a8981e9bf3a460
SHA1 5f8578f6434bd894f270ec4b36f2c3d29ca90b65
SHA256 f0db3a39fd561e0f9fc169783ab692e4d8aaa10521926d97856c732a4482bb35
SHA512 32d9a861c247f034ececb20a1a83daa0e45a59e0fb1d53c17f28a5216dafbb00d98aab99e0e81bd9486627fee867ccecef9a829f7def14017c98844b9df51159

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 3de24478f6992c95cc06ad2b8f34b9c8
SHA1 4152cd180e3abedd3342dd7caaa086e3ffc0bff8
SHA256 88d7bda0e788f6885cb16aec400a83e05285a1765bd51b79e2eabdfa17b7e7b7
SHA512 75162a2f35f897d4654066e611fdcd409a3cf10cc906bdcfcf36d39f5d71c9f204a58a58eba2f9c0f50012576b00f71a01c90ec7cac7be3f21b50b43d330dabf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe589c4b.TMP

MD5 cbae0ce32e81bc13b052b7e9bfff2d91
SHA1 9cc50b90eec7607acbec38ef51223b91d4c57cea
SHA256 1137defc45e5b5a80c338e9b4720f7bbe0e1292f3c48e67220a9e6bfb43c5b9f
SHA512 184f9f5bd5e6b3da85d0f4389502b485e9336bf8cd8c3cbf009316d95c6a3a91eddaddba30194499367f750d49ecad3e9381af778f296a5c25baf014049e968e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 b82a258e0ef37ce04540e2d7793c79a2
SHA1 1c5f70e94eaec374c90206e57261126d10b2c5e3
SHA256 053da0c4762d9689c00148b805881b54432207a21733a4fef6019f84698b0604
SHA512 91457f30c402560fede7c5fdb081733786060a11b5ae548464be69c231ae5f5e9f43b92765a6e533eaca84fbf75021090357931a22f229378a42046b4669aad9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 90d0201dd5dd3e1735a7f289922bb2e7
SHA1 6d974c5aa74f98e00447372e3c9b19dc4324a273
SHA256 190d164ba483d30a0ac281b8a16a7cf0986d42453297c7767619450930e1cf43
SHA512 e00f02585bfc3ebee13e2c0d47dfeebdb4e05fa3f2746bd9f997ce9a1229beba643c637a19118cb073d7e0fa9fe1ac0e34999a9f71b8fb41a7206c9f08fa5e78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 57eb594c9bb8a0ef6f20d1393e3e4b8a
SHA1 9e245d4a0d675915a9b2dda6ef5fd26902c2a4dd
SHA256 18c149fe163c90b5757a6596d630dc8a36d6cd73c0474792330f1d6b74d717d9
SHA512 b09abe2221273ac0ca10be7fe589b79f700f539d22211a40d71239f146cad710bde7571b07483c081b3bb3ebd6451c91ec43046582b5e82bf4132718520959aa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 bf7791e13fc5371e8db8b6d541b1f824
SHA1 845cad6878c2c5a33cd4288097e3d4bf45f3cd93
SHA256 9077c6f544ff3bca3c74b7fbffdd8c1dfd136b92812b25780a885da389d439c0
SHA512 93880dd3ca4e688e99bc29e88d2c604573395d1f8f27e1c055f8e7d016aeaed406d0f2476ab162a4da152b1eb125ddd6cb27034adcc748c313694cfe1d50835c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 1bcb9f5a905682557cebf2f9449ae680
SHA1 71acf7cf0da7d78f8523d7b56e31f64ad399be5d
SHA256 7ee35a40eb62899b065bd4552f5fd95cd484ed2cda1c709f26312db93ae27745
SHA512 efb040d3bcda80e1ad69d251f31c757b29393d863d249ef27c50b11b2c7e50bcafcdd01aa2888a4b8dc38633d964d143447b7994713fd91817f7b31ffd94dd50

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7b1e97833d5f0ed00cdcdae466102700
SHA1 3c000dcf2919a39b10ccd7b728164543f9afc004
SHA256 26cffcd353f38917bec5dc5c500b0c69296b408b59388e10bad865e2877d264a
SHA512 d0e11267a020768a7b880187e547f3261d2d0160b877f29ec9662544de1b4d28490439cc7b27e7dbdc456ae6aeda65193ee1d6d0e4ab2ddbbab654b4f5ade69d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 0537f5eb5c0c0579db095bb875bc3be7
SHA1 8ef353d39d2f51b2140d880ca44b808f224022dd
SHA256 8257818b12103bd3d9ccd9cd8127b25f34744e73d187bbd0d0a36f6532315803
SHA512 5b86efeaa9c8adc4ba09f321e4bfb5813a03b95bfa7f40358f313c3c5c91c3eb1c006d0aeb44c1396b6b0a457dc9391efd478d3ac689639b8ff236dddeabdb48

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 2e2ac30ee8454d0f13d27bbc8a6062e0
SHA1 e1079b14872e6069556e50a75aea0dc702771d58
SHA256 476a343779700c2cbc329f469e07c1e152db2d6a2615675a4217f97b86516e02
SHA512 38d9c83b308809f1f989042937e046ac2a764ef78895e22098a207adbafd00aebf4e707cb6a79209d38069272ebc1f593a9866cdd5f24084c90a5d6119c96e6b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 8c4ff86237040349744d0df4a8f3dbe9
SHA1 4b95b49790cdb5d1bda9e8edaac9ab773740eba9
SHA256 1145cf922d5be72da1296cd32c995941f6b06ebba38ddaa65bfdb0c45645b8cc
SHA512 3b675a433efd1825dc64d9fbae6ca7269cc2a15b5b6b692e4976304f991987a8254d4ba3d68a845bef40de93a85a688219437ddc12540f2139866e0009f692b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 7ebc1ac326009bad5ac7a9b1bf15f12f
SHA1 2119178fd3d6647d72a3cffc850337f44087d6b1
SHA256 5152f7cf2d1df2a0f20acfacdc1b83bab1cc9182a050611b71e6dba55f02654c
SHA512 165d44a568a0b5ae6b90253876f1101200398795e5de976813ad78516ced965c819cd683fa5f7d70f1213a9ab57398ec5411d619650813c1fa4090fe6796032c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

MD5 40565ae77bdd56c5065c3040f299cbd3
SHA1 326505677956a0caa2d8c422b300e510a0c44099
SHA256 a366a1cec37da47e00204083349df8c8ab365b666391bad9298ffeb692539ad7
SHA512 630930aff08acd9b76e3267597fbcd35cc74f4faf0180d8b164896b8ea0fa487f92cd054f0ba3382dfcfafd8a29d7b202ba4c291c6be3f2900cc4f64963d62c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 eee3b80cb9bafc2e8119abb340c511d9
SHA1 f31d1cd7183c1b4421eb0590d8f95f62d49de6d8
SHA256 35226de8f085e1cf5cbf82c5642d9f97070f9fb0a85a633b0b588dfd99d5f2f7
SHA512 ccfd58d06010d2c8c4b3777fc146b5aa5d4021d00111cb6032f1fd4e2efc9a511f15d6a0f514bf323d2689f41d1b21c2fb6afb408ec76a00aea0dd98cf44dbef

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 16936538ec50234090435409d8453d6f
SHA1 a8c2b50c98528cde25b5acf71f924f6b182758ee
SHA256 810796f96ae15a65f119a0b44ae8bc1503be77cbc2b3ed00a18bac6e12b2cce9
SHA512 5ca3e50358d5b2f0a1275de8afe213b8221b569c80084e30dcea66260c0f556e2a306d1656e3505edc67d181be07e60bace8c4c52aec111823ae60e2da8a1b13

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 dcbe24feb1187e4c9b39076e87865428
SHA1 fd187bc10e12feefdd5c2f8fd14cb7fff5d9e34d
SHA256 4d239aa9e978c1fbdb660dd9da646035ee77c1e85b2081ff6c190fd14c900f36
SHA512 86abcb578e4ab6fc95893a1f52e943ca4ce12700b78558508f21df2185033714339b9a7f89590693ee7a4e8c940a4f34b5d4a5c4e4d78b153d7ee276d72b8096

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 81caf8d3d37f991f51c88fefd33fb4e9
SHA1 708ce92e1e9b475d1904d32efb2b26df48df1f3d
SHA256 ed51a8536ac790b678f3ef97056e59492aa016feb9cd21a72519aab5df666fb8
SHA512 8416cdc349f43db108fc3ed708235a45369ba2464b459f3aac501671fe8cbbdc043d2686892e93ea95a47407da0bd2b9884ce51671936dbf1f277d6ea9229683

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 04c8364f55bb3039164bb97d093042ff
SHA1 644077824de51b23b6502a3b3cbfc02939198db6
SHA256 e827b4e035f9b6560ac44f9bbe6bf92fe696d95588d18254a8593329567fe89c
SHA512 771769ee7acd18f1a4f02ceb2fb5be31f91a8eeee121cde6108228ed3598e8365c8bf963e97a250f38f51a9cce72b82dcd0f01820c981e7fad1ead3783c45e13

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 83efc240dd7a92dcefe6816008afabf9
SHA1 d2597e7aedaa3e076a46403453165524ae1b3da7
SHA256 69875275ddc4950157ee273d3d446bc04a128e04f95505392c43b72e38b6dca2
SHA512 0f525170129bae0ef8d192bbf951bdc29d96073d41c5363c7e992894d6d50dbe6612c310ef70f2c5eb404f74eed80a99a507a48aa52d20ba4f49694caa768e7e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 4c0ab846b8f9799f16dafddfc4b7bb6b
SHA1 b295e30aa30b89bf8fc4a2ada706f993c7d0c587
SHA256 6d2e63995f284f57460994c6bf3bafc46b81e0e24a927790360f8dae03eb1d12
SHA512 75684d81759a30a7d2207068b9cb20dab8bbdc932a08616c28ed45f278d0d24fb5f64da23fed9ecec55acf2c6853545e8431e5ad7e92a58356bf061f8573f979

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e18b11e27b0d92977b27661d2e051a35
SHA1 c0225efb46912053bb232ede1cc263edfab8ca07
SHA256 34a8e050265680582221937bb384cc7cd8a4e85e0511560969a2383f4f403911
SHA512 d557ef5f59c8394a491298138e9f5dbf9613a32ae8d3b65869b1f1aac13fa96d3e0d5a1c9c3555aff71b7490901988e7da45fee1cfd84b445fbfedacc712a84b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 cd9a031c27609a01b559bc9f21aa62fe
SHA1 6b308ffc64965c30768ab6c45464a051b24afd1a
SHA256 e58ddf683abe1e72fc6a255d7e8f994da9b9fec12df2690c10d39714eb7f3a5c
SHA512 2b110beffb1d4f916347fb92c98dc7279ad5cf81560cc6b36d49f75289fa75273fc6a5d8d99d1516bbb9bf6a253ffffce52a50d8d19bc57464d9c07eeef1a122

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 4d3b8089b5874f986f2d1218a796e0e9
SHA1 496e3ee3a4adc6cbd309fd97909c20d93807d2fe
SHA256 80e79becc6d6bcff08b7709474283dc821e2f9a0c476c4c564e39c23d1400091
SHA512 6885b1b718fe4f6b943e57b463f7d74a01b95f4e11854631064e0197cbfcaf8bb355c6d3ee260893d4d69973746094127f834416ce9193c44fa3979ebaf5bf12