Malware Analysis Report

2024-11-16 15:56

Sample ID 240213-d3jwzagc9y
Target 9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe
SHA256 9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9
Tags
google phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9

Threat Level: Known bad

The file 9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe was found to be: Known bad.

Malicious Activity Summary

google phishing

Detected google phishing page

Checks computer location settings

AutoIT Executable

Unsigned PE

Enumerates physical storage devices

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

Checks processor information in registry

Enumerates system info in registry

Modifies Internet Explorer settings

Modifies registry class

Uses Task Scheduler COM API

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-13 03:31

Signatures

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-13 03:31

Reported

2024-02-13 07:14

Platform

win7-20231129-en

Max time kernel

44s

Max time network

150s

Command Line

"C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe"

Signatures

Detected google phishing page

phishing google

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\facebook.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c0b39af74b5eda01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff5600000000000000dc04000065020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com\ = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{21D57621-CA3F-11EE-8221-D669B05BD432} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath = "C:\\Users\\Admin\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath = "C:\\Users\\Admin\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000033b2baa7c38bc34eb000abaaaac06d780000000002000000000010660000000100002000000029ca153885f9def5b22c4335077790e753e090a4340eae213e1e3d5a16295bd9000000000e80000000020000200000007a65ed60bcd019d1f15a0fb100b51b1af74d3dc29ab776491466b4da45ca94a9900000009ef030fc406da84d5d800b80d8d850aa0045589cd0f8ed377d31052255d1c412add199f56b1a8d1624659302a68fb0a785bb6480593f1fde42e4981f1c0128c8b2309a6a83ad99f0d98991680cdba6d06b0d5e11ec349118c1c5e291d9cd160820b7741ef945965b9348a7dde9386c528921ea5f7702d4014c5b7089dcefd0147e0b69187ef9cd253e83e507f9cf284e400000007e0a5d780a862a27107cac683a6beef82795e9a04e5d82cb65b136d47531218289a5d1eb5072dacace8257ee8d64e32680c645eaaed2de2f694f9118e022fc26 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000033b2baa7c38bc34eb000abaaaac06d780000000002000000000010660000000100002000000057a4bf209f75d74d45c5d48fa080357ae843ba8d023c043c41ffc413c5291477000000000e8000000002000020000000f0c88bb6ced1ee55e579d5c1a0256e63dc00a68aadf8f71eec737c4e574544df20000000a137b97d5ad94c935771c812dac32f960338b2ad177599fd795f4265abfcdc8e4000000089347f8a4e33d300fada254500de0145345850f4935974811524c143a12bbab3c7d46a42297a14b47a02fd1f556e7f953a29d71676afddcfd9687d1046484f7c C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1848 wrote to memory of 2040 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1848 wrote to memory of 2040 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1848 wrote to memory of 2040 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1848 wrote to memory of 2040 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1848 wrote to memory of 2148 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1848 wrote to memory of 2148 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1848 wrote to memory of 2148 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1848 wrote to memory of 2148 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1848 wrote to memory of 2144 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1848 wrote to memory of 2144 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1848 wrote to memory of 2144 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1848 wrote to memory of 2144 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1848 wrote to memory of 2516 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1848 wrote to memory of 2516 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1848 wrote to memory of 2516 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1848 wrote to memory of 2516 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2040 wrote to memory of 2592 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2040 wrote to memory of 2592 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2040 wrote to memory of 2592 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2040 wrote to memory of 2592 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2148 wrote to memory of 2648 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2148 wrote to memory of 2648 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2148 wrote to memory of 2648 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2148 wrote to memory of 2648 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2144 wrote to memory of 2456 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2144 wrote to memory of 2456 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2144 wrote to memory of 2456 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2144 wrote to memory of 2456 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2516 wrote to memory of 2600 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2516 wrote to memory of 2600 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2516 wrote to memory of 2600 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2516 wrote to memory of 2600 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1848 wrote to memory of 2364 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1848 wrote to memory of 2364 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1848 wrote to memory of 2364 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1848 wrote to memory of 2364 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1848 wrote to memory of 1544 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1848 wrote to memory of 1544 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1848 wrote to memory of 1544 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1848 wrote to memory of 1544 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1848 wrote to memory of 1788 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1848 wrote to memory of 1788 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1848 wrote to memory of 1788 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1848 wrote to memory of 1788 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1544 wrote to memory of 1756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1544 wrote to memory of 1756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1544 wrote to memory of 1756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2364 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2364 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2364 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1848 wrote to memory of 900 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1848 wrote to memory of 900 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1848 wrote to memory of 900 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1848 wrote to memory of 900 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1788 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1788 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1788 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1848 wrote to memory of 2084 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1848 wrote to memory of 2084 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1848 wrote to memory of 2084 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1848 wrote to memory of 2084 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 900 wrote to memory of 1456 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 900 wrote to memory of 1456 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 900 wrote to memory of 1456 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe

"C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.linkedin.com/login

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/video

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2040 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2148 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2144 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2516 CREDAT:275457 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef74a9758,0x7fef74a9768,0x7fef74a9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef74a9758,0x7fef74a9768,0x7fef74a9778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef74a9758,0x7fef74a9768,0x7fef74a9778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2084.0.2004380907\10245112" -parentBuildID 20221007134813 -prefsHandle 1220 -prefMapHandle 1184 -prefsLen 20600 -prefMapSize 233275 -appDir "C:\Program Files\Mozilla Firefox\browser" - {96d58225-76fa-4697-b81f-e7cd7170ad5a} 2084 "\\.\pipe\gecko-crash-server-pipe.2084" 1296 104fc358 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2084.1.5713334\602659932" -parentBuildID 20221007134813 -prefsHandle 1484 -prefMapHandle 1480 -prefsLen 21461 -prefMapSize 233275 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fac0cad1-4e90-47cc-9eca-cb3b4321fb30} 2084 "\\.\pipe\gecko-crash-server-pipe.2084" 1512 f3edf58 socket

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1104 --field-trial-handle=1248,i,2926391749746409837,9905991149805306444,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1064 --field-trial-handle=1228,i,11531378090626661454,11079295960413724517,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1184 --field-trial-handle=1228,i,15342528322091734466,13268136685916981516,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1452 --field-trial-handle=1228,i,15342528322091734466,13268136685916981516,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1492 --field-trial-handle=1248,i,2926391749746409837,9905991149805306444,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1504 --field-trial-handle=1228,i,11531378090626661454,11079295960413724517,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1452 --field-trial-handle=1228,i,11531378090626661454,11079295960413724517,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2188 --field-trial-handle=1228,i,11531378090626661454,11079295960413724517,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2084.2.114239355\1110844270" -childID 1 -isForBrowser -prefsHandle 2680 -prefMapHandle 2676 -prefsLen 21499 -prefMapSize 233275 -jsInitHandle 568 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2e6bd44c-a1a2-45a8-89a6-6a40661af640} 2084 "\\.\pipe\gecko-crash-server-pipe.2084" 2692 1ab6e558 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2196 --field-trial-handle=1228,i,11531378090626661454,11079295960413724517,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2452 --field-trial-handle=1228,i,11531378090626661454,11079295960413724517,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2484 --field-trial-handle=1228,i,11531378090626661454,11079295960413724517,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1240 --field-trial-handle=1228,i,11531378090626661454,11079295960413724517,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2084.3.795299570\1034141252" -childID 2 -isForBrowser -prefsHandle 2284 -prefMapHandle 2280 -prefsLen 25956 -prefMapSize 233275 -jsInitHandle 568 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {64f8d655-1e9a-4507-aadd-9b10b100a558} 2084 "\\.\pipe\gecko-crash-server-pipe.2084" 2292 1cdae358 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3104 --field-trial-handle=1228,i,11531378090626661454,11079295960413724517,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3356 --field-trial-handle=1228,i,11531378090626661454,11079295960413724517,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2084.6.1793194408\801837567" -childID 5 -isForBrowser -prefsHandle 4036 -prefMapHandle 4040 -prefsLen 26212 -prefMapSize 233275 -jsInitHandle 568 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7eb68cb4-bf36-4c00-bc7b-0ac3949e71b1} 2084 "\\.\pipe\gecko-crash-server-pipe.2084" 4024 1fe2e058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2084.5.265398638\1925076084" -childID 4 -isForBrowser -prefsHandle 3868 -prefMapHandle 3872 -prefsLen 26212 -prefMapSize 233275 -jsInitHandle 568 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {88a7e29a-d5f0-4a6d-b879-026a1d132586} 2084 "\\.\pipe\gecko-crash-server-pipe.2084" 3852 1fde8b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2084.4.2035513029\693896487" -childID 3 -isForBrowser -prefsHandle 3732 -prefMapHandle 3720 -prefsLen 26212 -prefMapSize 233275 -jsInitHandle 568 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {83c297c1-e98a-47d7-a9fc-b97985be0358} 2084 "\\.\pipe\gecko-crash-server-pipe.2084" 3748 20b09658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2084.8.1562284567\492610221" -childID 7 -isForBrowser -prefsHandle 4396 -prefMapHandle 4400 -prefsLen 26387 -prefMapSize 233275 -jsInitHandle 568 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ce0c88e8-c55b-41ef-99dc-e501d45dac62} 2084 "\\.\pipe\gecko-crash-server-pipe.2084" 4384 1d985858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2084.7.509037611\803708367" -childID 6 -isForBrowser -prefsHandle 3872 -prefMapHandle 3704 -prefsLen 26387 -prefMapSize 233275 -jsInitHandle 568 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1c4fddc1-5378-49ee-a67d-18a0560d4051} 2084 "\\.\pipe\gecko-crash-server-pipe.2084" 3760 1d984f58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4212 --field-trial-handle=1228,i,11531378090626661454,11079295960413724517,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4336 --field-trial-handle=1228,i,11531378090626661454,11079295960413724517,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2084.9.664439812\1832766209" -parentBuildID 20221007134813 -prefsHandle 4656 -prefMapHandle 4760 -prefsLen 26387 -prefMapSize 233275 -appDir "C:\Program Files\Mozilla Firefox\browser" - {480a8440-3219-47d6-8e10-3478fc7817d7} 2084 "\\.\pipe\gecko-crash-server-pipe.2084" 4464 22909e58 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2084.10.1260834784\1089571411" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 4888 -prefMapHandle 4884 -prefsLen 26387 -prefMapSize 233275 -appDir "C:\Program Files\Mozilla Firefox\browser" - {43f58b57-aa22-41d5-bd6f-e4dd55ccd6f7} 2084 "\\.\pipe\gecko-crash-server-pipe.2084" 4900 e60458 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2084.11.753124767\1327993149" -childID 8 -isForBrowser -prefsHandle 3696 -prefMapHandle 4400 -prefsLen 26387 -prefMapSize 233275 -jsInitHandle 568 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {094fbde3-63cf-4e81-b137-bfdc1e477414} 2084 "\\.\pipe\gecko-crash-server-pipe.2084" 3956 21ce9f58 tab

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
US 13.107.42.14:443 www.linkedin.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
GB 142.250.187.206:443 www.youtube.com tcp
GB 142.250.187.206:443 www.youtube.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 pki.goog udp
US 8.8.8.8:53 pki.goog udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 216.239.32.29:80 pki.goog tcp
US 216.239.32.29:80 pki.goog tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 static.licdn.com udp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
US 8.8.8.8:53 m.facebook.com udp
GB 163.70.147.35:443 m.facebook.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
GB 142.250.187.206:443 www.youtube.com tcp
GB 142.250.187.206:443 www.youtube.com tcp
GB 142.250.187.206:443 www.youtube.com tcp
GB 142.250.187.206:443 www.youtube.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.35:443 facebook.com tcp
US 8.8.8.8:53 fbcdn.net udp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 platform.linkedin.com udp
US 8.8.8.8:53 fbsbx.com udp
GB 88.221.135.104:443 platform.linkedin.com tcp
GB 88.221.135.104:443 platform.linkedin.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
US 8.8.8.8:53 www.google.com udp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 92.123.128.194:80 www.bing.com tcp
GB 92.123.128.194:80 www.bing.com tcp
GB 92.123.128.187:80 www.bing.com tcp
GB 92.123.128.187:80 www.bing.com tcp
GB 92.123.128.149:80 www.bing.com tcp
GB 92.123.128.149:80 www.bing.com tcp
GB 92.123.128.164:80 www.bing.com tcp
GB 92.123.128.164:80 www.bing.com tcp
US 8.8.8.8:53 location.services.mozilla.com udp
US 44.240.103.52:443 location.services.mozilla.com tcp
US 8.8.8.8:53 locprod2-elb-us-west-2.prod.mozaws.net udp
US 8.8.8.8:53 locprod2-elb-us-west-2.prod.mozaws.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.187.206:443 www.youtube.com tcp
US 8.8.8.8:53 accounts.google.com udp
GB 157.240.221.35:443 www.facebook.com tcp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 52.24.144.241:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
GB 142.250.187.206:443 www.youtube.com tcp
GB 142.250.187.206:443 www.youtube.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
NL 142.250.27.84:443 accounts.google.com udp
GB 157.240.221.35:443 www.facebook.com udp
GB 157.240.221.35:443 www.facebook.com udp
GB 142.250.187.206:443 www.youtube.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 i.ytimg.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 216.58.201.118:443 i.ytimg.com tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 34.120.158.37:443 tracking-protection.prod.mozaws.net tcp
US 34.120.158.37:443 tracking-protection.prod.mozaws.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.204.74:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
GB 142.250.187.206:443 youtube-ui.l.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 accounts.google.com udp
GB 216.58.204.74:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
GB 142.250.187.206:443 youtube-ui.l.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
GB 142.250.187.206:443 youtube-ui.l.google.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
GB 216.58.201.118:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.201.118:443 i.ytimg.com udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
GB 142.250.178.4:443 www.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 rr2---sn-q4fzen7l.googlevideo.com udp
US 173.194.140.7:443 rr2---sn-q4fzen7l.googlevideo.com tcp
US 173.194.140.7:443 rr2---sn-q4fzen7l.googlevideo.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 173.194.140.7:443 rr2---sn-q4fzen7l.googlevideo.com tcp
GB 142.250.178.4:443 www.google.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 173.194.140.7:443 rr2---sn-q4fzen7l.googlevideo.com tcp
US 173.194.140.7:443 rr2---sn-q4fzen7l.googlevideo.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
US 8.8.8.8:53 www.google.com udp
US 173.194.140.7:443 rr2---sn-q4fzen7l.googlevideo.com tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 rr1---sn-q4flrnld.googlevideo.com udp
US 173.194.24.70:443 rr1---sn-q4flrnld.googlevideo.com tcp
US 173.194.24.70:443 rr1---sn-q4flrnld.googlevideo.com tcp
US 8.8.8.8:53 rr1.sn-q4flrnld.googlevideo.com udp
US 8.8.8.8:53 rr1.sn-q4flrnld.googlevideo.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 rr1---sn-q4flrnld.googlevideo.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 173.194.24.70:443 rr1---sn-q4flrnld.googlevideo.com tcp
US 173.194.24.70:443 rr1---sn-q4flrnld.googlevideo.com tcp
US 8.8.8.8:53 rr1---sn-q4flrnld.googlevideo.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 rr1---sn-q4flrnld.googlevideo.com udp
US 173.194.24.70:443 rr1---sn-q4flrnld.googlevideo.com tcp
US 173.194.24.70:443 rr1---sn-q4flrnld.googlevideo.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.234:443 jnn-pa.googleapis.com tcp
GB 142.250.187.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.169.42:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
N/A 127.0.0.1:50307 tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.187.238:443 youtube.com tcp
N/A 127.0.0.1:50320 tcp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1---sn-4g5e6nzl.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
DE 172.217.16.131:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
DE 172.217.16.131:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.187.206:443 www.youtube.com udp
GB 142.250.187.206:443 www.youtube.com tcp
GB 142.250.187.206:443 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.221.35:443 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp

Files

memory/1848-0-0x0000000000410000-0x0000000000411000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{21D314C1-CA3F-11EE-8221-D669B05BD432}.dat

MD5 0d0cda0340739faf00585f62bcc5bf4f
SHA1 a23a9d2a3d2c5fc1b34b2aca00b2ca028f929010
SHA256 5a78c7a9639e78417bd2f3ccd5f8b3659d00c9ca7f1ad4e6b06d2f78a93137c8
SHA512 d7ffb78f0008af8baf683c09169b70969ac1dac86a07a5b907987afaa8a518f711eb44c8a1a4d7172b4781f6587791a5e1e425c5200cca8a91c3d698910c2c5e

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{21D57621-CA3F-11EE-8221-D669B05BD432}.dat

MD5 e3e5cf65337f7b8ef64da443ee23a856
SHA1 290e852cd23655bd30a3a9c8ca02be4a78cf4c3a
SHA256 9812da244ec4cb32f5cc8d60ed3045f331c37ed3f209f050916cc6b458120344
SHA512 02802f3cbabdf6a16305810d270a7ccd858d119cc342c32c0d07e0b68301377d539cd2301d5adc9ec6e225d5ff75c61b403a4704acc1a0a21251ec16cc25fd57

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{21D57621-CA3F-11EE-8221-D669B05BD432}.dat

MD5 d7f0fd919a8202e5f40c4751ad608015
SHA1 8669067b3c1709b8237fdf35fdbebb58ac2e2282
SHA256 159ba5818244fd41343701df023f48e58fe5eba679f992eb2453a2ffe4568e24
SHA512 bb0233d4e3005e03c2433330b8f782d8e78156052cd0a1e39a7b619e028c3760a91696aa68931b358758fc15b85733d03cbd64061427cdd729bed2ebbbb5fd1d

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{21D314C1-CA3F-11EE-8221-D669B05BD432}.dat

MD5 0df123177ef61d173aaffc2a6f858c6d
SHA1 640cf6bfa612c453cf72305e4183b2635304d0e0
SHA256 6de6c8e7490fa915254f66d54cae621700ffa60d511fe022418d961975e380f4
SHA512 0fd5b23c601099ba11bc6765bcf2ba6e90147653f10a27da11f897003f9d89518aaf9d20c46f3b91259e34c0652b5a76c88b81a186b768e844c30e4afbcaf1d3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 24f604f315819da14e2d5b6b00123fb0
SHA1 a34bf5778b8e58a7f6a39400198ddbf214b82b93
SHA256 101dfe43fae1a518653654e99dc0c723014ae4f8c7b2f516a22809f8ad23c6e3
SHA512 92e2cff6f22aca4266047cfebe585e834bdfba865ba455f15baa0a0d5a956c56e56b97f0c8890c2b451fa4aad6b7733ba0804bfa9b21c7de70d36cbeb7fa5e51

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4A9377E7E528F7E56B69A81C500ABC24

MD5 3e455215095192e1b75d379fb187298a
SHA1 b1bc968bd4f49d622aa89a81f2150152a41d829c
SHA256 ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99
SHA512 54ba004d5435e8b10531431c392ed99776120d363808137de7eb59030463f863cadd02bdf918f596b6d20964b31725c2363cd7601799caa9360a1c36fe819fbd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4A9377E7E528F7E56B69A81C500ABC24

MD5 ca7cc5fad4172ec0da7344f5d5e94986
SHA1 690704631fa282a49899c693383a82cce240932f
SHA256 96901854e2a669d5c789ceabd38de96888ebccafd23370af3378ea39374d6ae2
SHA512 52e90e7abfa5c1493ec55c26a117b6b658da9ce288408ed284cf525e66cfec851c4301724148ab4518a67695e51362df02c9e726e8d463e7f0e8cb82763b305c

C:\Users\Admin\AppData\Local\Temp\Tar1E5B.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 9ee2dcaf93257bbccd656df2b0b53944
SHA1 9be0c436766c0ea1f448e5efcf01f5bfe6ab488b
SHA256 e5495aedaac86e9a07696df6e23d224fe651e8901756c61de068c179a1793b4b
SHA512 75eac309e941e53ad85f77280d7dc10a67ffffe206112e9b4990883b55ec0e318086c8f912d3d00900c84d81f01b1cc057a1e8fc3b409e94d6a3ed45dc004e13

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e72abaf76c0ea41326724707205840b0
SHA1 f2041dc7a920c321d758aff8aa3c54cb8159b84c
SHA256 9acffc0d73925cbf5366b08b842bd9319ea637ed60baeac5651a060ebbf84c28
SHA512 a33773ca5e3dd711fca42d7bb115831ef24e9d97356b634cf54e8dc94acbf4b9bdcc8a62ccf64b57912d74dd793c167be4b246554201f92f38fe05e957ba3b82

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 17c94c9789e0b1a01b8d545bce315e7b
SHA1 205b7ca841aa9e7ab35283e3ee116cd144e3de86
SHA256 cfe6b9581e2f267c99810fd0a3bfdb3401db732d879fd78d177c4a7e86b5066a
SHA512 1e449008bdda7898ed1d6249a5d863189b50ab8be272589448f7009018b290bea47f70cc7cf9532216b4562c490ed641f9d07c0df1985b55f8a095bed71d04b5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d837fa5324de9fba1714e81bfc89f5aa
SHA1 6ca26e90abafefd52a2d5a21237b23211c0077fe
SHA256 359446e415898eb58b2b5f70de4fec843ef0bc02112fd407b8938f5c8132d16e
SHA512 25f1db869cbd23c80bed48aca851648d07a689fa5d5a6edf9abf5148a057024c2088d575adddff3eb6df852788737530ada97fd8ec2f6486e1f9dbaf9cad25b4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3741fb685c3674b65879d9356b68f830
SHA1 c6e30c621ff022ea4fdd9219759db66a93f83a15
SHA256 db50f98675b6243641649d57d893cc0fa4a4228197b263dabfc736afa124d187
SHA512 3c5d3133721326b35ebc9a821c7a4bc03acb4c2a75a629098b9dea344737e333550ce32af34b46ba294b3107162c37c366038fda0831290c994d2828c7906bfe

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8d333142bf147b66b238729c2410345a
SHA1 09de4d279316c64013f58c1814d0cc725bc3c264
SHA256 d54cbb9da4705b6ecfddf1f52ec0cec1e4cdc15b9e72f8301c4dcdb0fa8b32f3
SHA512 d1c66411fed419943b9acaeb034a20c12c34163e2237821f3227749e52da709730837b9fd78b83b11de82a63de24a4826db9439b1edbd0931ae2a6dad1e23a8c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 d3d0f4d15d84db215902b46e90192295
SHA1 ff6dd109a3aea5460eefd2657ce8192d1a795be7
SHA256 3922653baea808dc631ebbe586bf526226cc7b4a5e5d694aa6f2c215708f66c7
SHA512 abc9d8b9737111fbf7602137397aedce4a2cb4ccfca1e2da86e78368f7ecd5b4355824591687d812d98315034d79d39f234dc89d48d7f14f83143157fce3d14b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 96a66155109a3269892fc3b0b5a1580d
SHA1 070f947b99b0e9bd69ab8c4fdd98e1270c36131c
SHA256 60e32d892336ace3550826d46fa8eeaa4c9c9fa9243cce5d8c2be199a1837b24
SHA512 e854715a3b46489e43e234971f719d51242716a52caac331be6efc6f5ba2de6f85dd67d79a07c83cee201a8be8e920b037fc4eb4f894ede1f2bd94416ae6d41e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 6dc6fe6f18f6e17f48faaec49ecf23b2
SHA1 1e33b3ffe0039ad9dc6bf496fabbc629584af7bd
SHA256 708f30d71db8dd6fee68db7bd1b2b352571cc7cd123be6caa6be632c20ad8e69
SHA512 f6596c16938b03b868a6d103cf3a62b26ef30ca8dc0e52ddd1feba3433142312db95581452e236e48a31ad22d3c26584094ac810bd09f1b33b946d7f2327f180

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 b3c6c0129443672bde4fea6befe8c761
SHA1 faeae9743ea8df452a1c8cf6f5341dd8e24ab268
SHA256 c1a8b9b22234a1b0d6d1b9ff37adaf34f75c748167b7f9481f734bab256e5388
SHA512 11677ddecb3ff9c1cd5936409facebb60fee0de6bae8f55c67d5effb9b8e8485edbb31205945a7179e464ce9067c65d1264f804a16159a71bccb0916ea0e255f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6f4a46640cc30e0cf477f5b2ae25a122
SHA1 f6ce8abb0aad1582c0e5904a25a7882b35b5a68d
SHA256 0a0fdaaf91a1d925617a70c5673b582bc8ecb8b3cae836ad2d0e161e58ac9e64
SHA512 0bba1357db27438a8e7cbfa7954637307a904b9471cae8de49d8f6345ddbff310063b9edde2a0e343ab434beaa4cccc3b7330955c654432dd7211e43fc6897d9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5c055e2152e589070257ad54fbfb388b
SHA1 1af0a71b4c4d460f06e156e823a52728e4e5d05c
SHA256 bbce94a96752a43535c7c8f992e4a38175f021ffac79e7a58bb074dc7b24d40a
SHA512 6fee15b26ffae0cd702c4a54134453432fe10a7aa9046916edf7b8432641eeb460b101e16e5b1c6a01a45f67c966f312fbe13d111eebab0ba84b57ffc7115577

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3117e1658e8617767fecc393a3704c19
SHA1 9ccbe75eb12257c936228c1ef97007fbb28a9c5d
SHA256 aa8380f44a3a1abc39d3a2e85a829963b86006e584b484d9c2b03adfdd1dd3ed
SHA512 46a01487e74a84e8a3f2cf5d2120b637bf0cfb27aa9b66290b47fe39314e349911ab0b9e83170727f0478c9c1185a7f85f21a4c27513f50c3afb2ce2afde01b1

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WKBTTSTW\3m4lyvbs6efg8pyhv7kupo6dh[1].ico

MD5 3d0e5c05903cec0bc8e3fe0cda552745
SHA1 1b513503c65572f0787a14cc71018bd34f11b661
SHA256 42a498dc5f62d81801f8e753fc9a50af5bc1aabda8ab8b2960dce48211d7c023
SHA512 3d95663ac130116961f53cdca380ffc34e4814c52f801df59629ec999db79661b1d1f8b2e35d90f1a5f68ce22cc07e03f8069bd6e593c7614f7a8b0b0c09fa9e

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\s8rbov0\imagestore.dat

MD5 74c9260fc1cbe987d77c46203a1109ee
SHA1 d68ecf2d4e91515b9b82e5eecd845891a4437c06
SHA256 fd876328ed7eae19872e5b527ab9a98022033f408fdfd25151c076db1cc2542c
SHA512 3cec61f0bafc1da719efc16ecb5cf8ed66f362f065ea5dcdce47ba87f3534600bda13ad3254fd4428173124a42ef3af8a0e4018778e8d9e9bd8958ba138adc6a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 d55994dcdd4b219be1abcbe56a99720b
SHA1 f4b546a5fc65bcf2b9ab1ad2391f9bae87f36ce4
SHA256 e5db27ee22dbd27b16ed1f10b65ff0e574cabe32a64b64751bfe6239ae241ff8
SHA512 ccd8bb10c7bba2a457eebab07598fcf4e2bed3a4fdb4b5fbfff915a4d4f34ebb744e75e86f4c6967e926885d18a48f6204c2e9722b63b048a63baf3d1e2db60f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 569b8dc4ca8ce032714094048e1bccd1
SHA1 29e12c399a8e4efbdd290c0e8c6e5c78e06b8fad
SHA256 ecbe278b403f3dca26de3bbb108b2565165a370c4033d28ce6cc947bedf6220c
SHA512 09310ae20ca626f68815e438b6285e8342cee5c6ac92d613cfd2445d8208317ae221ec51c670043dea8ad679e6aae61bc9ed6a637508da8d220b822b18a4eac1

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\VJCI5V1P\accounts.google[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\BVERBTMQ.txt

MD5 645f904d3642481b46d8e8b53ff90447
SHA1 b4d7b8aea1bf8b2514ac563d975c9e9a474f0e9d
SHA256 54a6352e3ba4c3102d7d25306e9a72f8407a380906273d84222e7d1c92361cc7
SHA512 020f72abf520f725b8ab915f771b2ffd5c1dc469a4b5ee3253bd66c4d67424c0905559d990a80ad006b3f0a48cc7f243a722498976e8b14a0bba29a73edd48ef

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\s8rbov0\imagestore.dat

MD5 8b18f8813a3c0153699ae413292ebd63
SHA1 ed3204920ef2d8d065427ddc1d2279766010c818
SHA256 d1d693f288387d94c058d5b3bb289f71ac0850c6a1f854965b584d430186d994
SHA512 c08419f9194bce7d5479278fd31e8ed8e0131ba4e7346bd030f8a0a9e18f8acbdfefea0f87ec4b56e75235ec9619dd2cfb0ff6e8b7fcc88df3d7f72cb7d4d772

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WKBTTSTW\favicon[1].ico

MD5 f2a495d85735b9a0ac65deb19c129985
SHA1 f2e22853e5da3e1017d5e1e319eeefe4f622e8c8
SHA256 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
SHA512 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 1eafb519e220f8c8058e5fed5b8b655f
SHA1 5887ec025353d6d46390446e36f4ddf516be6c07
SHA256 df15aa54bf7155a9027096e97a16a7ed7488f969c621bc46adfaede91154c4d0
SHA512 10d14f6f744673776332797f8b556253ee67fd5d866ba531d99d49a2d6c906890bfff95a378044f33aedd6f4afab6b18d217d29c0b879be3a8d3a83c11bc48e7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 965c9cccd130455aa8d4a48a409c10e9
SHA1 b23510bd5fbd9b0e8021c5325dd74d757af2bcea
SHA256 f05b808072eaaac8cef7f286cd62dbd0b2adaff68fe26ba397629e1fd50c9455
SHA512 20f1dd27b9d745f846f36208c476a641a9e07b5b1d52ba032520c7f6dd49e0867f2ad98e3b88a2696a3bf975073de222151643a6561da7586de59e273507d9e7

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W6XFW618\favicon[1].ico

MD5 f3418a443e7d841097c714d69ec4bcb8
SHA1 49263695f6b0cdd72f45cf1b775e660fdc36c606
SHA256 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
SHA512 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\s8rbov0\imagestore.dat

MD5 a48f84a47d2a967ee6e89f2b6935803b
SHA1 f8cf3866ecc48d63ec43ccde1ba73bfcb689bd5c
SHA256 ad1202f852589cd90ce49a5e8d3a0e15a840a28c8fbba74cc8954cd1e568db35
SHA512 a455fabee71771b0c627e3f2c5c206cfecbb0887ae01c76cd9f098f5933e56e6547879ed39f12a29cddc48acb48cb2e8c0d2fc8299972e43b1c2e2e98cbe1d12

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6UC1J3XS\4Kv5U5b1o3f[1].png

MD5 a81a5e7f71ae4153e6f888f1c92e5e11
SHA1 39c3945c30abff65b372a7d8c691178ae9d9eee0
SHA256 2bc7a47889c56ad49f1b8b97385d5a4d212e79bb8a9b30df0665a165f58b273e
SHA512 1df32349b33f6a6fcb1f8b6093abd737fa0638cdd6e3fd90a7e1852bd0e40bc2633cb4e13c4824fb948d1e012e5cb9eed0b038b121404865495d4e57e123db69

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\s8rbov0\imagestore.dat

MD5 25e44c86b8220bc38805055da8b91cd2
SHA1 c59396ce85614e88e0ca4f39e8460c699b8a9526
SHA256 22f991185bfaccb7b4d926a85198e5a262b9b089db26e66469d9bb58ff63a5ca
SHA512 0fea9cdd3371a2d60373fa04abbda65557626412646013f20560e89f14d763e2280d5f6a7238e4aa837144ca0fcee1f38e4251b5e93da9f2a2fba507d63faeb8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 997172725e1389970570cd36834d4274
SHA1 781394a4258cfdd6f709bbb53914dc6111e6c708
SHA256 c7df262554321b113c98d939f711bcef066ec3e95f09a2c8ba58b8982d05197e
SHA512 cbdff3d0166250af7791193e90af222bb9fe3b473295743a9a30a87365aa71847b532aaaf9df6bec1b9b16aa52b5ba47a6eb41e76cc35d821151ccd885b625af

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c7e58b169c4bea0ee4cdf4ea90bf4e69
SHA1 fc86b7bb41f197ada5ddb90784ec17878cb94fec
SHA256 a8da2350fbbd00c8027e2bac08541e348c7a1f03926e57b4fdb261e216a0c7d1
SHA512 eab61567d80d8012b3c2105acca7266afb72bb9370025f9ca8dffe75ac26ba1c3d2916bed32ea1041ae17d26df95a7c7bb77a25f244a19d991e59bcbaee17186

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ae917d108566e870a3a870dd3e2a8d0b
SHA1 82e5c72ad1c63766f4c50cb3967777bf9f8dc0ee
SHA256 06869293288b3d89fb517150b1759d582da1d5c9cba18a6aba32de4967b4de05
SHA512 e8761f8430fcc3597be899d3486b59f99211cc4ffa2916b5ded1bb260475bbe356a0c349828ca9f1a9e975da6bb26c5f201069aa51970c6280e1e4dc6871b364

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4e081f76a3e8ce29a740bb61e9656187
SHA1 b30fc4a0a515f7138acafe8717b5407c186cc745
SHA256 1377ee9ad38e6a16771cf83911b816a24eac574a63e7a9e94173d2d8de36315e
SHA512 5e948ca1160de6e3e232c295dbc1cdc7892b4cfd10970c9eae738a93e3f056db12f9ce34b374b801b7b508b104b12945f85ab912764195135653f5f7a8329c59

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 79e9f7d3ad45e4a80462261754248e97
SHA1 bcbf5de68becb8a36e556aa5674533bd72bfb61e
SHA256 f8f3c60d85323413d9dead2fc8eea065ab834601094a61cc4b3ab38c5bdfecb2
SHA512 5db2ac3f41d5121e16530f3d1d66fc41fff63a5cf1c3efd63a7a19408e4436e608b4e6ec0f6e59e98f33c26357235b1b453f2e7b5ce046d3af74039c697bd923

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 531b43ffeb3a0649830ce3e2c2b7e5bd
SHA1 483efafe53b65b260e3bea0763330a97e622c366
SHA256 385a611a9ea5c87676516b7c025ab4f90f44aa5cb1998e57e0442b5fa1ad9733
SHA512 d37b3c7f0acba5479a170848b9f1e72de2927538033925d6f3a891e471ed24a60b9895cd45be4df70edf497d62126827176d67e727161b41c61f24fe1455eb53

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 9b540d6006c28d381c566a6ccb5f4613
SHA1 a0232a310fd960eb987beb68b4b02b50e02f6b8f
SHA256 649e32587928d9aaa4c191d0a1113970457b36987d300665f08ecd939c45d363
SHA512 dc7dbdcba3c6c60a06accf835038401813d948aaefcc0d49da37ca56045987824a8cfa5c81fbbda72c3474ab4ed2397bbf4474bed84ed752c086ad0e6a46d11f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 106e92dd2ae77368e4284f99d8c2b2fc
SHA1 08649c2af1756b29d90bdd2e1da1f48ed3b3b61e
SHA256 af8f439dbcd24edcb51f40c447241c9f177430819bb25ddb58da2bc76761e7f3
SHA512 139467774882cf6af755e9f31019db3cbc64343e2405609600309696bdbafaa4d96ad5dc612bcdc5e1e83e552815f53a0819dedc3d7204194ade750de6a3baf8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 92668b217c4f28b79b1c451274289d9e
SHA1 9aff1f4853910574fd3dd597812bdd7e0d43b25c
SHA256 3a9e6483063f1ef23807c36d3ead25786f1a22b18c61b9c49350d314bfaa2bb0
SHA512 08a2547f8e85f862873a8730665306b710ab0b8d31067bc75785548c3d60c37ab25c959a5d6fcb13706bf58dee3574813cc8f5cb2d8e5da218779bf1ad2317ea

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ac20350880269582f1286f6ba8755e5b
SHA1 c296fbe7feab44b175c5e474899145aaf1f06515
SHA256 430e4cb50c6705b6a21a230c74b21404b10faa9bd1860a9f79456a562339f778
SHA512 624f799d53a0eaa29063751106f123d89e051d6f9ed6dd922e7c538133a0ce73e3e903e9d11e56c9ac8ce7e91bc4b305635620dc77adb6df1f24015eca05e525

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5cee2678b1ba8d0c99a6a4f8f43c39b8
SHA1 466e823dbd62614dee0442596b191eb47846e5e8
SHA256 46bbc3057ac3aa75b44e537b414eec774bbb5cd7381baeda60f1b700b1c85a51
SHA512 cc34002d1d967f72de8670fbd0014a1e9fb30995a2cba726eb72f74b5d2b0c548638def6e22ea2e0f6c45179eb73f16f6ac371948c6246972874db71c351b848

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f529114bd51e4784ea2e6eadd2cfe1fa
SHA1 b345c90053cdce8ec57e915e37cf7bcd153afa57
SHA256 111fa35b374e28c4caa292a5b827f7d68f08cef1c3eba827a7c0f0a75e014351
SHA512 a13f43b3cd359026db85df751834811a9eb529db9103d3a8f1c8d596ea13792638b1a99c05ef3662abde91f46a3de49e51813abe9f29334d446a26a858aceb8c

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IZZNRKJU\favicon[1].ico

MD5 da597791be3b6e732f0bc8b20e38ee62
SHA1 1125c45d285c360542027d7554a5c442288974de
SHA256 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07
SHA512 d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

memory/1848-1022-0x0000000000410000-0x0000000000411000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 cc224701d3988dd5549f5d4adbf10fe4
SHA1 bf7837f102c82b785f087208d907c86f3de96bb4
SHA256 ab4b477c15da3d33fd048de6a07bc97f38cb55f647a7cbb9c39ccbe56e18cb21
SHA512 da48b8a59c7a8434d277f18dff52557066aea503d889b4c06a840e0412afc0732ad8958a95f5d14d92b7cbf503ae0d1a32c5da87027c5df69591e85a973724d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

\??\pipe\crashpad_2364_DPMLGRIHBFDRZDVN

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 8549c255650427d618ef18b14dfd2b56
SHA1 8272585186777b344db3960df62b00f570d247f6
SHA256 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512 e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 5e224a91acc6178e435d6e9c1e1c633b
SHA1 9aa1048588a87a84d5c99651bd528609661949af
SHA256 b967681db819b6fb89c30251a0c60fc81a269bde28a76655b3f60fb2b93db040
SHA512 acfa033fb9cf197724b4a4234bfc8ab3f9642a8fcff817c1f5e7b3094516f2b51c7e93e672661142656e646c0e4b2fe1bcd734e14a4cd4f7f81ae0c8c24139be

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\3d2da728-633b-472a-b45d-228ff31cb370.tmp

MD5 bfcc00a6b502223f320a0ad87e311019
SHA1 8898bdd3acb22f4aabc75b210baf73f3e63bccce
SHA256 303efc8282652551e69c9f09fb33879543b6553a8d9057c10d0ccbeccea7b8ef
SHA512 fcad61ed97b223a67ee2487477820719795969c5dc5f68a50edd4c7ac8ef58d6bf1d33993cd3d2fa269c28c8c389a9e631d7df02085b22aa475cc468ddb80e9b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\datareporting\glean\db\data.safe.bin

MD5 403dbe1f6082135cc75c1bfdff2e6dcc
SHA1 406e36ca29b89b59d7a19e32e98fcb2f89f494f0
SHA256 ca4a87ce7a06c6324478644fac5be05690c69f1e74aef7366d4fd9e91de85d94
SHA512 b6752cb12ab0555dc21d092d8f38cbe2ae91b0952f682e6fbf3bf0727d24e5da3826946ef98f295d1a856e9188ae53d9cce7cba683dc28a0e86c4689141fa8a3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\datareporting\glean\pending_pings\a4f737c2-2607-4435-b5b8-cd7cdea33c41

MD5 3896f41cf8a812efe85430b123697baa
SHA1 307774dcf42baf4af270cdeded61a863a2b05312
SHA256 5932f9b4859ecfbffa055dcc8340cc3e14245069b9517d5ea3a07638fe09f262
SHA512 6fdc10f788067416f32437096ceecf4c5e3451aea58f6e368f7f31fd668a5370790da0e5c29e73ad7c039d8165a486d1efb2d95161acf0755799b8c26bf1e7f5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\datareporting\glean\pending_pings\0baf9424-4c9a-4e77-ac61-ef2eb0fb1b9f

MD5 6e000963a1c9457253f6d1e53963683f
SHA1 0319d424894c1511568b62bcad4c182cc316a6fc
SHA256 561213aeba69c9a8653f910ebacba1141a2941e6fadc5f35c2aee3bd309b088b
SHA512 cda379cf1dd23f1ce17c8c25525a96fed5abc21166dd300a173f78b02c190ffc789967e624008394e5f69201f5fca892722dc1e0209557fa7abdf504df81d89f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 492c0dbb35af9fe9dba5e81b1040c201
SHA1 2bcfb2d6eeb587308c93c01cf3c7f0abfabc878e
SHA256 aac880d8ac29bc446cc16f6ec86533c1b3ada24c87ba22f239dc541dca3a851d
SHA512 4819dfca76ce96c0b512347e1ec2ca59c077b36df6f1d378ed2bb9262490eda451aeedca90d57106af834dbdbd3765ca46b7f197e86458813f4fd6539d0943a0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\prefs.js

MD5 9711e9502440b96755ec7b3efa94a3da
SHA1 c6b1cf7cec530e5ef2c81da6bca5dec5e8bbb59c
SHA256 f2706a5649215cea135642dd0d238173b7ee5167f8c1edbdc91fbf2b28f6f58a
SHA512 a008a4ed2c0625afec4435d3eb890dba3f1c6fdf6ff5d02c02f4d66273fb9e690199fbae423abe8798511e92991110319b7926982c89f5f058c788b58fb6bafa

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\prefs-1.js

MD5 5fe087c1e0d984b2ba615bb94eb820e1
SHA1 ba3f35602ceeb895b259963789db6b955e635e45
SHA256 50d8ee70d8764300f9c9f9baefdd164f1ba7453cff07c094cd38ea99dde0fcdb
SHA512 c8464987b3f203758335cd32b8d7dea400776f387b2e3ecd17bee274e32b0ebcbb94e12b399001d0ae570b1fcc043363b07f7621f2f3414886730ccdd2116a9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\sessionstore-backups\recovery.jsonlz4

MD5 7ff62a220933b982f92e92e2a9a03209
SHA1 0f157e93b3fbc8ce66b8589686af58b477916a41
SHA256 d0ce9ddcfd62fc25835b15bff4fdb4f657cbbf54c6d1b550888485831c13a147
SHA512 ab7266548db5bd940209a6cfaa79ea2c7b69d3bd8f05fa2f2746d557c08d8a4ac8f336c8c3de919a0f74e92f7e8bff3d448744bd96a6fafdc059c1291c6cb67f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf769c3f.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 a47d9ade31484b0199d476a433706e7e
SHA1 7d12af8f2b2281e80c3b5aa41dc6ccfb70c75c95
SHA256 c51788d3c8a4e49d6236d1b15c504b36f6068fbf2efa351b04565573f7362951
SHA512 b02cf89671eaee015565c0f590c7de77dca53f494bc929c3e0e768fecad4b88228ddb69fd5b31de0ffa88911e0f494d3a3977fcd59abc9fcb6a65b04f9b08781

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\storage\default\https+++www.youtube.com\cache\morgue\40\{046d4f2d-3a76-4898-8b56-e0fadcc55128}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\lf4jobx9.default-release\cache2\entries\B244729BC80B4AC34542A2CF7ABB28C54E8B5AC9

MD5 32c52dfc7c19e56772d440f7c3c9f4f5
SHA1 96969457b5388bb17b5f79d82c94ff9773e9f1b4
SHA256 c2e6d5aadec621a6d81f10c0d96642c6812e775bfd805fb04105da69ff99e1be
SHA512 6783119d974b5bfe7e033980b5f8351b4723bf63e57ade014739cec07b209c2e808480c601b7e34b359276ad0ba7b7c0c153fe61ab4304ee9298c6c6a1763c9c

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\lf4jobx9.default-release\cache2\entries\5386253589D09F6437E215B7DD9D35AC8A9667C7

MD5 1335bc0e4b6babfd29deca1a0c9c5589
SHA1 a430ca902d722ad537298e872abcdd760e05e19e
SHA256 624392eb602d5ae42467a3fb2e79b798e7b1840c00df776b32ca9be524f11b1a
SHA512 4df880344b175c89e3318e2d9f63397fca01c9eb134beabc723d11f23813738d48c6c90f4854207e9c889f55b27d92d34ff9b1b6e62da497a621abe5cbcf1f1b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\lf4jobx9.default-release\cache2\entries\70F9110B15BE4CA3789C4E686EFE371A84369C0A

MD5 515668f562f9da53fdfb8366617e20fd
SHA1 6cb3af181b9f806c725c9367afcbe2ba5a5f8a1a
SHA256 94557249007dacde48250ea6f2cca56a38d47aa0be66910b53ed3c60fff99b43
SHA512 7f5c8101b7be81568b173513ae3183e8b1bd5c811852e6a66386644345ae4cf495e4e62f788fac52eafc657f9955a98a4770a511ff8a45923bd051fcfce52a0f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\lf4jobx9.default-release\cache2\entries\DFF427F3036CB4FD84301A0F4A7459DEC961B2C3

MD5 0fd05b58e51171d0bba2d5a0da46f85e
SHA1 dc14a2ffeb2cddc67c6d68059444e26aa736a1e1
SHA256 4e912a0f92f8fff42ace0e213ee3dae70705325f8c66d70cc965aaf0ff872a33
SHA512 db3d3e478faf4fad1b69d49eb3aead55ef53fb0a4be40290919cf31965f1b91b967f4a392a674dd5c5d219d567124ad0c94dc4a5785d5ac7c28f0267645c8e76

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\storage\default\https+++www.youtube.com\idb\3188868872yCt7-%iCt7-%r7e3s3p1o.sqlite

MD5 cd0ee603ca7213e3531c6347021f98b0
SHA1 9a22c639b0f17c84a1ea28c233056f193438e1e0
SHA256 bd94e3d80d6965b6806619481be7ba210a5dadcff5fdaac688896bd826de81e2
SHA512 b17ea82e826bac07d71f2623d36d2b3c8f32939030d17fde8e618b5da52d3f37a0b0ac455528d50760be44adcad8235d2420375aeb39cc4ee0f3fb8e811997c7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\sessionstore-backups\recovery.jsonlz4

MD5 b7993fe81f156c6cc2abb1fb9d9efab1
SHA1 dc272f539538c21d7c39317b427e9b6785be568d
SHA256 066520bc19d01ecdf3096b9e1eabe0b2848461fba4e4a5a7e8676411d6980be2
SHA512 5e0d19b4d308af0eef8e0a38e698d2dfc7a09784346166fda8680d5ea65ccddfb6ff4640546848ea902893b5128dd4b08d1c975382c65856560bd454dca7ba04

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\prefs-1.js

MD5 30f18534b730b784d0b4b9625e2f8cf3
SHA1 0f9e7bb1b3496b72f02c1197e5d589c410aced1e
SHA256 3325eec0849e242a5b6e4ac4cf45485019ab92bdcc1684f506961a1523759eeb
SHA512 ae3872757c6f8dc5ee31947d29b3800a01427eb77c846b2536689fdf3b67ec8b927f67bdefcc673839cdf64335dbfdcd33513a51d2b0107b8c61897e2bab9607

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\sessionstore-backups\recovery.jsonlz4

MD5 b119d6dba1d2944c1353517965d0c0ed
SHA1 d51b9fe4c50a7f576a4652b9169b27e0758cae41
SHA256 a50a21487a700e8b10a5fc28265b6554cad6f3707c1a822c016b1a22aa4257fc
SHA512 baa2c89233c5597692a83517f61612056103f516e325c0a18d3fae35594de658c3f168ec65ce04c376c67dda9fc699246956fd9c18155aa97a143a4aa161e235

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0793b0fe433aa12117f4e5c6cbf4f685
SHA1 360a95c89bdfa9bf411f1ce5269af91b82d02c29
SHA256 cf32228739f5b78737a46292a1a93c7cca3d9cfc239e39384fa59aabbf8307f2
SHA512 7961ffa43a0fee1c385cd035e23ddb47cddb57394bd5361d457f92818b647fe78abfb3fa77109d71f1e3136ba34beeab80f91ea288197973e5cd33c8b3a63e1f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b56ddc9f3c63ac344abadb9a6b4af747
SHA1 f223c0c1be75b5fe7b815f0d66f21e05e3225fa3
SHA256 059d81cec4fabdb57fcf66818f61031438a9a593ed7cc34eaacb686a55acaf5f
SHA512 a84e293305b909a032c4d648c2f5ce292d2bf2c9cb9bcc43bfaf85bb55578f4c211963e421efb073c687711ebb6082cc7fbcb94782661a20f12b46d7ba52e410

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ab4fb55f7593d3637ee5d6a8d1c949cc
SHA1 155ba37e74de919d7f9f771ee4fc08933aacfca1
SHA256 9410a33189cb274350dd55c97696315ec98355a7267446369bc7678f24024129
SHA512 6da541fbb7d42a6a0a9e532ffb010149c19f6f20aea5ff613a4d99883f9a2ad27069108ccc76ee29b58f78549b5fcc10bac0d64513d61e854246b83113cc80f1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 698fb5136af5399696badfb17caf481f
SHA1 a5217478b3ebb5eb52a0bd59aa7001154b79731a
SHA256 7ecd2c04729ef641fe3d0a0fbc687a45266f172cd75ed8b43c417f331c6d5cb5
SHA512 3cad32c2ab00c6a9892b40dd5e09f81620c0bad7b637cd0d2cd2a0b65087e644aefbd62e6018401f0c5cf918c125ea6580b8ddde8e111a459fedcd8bb04c1c95

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f79d88bdfd5672a6b9691cdc5f936a72
SHA1 52a12180f98fb4033acb5132d777f9efe006ad55
SHA256 b9df20ef490371c423c9f67de83aead68011dda6690e76a40287fd1a49e499c5
SHA512 c2df39fb1af9e4f673450d974dacf1ddea80b0594c54916b367e3872861af0577f254c19cecb859d35b92623c18661e5e28f173906dfd9e7184a4f10aa631de5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\b3cd38ed-052f-47c3-9265-51f3b02abd49.tmp

MD5 8b2c26564912db5108b5a2373366ff69
SHA1 bddc73cd93bd813dc24db7e913ee19b2dd7971e0
SHA256 9e41177dbda59d4e3bad255a328308fffaa947a78592ca2ef9b4df9169d31535
SHA512 6c68a1143de1ef7de2f0298189baccb6570f012711232399f07304502fb0b7d1cd691b16c7eebceb730114f011eab2e42ace1a54b30e3ba33aaf42f03e937891

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 a88c8d13c43f059327d1aa684e7ea4ed
SHA1 df6ceaf980d783ec3ea9d9e097baa43c0db99eba
SHA256 cdaaf4c85bc453f575fd72050f5c83503479e6bed3dccee05fca7f4f4942a99a
SHA512 6e088c38ccf4527f0d4cd97e27237a2b64c17c9b656f526bf9ee9fe10742af1c52dce17e08f28b884ed73f4a7265d1cbe69e29109167e9ac0bb47e4ba4d5d0c7

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\prefs-1.js

MD5 2e469b5419177c34c349a7d08d2660db
SHA1 115a7d616ccc31e9c7132b8e99c37dd7284bcb7c
SHA256 7efbc8fc171c514c8540dbc874b3fa1a81be66942a6b3339cdd75a335f92c90b
SHA512 56855201e312999fa3faa36133bc1d31345677e2bdc964776c1ff6eddd57083bc82aa8321b39753eb1c87de5508c352abbadec5338b02647575ecadad4ce6d4d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf4jobx9.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a732d20ad5adc7ee3765b8863ecf20a3
SHA1 1a2f1cf5c9d775c5c79943c83d3eb5ebe18877c4
SHA256 b9cbcb087f7fb4fc6310791f1c8d584381250e18be04087bbf72e5133f2d3aff
SHA512 9853514e9aec5393932b936711e87c611e4a3d05d20338bb49b2ea85d9af3aaacc0d5cef5c4a9b65633c8af18054710d758bd62dca5da576e4bd4554ebcae2fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 753a881f86eb3cd2bc26b322f374b3da
SHA1 e3f2f476a1247a3b0235c9a31dcb7a2b865c10c9
SHA256 896223737561a893ebed38490eefafbb50fd5e2f1c9760b80ab4927c383be8e9
SHA512 60f7e1d95d160238ee0fd39e54ed935d6d20b10b70d2318893242bbd3bd5c59d50a282bdfb5685b37b5366725f40aa40d239d2bf5768fc0c66f2f3ab117a0730

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 847457448c21bf7cd90f5ecc8a46e261
SHA1 c64de8915c43d534dd85081395391e5f993c6773
SHA256 3edfd024c93177e6cd63a7a82abd3dd822bce61990999a746eb656144c0d4550
SHA512 b968d1c20215b69d9788a9773f4ca8bf5d1ba54b0bc676b61d340ff7ede2053c043c29592d0f8ba030f6e9584eaa01c9b7b2cf35d6d5041341ddd0b0a514c2c9

Analysis: behavioral2

Detonation Overview

Submitted

2024-02-13 03:31

Reported

2024-02-13 07:14

Platform

win10v2004-20231215-en

Max time kernel

150s

Max time network

155s

Command Line

"C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1815711207-1844170477-3539718864-1000\{66F0D890-0603-43DA-A6F5-EB0F698FAF0D} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1815711207-1844170477-3539718864-1000\{29B3215B-3793-474B-B049-560A9B768D91} C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1048 wrote to memory of 4532 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1048 wrote to memory of 4532 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4532 wrote to memory of 2132 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4532 wrote to memory of 2132 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1048 wrote to memory of 4076 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1048 wrote to memory of 4076 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4076 wrote to memory of 4596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4076 wrote to memory of 4596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1048 wrote to memory of 1772 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1048 wrote to memory of 1772 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1772 wrote to memory of 556 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1772 wrote to memory of 556 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1048 wrote to memory of 4512 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1048 wrote to memory of 4512 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4512 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4512 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1048 wrote to memory of 4176 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1048 wrote to memory of 4176 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4176 wrote to memory of 4492 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4176 wrote to memory of 4492 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1048 wrote to memory of 3896 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1048 wrote to memory of 3896 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3896 wrote to memory of 5072 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3896 wrote to memory of 5072 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1048 wrote to memory of 1944 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1048 wrote to memory of 1944 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1944 wrote to memory of 4900 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1944 wrote to memory of 4900 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1048 wrote to memory of 2128 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1048 wrote to memory of 2128 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4252 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4252 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1048 wrote to memory of 2332 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1048 wrote to memory of 2332 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2332 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2332 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1048 wrote to memory of 2232 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1048 wrote to memory of 2232 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2232 wrote to memory of 1644 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2232 wrote to memory of 1644 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1048 wrote to memory of 688 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1048 wrote to memory of 688 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 688 wrote to memory of 4128 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 688 wrote to memory of 4128 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 688 wrote to memory of 4128 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 688 wrote to memory of 4128 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 688 wrote to memory of 4128 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 688 wrote to memory of 4128 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 688 wrote to memory of 4128 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 688 wrote to memory of 4128 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 688 wrote to memory of 4128 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 688 wrote to memory of 4128 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 688 wrote to memory of 4128 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1048 wrote to memory of 2036 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1048 wrote to memory of 2036 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2036 wrote to memory of 2620 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2036 wrote to memory of 2620 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2036 wrote to memory of 2620 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2036 wrote to memory of 2620 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2036 wrote to memory of 2620 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2036 wrote to memory of 2620 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2036 wrote to memory of 2620 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2036 wrote to memory of 2620 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2036 wrote to memory of 2620 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe

"C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ffb6f0946f8,0x7ffb6f094708,0x7ffb6f094718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.linkedin.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd4,0x108,0x7ffb6f0946f8,0x7ffb6f094708,0x7ffb6f094718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb6f0946f8,0x7ffb6f094708,0x7ffb6f094718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffb6f0946f8,0x7ffb6f094708,0x7ffb6f094718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb6f0946f8,0x7ffb6f094708,0x7ffb6f094718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xb0,0x104,0x7ffb6f0946f8,0x7ffb6f094708,0x7ffb6f094718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffb6f0946f8,0x7ffb6f094708,0x7ffb6f094718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffb6ef39758,0x7ffb6ef39768,0x7ffb6ef39778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0x9c,0x108,0x7ffb6ef39758,0x7ffb6ef39768,0x7ffb6ef39778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb6ef39758,0x7ffb6ef39768,0x7ffb6ef39778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4128.0.1593657908\903287351" -parentBuildID 20221007134813 -prefsHandle 1876 -prefMapHandle 1868 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0d39db99-f559-4cc5-b8f1-d42aa69c3208} 4128 "\\.\pipe\gecko-crash-server-pipe.4128" 1964 1ba2a0d4058 gpu

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2196,6749017764440810400,278000085271296986,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2656 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2196,6749017764440810400,278000085271296986,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,3014156120992366762,3578507938164781216,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,3014156120992366762,3578507938164781216,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2156 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,8403419579837717360,15752805690766497410,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,8403419579837717360,15752805690766497410,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2196,6749017764440810400,278000085271296986,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6749017764440810400,278000085271296986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3520 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6749017764440810400,278000085271296986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,8151051390648386004,7394142378815687238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,8151051390648386004,7394142378815687238,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4128.1.216616826\904696170" -parentBuildID 20221007134813 -prefsHandle 2408 -prefMapHandle 2404 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4a9c228c-0faf-470a-aab8-27bb4a304265} 4128 "\\.\pipe\gecko-crash-server-pipe.4128" 2428 1ba1d4e5758 socket

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6749017764440810400,278000085271296986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3924 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1472,1390060977120098437,16697991821003200992,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6749017764440810400,278000085271296986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4280 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6749017764440810400,278000085271296986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4496 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1516,10334027601917788058,5241668592940697920,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4128.2.2012589360\1685239650" -childID 1 -isForBrowser -prefsHandle 3096 -prefMapHandle 3092 -prefsLen 21603 -prefMapSize 233444 -jsInitHandle 1272 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9b723a2a-91a0-4c05-8046-d11ae7ad5f1a} 4128 "\\.\pipe\gecko-crash-server-pipe.4128" 3008 1ba2d936558 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6749017764440810400,278000085271296986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5308 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6749017764440810400,278000085271296986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4616 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6749017764440810400,278000085271296986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3896 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,649507810552930902,13154575614613275469,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6749017764440810400,278000085271296986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5636 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6749017764440810400,278000085271296986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6749017764440810400,278000085271296986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5780 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6749017764440810400,278000085271296986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4128.3.1615912222\874458369" -childID 2 -isForBrowser -prefsHandle 3932 -prefMapHandle 3924 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1272 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {25d27985-0145-489c-80b3-d6e50a9beef1} 4128 "\\.\pipe\gecko-crash-server-pipe.4128" 3900 1ba2ca84358 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4128.4.1411793342\1531482127" -childID 3 -isForBrowser -prefsHandle 4364 -prefMapHandle 4360 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1272 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {33df0af5-f150-4149-9a7e-45e134ae6033} 4128 "\\.\pipe\gecko-crash-server-pipe.4128" 4372 1ba1d460758 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1656 --field-trial-handle=2004,i,10131049905246013865,18031412431962365782,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2236 --field-trial-handle=1940,i,9773894216193273465,7567748727418075010,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1944 --field-trial-handle=2004,i,10131049905246013865,18031412431962365782,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3796 --field-trial-handle=1940,i,9773894216193273465,7567748727418075010,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4128.5.1624282278\1867507001" -childID 4 -isForBrowser -prefsHandle 4744 -prefMapHandle 4952 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1272 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {01725e5f-9184-4413-b2fd-4b3fefa68999} 4128 "\\.\pipe\gecko-crash-server-pipe.4128" 4964 1ba3027b958 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4004 --field-trial-handle=1940,i,9773894216193273465,7567748727418075010,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4876 --field-trial-handle=1940,i,9773894216193273465,7567748727418075010,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5036 --field-trial-handle=1940,i,9773894216193273465,7567748727418075010,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=1916,i,18063023378854424210,4880839819573719365,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1844 --field-trial-handle=1916,i,18063023378854424210,4880839819573719365,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2992 --field-trial-handle=1940,i,9773894216193273465,7567748727418075010,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2976 --field-trial-handle=1940,i,9773894216193273465,7567748727418075010,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1956 --field-trial-handle=1940,i,9773894216193273465,7567748727418075010,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1780 --field-trial-handle=1940,i,9773894216193273465,7567748727418075010,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4128.6.1379137373\522376375" -childID 5 -isForBrowser -prefsHandle 5576 -prefMapHandle 5620 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1272 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {95055c25-14c3-4a79-9fdd-b941952369cd} 4128 "\\.\pipe\gecko-crash-server-pipe.4128" 5608 1ba2c92d258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4128.8.671859344\1879157011" -childID 7 -isForBrowser -prefsHandle 5916 -prefMapHandle 5920 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1272 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {04342f4e-a77e-4ac3-a3ba-bd11014cd65f} 4128 "\\.\pipe\gecko-crash-server-pipe.4128" 6004 1ba2d838758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4128.7.68510657\1677521295" -childID 6 -isForBrowser -prefsHandle 5560 -prefMapHandle 5572 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1272 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {92708a18-1e5d-4d45-9236-54dfeff82be0} 4128 "\\.\pipe\gecko-crash-server-pipe.4128" 5588 1ba2d5ce058 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2196,6749017764440810400,278000085271296986,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6956 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2196,6749017764440810400,278000085271296986,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6948 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6052 --field-trial-handle=1940,i,9773894216193273465,7567748727418075010,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6064 --field-trial-handle=1940,i,9773894216193273465,7567748727418075010,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1756 --field-trial-handle=1940,i,9773894216193273465,7567748727418075010,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2196,6749017764440810400,278000085271296986,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7512 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2196,6749017764440810400,278000085271296986,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7540 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2612 --field-trial-handle=1940,i,9773894216193273465,7567748727418075010,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
US 8.8.8.8:53 0.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 www.linkedin.com udp
GB 142.250.187.206:443 www.youtube.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 35.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 example.org udp
US 8.8.8.8:53 ipv4only.arpa udp
GB 142.250.187.206:443 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 detectportal.firefox.com udp
US 8.8.8.8:53 prod.detectportal.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.detectportal.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 34.107.221.82:80 prod.detectportal.prod.cloudops.mozgcp.net tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 216.58.201.118:443 i.ytimg.com tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com tcp
GB 216.58.201.118:443 i.ytimg.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 8.8.8.8:53 82.221.107.34.in-addr.arpa udp
US 8.8.8.8:53 23.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 118.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
GB 142.250.187.206:443 youtube-ui.l.google.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 52.10.159.154:443 shavar.prod.mozaws.net tcp
US 34.160.144.191:443 prod.content-signature-chains.prod.webservices.mozgcp.net tcp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
GB 142.250.187.206:443 youtube-ui.l.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 163.70.147.35:443 star-mini.c10r.facebook.com tcp
GB 142.250.187.206:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 154.159.10.52.in-addr.arpa udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 216.58.201.118:443 i.ytimg.com tcp
GB 142.250.187.206:443 youtube-ui.l.google.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 static.licdn.com udp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
US 8.8.8.8:53 118.21.199.152.in-addr.arpa udp
GB 216.58.201.118:443 i.ytimg.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.201.106:443 content-autofill.googleapis.com tcp
GB 216.58.201.106:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
N/A 127.0.0.1:53335 tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 ponf.linkedin.com udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 144.2.9.1:443 ponf.linkedin.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
GB 88.221.134.209:80 a19.dscg10.akamai.net tcp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 8.8.8.8:53 1.9.2.144.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1---sn-4g5e6nzl.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 18.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 209.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 78.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 102.11.125.74.in-addr.arpa udp
US 8.8.8.8:53 platform.linkedin.com udp
GB 88.221.134.89:443 platform.linkedin.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 142.250.200.14:443 play.google.com udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
US 8.8.8.8:53 127.144.250.142.in-addr.arpa udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 16.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 178.223.142.52.in-addr.arpa udp
N/A 127.0.0.1:63261 tcp
GB 216.58.201.106:443 content-autofill.googleapis.com udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 rr1---sn-q4fl6n66.googlevideo.com udp
US 173.194.57.166:443 rr1---sn-q4fl6n66.googlevideo.com tcp
US 173.194.57.166:443 rr1---sn-q4fl6n66.googlevideo.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 173.194.57.166:443 rr1---sn-q4fl6n66.googlevideo.com tcp
US 173.194.57.166:443 rr1---sn-q4fl6n66.googlevideo.com tcp
US 173.194.57.166:443 rr1---sn-q4fl6n66.googlevideo.com tcp
US 173.194.57.166:443 rr1---sn-q4fl6n66.googlevideo.com tcp
US 8.8.8.8:53 166.57.194.173.in-addr.arpa udp
US 8.8.8.8:53 rr4---sn-t0a7ln7d.googlevideo.com udp
CA 209.85.225.233:443 rr4---sn-t0a7ln7d.googlevideo.com tcp
CA 209.85.225.233:443 rr4---sn-t0a7ln7d.googlevideo.com tcp
US 8.8.8.8:53 233.225.85.209.in-addr.arpa udp
CA 209.85.225.233:443 rr4---sn-t0a7ln7d.googlevideo.com tcp
CA 209.85.225.233:443 rr4---sn-t0a7ln7d.googlevideo.com tcp
CA 209.85.225.233:443 rr4---sn-t0a7ln7d.googlevideo.com tcp
CA 209.85.225.233:443 rr4---sn-t0a7ln7d.googlevideo.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 31.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.180.10:443 jnn-pa.googleapis.com tcp
GB 142.250.180.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.187.206:443 www.youtube.com udp
GB 142.250.187.206:443 www.youtube.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.200.14:443 www.youtube.com udp
GB 142.250.200.14:443 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com tcp
GB 163.70.147.35:443 star-mini.c10r.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 10.173.189.20.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 b120b8eb29ba345cb6b9dc955049a7fc
SHA1 aa73c79bff8f6826fe88f535b9f572dcfa8d62b1
SHA256 2eecf596d7c3d76183fc34c506e16da3575edfa398da67fa5d26c2dc4e6bcded
SHA512 c094f0fae696135d98934144d691cee8a4f76c987da6b5abdb2d6b14e0fc2cfcf9142c67c6a76fb09c889db34e608d58f510c844c0e16d753aea0249cfc14bbe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 d5564ccbd62bac229941d2812fc4bfba
SHA1 0483f8496225a0f2ca0d2151fab40e8f4f61ab6d
SHA256 d259ff04090cbde3b87a54554d6e2b8a33ba81e9483acbbe3e6bad15cbde4921
SHA512 300cda7933e8af577bdc1b20e6d4279d1e418cdb0571c928b1568bfea3c231ba632ccb67313ae73ddeae5586d85db95caffaedd23e973d437f8496a8c5a15025

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 11e5b848083ca1c7c3b0b6e38065d219
SHA1 8c080b8fccac5b53c800ca9f28557998832ef7d9
SHA256 2602060f155395b394b10929bef56a70f94a85c94cfcb0a219fd4a5471a08b4f
SHA512 b76a646a090a90bf0146620b8fe90e0c77c567c2e2c6e35ad2bc146acbae9324e82afabe6cd2e42cfe267ce49d7bf92fd5022244b220083bd6a5b8c9e37c47d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

\??\pipe\LOCAL\crashpad_1772_EVAJUOHBYNOWSSEK

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a8df8b2222454b30a114e90d3608ec39
SHA1 18c788ba92e15f20d2405e4fb861decc6893b2d6
SHA256 fbbe3f35f3cdee8fbc3dbef8e1066610f2b6a0b961b28e6abf6408fa1a97c9bd
SHA512 76951caf5761e6de101768b7b61404cb1294f1030a1ff414457d89baa6b24abe6407cb7c9999b0d1c6d00c056f6da0dc01c37e4e6ef633395b79b86da1c1f447

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 19a9c73882fe6a4a1da22268b0a9bdc3
SHA1 3b48e9d1e1c92fc841dc17b2ebcf3b2d33f38650
SHA256 4c3da2681be5656e7a812bcd1c1ed393162382d20348208f0a92ae4b8456cc5f
SHA512 d427ae94aa6dd7a0aea8fa863eaa66e22302f6df551f38d7d4caceb101f420ec846e5814a156600fa9b296b21d8230a503ade55a42f7f693876c6253ce6e6f96

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 79014bb72ccca9338511be9eb60555d4
SHA1 a16b78e9a5ad24500383e51966d112e82020e692
SHA256 4f0caaf722bba9c7294b1ef59f4fb1896f37d19251b24bee0e42bdf9a8480462
SHA512 012456a4d848fe7f2ace58c887aa3cc6d77f0fb8f4428d39ac60e23e700f356f7ba4bc81d49693a276fa0e89391b8b2568fa95619cde116bbff762b14d5005bd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a7e6582e0d8a0f64c1d26e8dd1ba0b01
SHA1 be5454a2da87ae66587f19555043b3c3101acafe
SHA256 7f1d24b7cbea3d467260627c43d680c6e47c7a2a35414ea342dcafaa070becf0
SHA512 9b4bc0dd89c6b55ad8e322e78853398ff3bb4cbd5d0a2110032d3c10e9b2151fbbdc4f06683a2e2ea8c89cbf99ccf7b8ec5c58d4a76df5fe6223162fbe8fafcf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 5908406f0fd5c33ae903a908deadd7e7
SHA1 c4fc538e4eda1031e19915018ab55e9b07ea594f
SHA256 f0bf1b899e21efb072c95296a2f8553b7d4d05abe916ba54ebd28b2840ea6c6d
SHA512 8bba1a91c16509eaf4e16620956d0423d5abc271cf1c9364458c830f39a82cab807aa6ad2d35244d00edb7c70743b79f60723927ed11fce41d21228f59dcee1c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6abc84aff66a7415adc45cc5a407efe9
SHA1 24cb670983507739c3ddede2e63a68d08e9e3341
SHA256 16cda0075f659abf5e2bd9306b782dfbbdc3cecae7b17f37f27a3b81a11b54b8
SHA512 d9895691bd54ce0c1f9a0053b169f0d304fa58b6d5a9f5843d1f7b572d1de08918000cf14e9800103f3636b738b2bf46050a51d956ec7fdc7d578898c4b8bd82

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d758d47438cc224794eed2fea9ceee33
SHA1 2491cd98e9a0d9f3ebd7b3106383375fc3da0809
SHA256 af5adce4c462e0a5b1ae3fdaa0ae8480d87a098fcfdcba2c7219e1213d066acd
SHA512 8c95398dc6c3ae4f5c9685ceb57b491cf184f32b6f1a499bb15bb7ba31367aff34a6e6da28d74c956f5bdb79556f553158b87eeda8a69c9b3bd95b3dccd0e9c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a1754a8fb1cb95572cc3f1cbb8a9b414
SHA1 6935f8d107e1062cd7cdf5059d73e59ccb625353
SHA256 697a5382b58740f6314e5743d865a84e5d1e7eb383b43ebf9ee473cac130c77e
SHA512 f7d56b95db851c150fb4a4946122c9e0d23cbab94901aa2ae9cee7df16e3edb247808a45d4cc65f4e9c62a20351404a4171e51fd5baa4a3c872af1a56901f9a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 8549c255650427d618ef18b14dfd2b56
SHA1 8272585186777b344db3960df62b00f570d247f6
SHA256 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512 e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 cb59047105af53fc79ca30f7d918dd6e
SHA1 2a31bd0cde97e3a908ece82d756715d5e2cd5bab
SHA256 80c961247f34381d8b19e028eac6103a042d3731cde036a14915bb1c10cfae3a
SHA512 36c725df5bc09778700eb44b18f46c85f41bbe2d9521fc1d3b162180ed9eafe0330850659960c9c7d9ef7a53861c8e411b1b9789c1eac5a0e474d02c26c1da71

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\sessionstore-backups\recovery.jsonlz4

MD5 eb5f9d225a295c76312ba449823bbec0
SHA1 3d0b0bc5d3e544b00a683e782806fc886ad8db2a
SHA256 8c6cfdc00e7e28e043f33d583629e530d0511328cd1959c5a86e2d3f99ad1818
SHA512 45ad0ed39f6d656ac5a50a360c327bf9290b27b9f91f52f9eaa29f3fdf7b634ea9b3fee48fb4b5e5095786f8161ae5771d17223cdbddcbf4c223ec574d3d97a5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 e41790a2a2c1ed584df80d70290dfd6a
SHA1 1982815becc331ffb17770d49e7b85cdd28dd46e
SHA256 4ef310a65a669aae0c8758cc4c43956786e7fec482d1a20a1f7782c61794b26b
SHA512 245e9cd97d51f3d37262b0e2f146fcfe149db0fbd0061d198e3a346b2955d11ce5e84233fe080f33b9f13589f288598a95987017d7978a9a622222c189556a8a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\datareporting\glean\pending_pings\1082fc50-c44b-4588-91ef-66bb0e3842ae

MD5 d794f9944a4f502893bc14646a6a0f40
SHA1 5049488f1152febe17aad82c3ef40bf801aa61da
SHA256 b89506aa3259f71ba962578b3e7c4e1d1cd541f11233593f42ea1ee91100da8a
SHA512 3da762469808c7020e61805af5c9c5e6fb69774a1d0c40f2c0f49f5516de7c03b39f4e270fdaca816ed84aa2935372d754f307cfb34f558376034f2af3040ebd

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\datareporting\glean\pending_pings\799bc411-3b7a-4255-ae02-42b63f53077e

MD5 cb457a0a81eae9eeff5619a23a801290
SHA1 10e75be03b57e6b35786c7813c984f2c33f65c65
SHA256 30b902c48e23132b31ca37f04dc488111df09e6fc0e6105b0f7d0d87bc16271c
SHA512 3431351d1e905cf317d2663b2267c56f46269d632ce0a50754538a9c0a8963a05a76c8f6cd2b82281db5e9b12c216d9a11d7116a8a8d98cc61fcbde647751743

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\datareporting\glean\db\data.safe.bin

MD5 ad5fd12edd77dc7b1efe00bd7e6e7e44
SHA1 5a25aadf3e36de3f518b530ebf7dfc222cf2f0c1
SHA256 c12e24104d01f3be4d6f4c23b84957b4debf1324b810ed249521657026ab1852
SHA512 919dc1ef85e000ec0fe8a7c2359e3bf5b4b06316609270caca11d337a0a6ccd6f518763340fc486fa2a1e547ac48dc54c97cf6247794fa6789032d59f69bd7c5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\sessionstore-backups\recovery.jsonlz4

MD5 aaca889f9d7178531b686c06dd52e1c1
SHA1 db8f29d384d9690ba78538e3371cad3736f6d297
SHA256 0f90e7b3cc7010d36a86e3035187e2aa7b58d55f53d554e0ee8773f08e74829d
SHA512 b751186d0f43ea5f4250c3cb9557fcc268848bf0883d425b17fa84c20f1257228972c892f746aecb5677220661113255a425524cbdb01aa37736559e833fe1ee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\83f7fb8d-2ead-4826-a887-6fc52cf474c5.tmp

MD5 bb32bad27d74538d21e2397dbfc11485
SHA1 5cf824a002c181ae991f7b9edc4f43a777fefc0f
SHA256 67e30b75a18f0cb655ae0499349293349f2ef363d038eec69ab5581445faa08c
SHA512 15a224dd5d4cbc080255f84dbc3c1b87c536f2f6da32d1dd503f1d6fa8e56082fdbb883a9eb16937fd7109f81a975898f79cfb1b3547552cd95c9687682e0b81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d292b7d032b9541d29e89ff380b10913
SHA1 8b3159f761214aa45008d85e223425b900829a1c
SHA256 865b817f6716c9b27037a25954840e0d5e962f571753ed7eab90b70b4c368d2a
SHA512 7665721933a242276ac53426fbbfabe78638089533a71be42f0f999f366a952d1b9e2ff9aa6f2ffb78367952b8c3bbe4fe672d59e754fc0a1f2f932655cb8684

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\prefs-1.js

MD5 3d88fdb10df1003bc11160da72eac81b
SHA1 0cf571bf3f37c528c59810ac1cdc06905c60336d
SHA256 1506fdc24d041badcec06b20ff951e7ce947a2d8e2011078f33f210ce5b905a5
SHA512 1283a5222c4116483a8bbbd21f19a6d40f02f8852ee8e2659d873e5eba10972dae4ca4b6ace677fddd7ea76f36143ffa595598b7163ea94fc3644a11d48c8d04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 5c666f6ee1124ca75e0401a2c397219c
SHA1 67a3035f837ebb80d8d497c390c58e13fdc951f1
SHA256 7599abf57bf5610a7b3d4a8741adecf8a6889e6b41149c4f720b94de4ec438da
SHA512 6dc9cd7e37b7b1583b1071a53f25646620f2dcb8d985d4511d629f5443ab07cb2578ff3a612ac8995bf840098275455ba46eb0a790e429c3e0d3d8eb80b5fde6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 564f4e31447f8d950a57b20285a7da8e
SHA1 488eedbb61ff56ee7412e2cab5243d4ba148efc0
SHA256 838ecb39912dcda957d8cb2c4f93768a164a898948a3b439b44876874330279c
SHA512 fd00d3703c80ddcebdde87b3c9090f01df5c44c6d608e383cb7cf4f6ea391448c2deb47ef83460193284862e0786b6dfae726065d156bb2697cd03a58af01dff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1a586defd027eeaae6fe7efb4c8ea05e
SHA1 0b9c17566e0484f338cfb21d034e8c9eaa0745f4
SHA256 156229a93e0d73291a7ace5c8259a726bf82d632c8b8b92eb8bf57b7c4b9e4a5
SHA512 620ee6ffab9fb0a107b7c7dbf07cfe29c2fb16a3e47139d0ade2c75983d1e1fcb0a0edd681b29099f666dcff3b8ee3753fc2e7147a0c481a524a501d47aea5f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 1d1c7c7f0b54eb8ba4177f9e91af9dce
SHA1 2b0f0ceb9a374fec8258679c2a039fbce4aff396
SHA256 555c13933eae4e0b0e992713ed8118e2980442f89fbdfb06d3914b607edbbb18
SHA512 4c8930fe2c805c54c0076408aba3fbfb08c24566fba9f6a409b5b1308d39c7b26c96717d43223632f1f71d2e9e68a01b43a60031be8f1ca7a541fe0f56f4d9f2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 58abb3d394cde5ce2e5ccf38fe91d5c6
SHA1 a4cf69466b156e65de8a3a67396cddf493204fb1
SHA256 8464f836f1bf72b659d05ac3d8742c7bd2125c6c5612221e40d41dc4b74095de
SHA512 b7ec1ef9b7317d0844b9939eb75cdec13f638e3e4e6f80dc03abd9e0b853836728fe33b85cec34cffda365484768a83508d90478024f9b985f9034161a956fd8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

MD5 7a204d478c8dfe822bf86f9103bbd9b3
SHA1 7114b36ea1588d9372d730b2ee5dec7a3aee36d1
SHA256 d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb
SHA512 f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3d189339f3b965eaa231c512f9fbb214
SHA1 468fe00d3d65b4ae56ad2438486caa6057272374
SHA256 e6b3ca5f9ea1215ab7ebe4b5eda0692c1d7f38aae54857a39732158d267256f7
SHA512 be754a3c50dd165a104b2fe077c956e6394a34e82765aa3b573fcbed3f19c35558f3f3b0258937bde0d3c7447934277a43c21573ff47f4e9769d81b7457313e4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

MD5 e404d7406b6b25ff193fc7269b92fd52
SHA1 6a02136cb3de07b970e1ba64df0b148f0df31dd6
SHA256 b40c483b6cdc7f83f646ebbf9ac45699285f8b68096f6451b99a9ea0a51ae59b
SHA512 046c1b06607619a7354391d9152d8a9b5ce990ee0b5e0587c088ea611856836d187ead6ff1289bbe663df191702e34bd7954194ce5950a6126b6f808bfd42bdd

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\p6p4nphm.default-release\cache2\entries\9FD6EDAB631D257DBB1CE7E66C798C8A11899F50

MD5 fdeb08520bb5058c6f9ec68053ec98ac
SHA1 d4b47b5ede740115449c289dea22fd7aebbaa53e
SHA256 c39409b214c9904fad78b5d6308583ea3b299831c57f66bf5681b85db789db28
SHA512 a72cd77fd3d17b9048963c3de74da026f102247b13a27a4c7cac9b871be3c3447c63476ae44f4a4a0db2da4287af25d08a455795524868980c230b9ed38a68a6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

MD5 5785e1f5903e9e13f36007a96d8386be
SHA1 0f251706691964b6b792c13234b90b3ad543735c
SHA256 009329b87858d9054bc3ec5606a271d0bb75711a7e080a1c0c9c8a6dc603d64c
SHA512 a9395b6122fdb12a111f46ac9cbcc62d8d8163d9abdfeab60278bc4d9dbc168e7b20d211d3761f2849bbe228ee53fa444224b6d94e076aebdf512ea7fdac957c

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\p6p4nphm.default-release\cache2\entries\DF99BD851EE909BF5F1FAB7F39863F549687E2A9

MD5 29a632c1d2e5d8c591fab19804de89e4
SHA1 1fedf3821397ff3288a34e49b78391db3307a2b8
SHA256 58509b1045c7a6027173a1e337b7b0e2c169f843a0d2e780e79bdc68a1866590
SHA512 1161d42d3fef598a53882a8a741e30321118ef809fa7875ec4fd780601f360c1bb4d43680940e0b52a5930272b22a0808acfcba6dc7aa115b5a4aeebe58213d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b6eba7d3255f35da80648864c667b70d
SHA1 1b6abe90bf7db5802ef187d7feb9da1f42830774
SHA256 3d637f37d8de9f126462e11bc616ba295ba88360c768514d78847cfe2a3fc7fa
SHA512 1a09d2a9a47f560f541b690629071f53c4d1c0962dd5f8b4e3d98e1104fdc42f17883db91a4907cb5cb34bc5b36b8bcb6246a856feb0d4d4468d643cd399acda

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 48a1f77ccf0f523f5c2864f20fc9c4e6
SHA1 a97d896b97804750932a9e8444f7a65cfbb295a2
SHA256 0097fe392f2479647d8c9f3840c7ac49f8296b1908bf0e99722a86f223037ed8
SHA512 e89189bc54043bb14f6535b55ba9aec1f27cc36defeaa5274e5f22acc50854bd9b34073a41649a4cbd66abf456bca5b1a695354bc4de3569c9bba9a494e05098

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 443e351b417597ff3bd1dfdd18b8dd61
SHA1 58114deb318eab0d282bb62a727c4f51a95a89a4
SHA256 4edd4242e7aa55090988507ac8b118f8807e07f88e3ccd724076b147558fdd8c
SHA512 59c14b4771641eb30ca96424143c80389939fa5d8fa6894de9faee107b52ead9690ed0c3c432df2faef36e4ab5c56ee72c2cd1fadbed4c0f45ea75ca1b42f63e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 5f5efdd040f2922daca602ce7b40d81b
SHA1 046975b03c432c1c82ad08e11ba0f62bb02c30b3
SHA256 cc31388d7013dc8778c15d6acf297704502252661efecd4e55bea7dbc2be1a16
SHA512 fd371cc68a32eeed0696a41dc3c451a3d58054199c14a627547b8707b5d1b572024dd52d843a4cf8ff01776caf9010ad3db60e78ce74c2bf4e8564e6bd605c8b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 63920b301a0969e4feb6ac870f99fa29
SHA1 738393a169fb989bc0cdd099172fb0a0b21b84b6
SHA256 314d4f341916761723de6ee5d83f2c8fc85fc00a484b0366e907f77367fa88f2
SHA512 ffd6daa1139424d20dce7bf3eff347361663ad63b91b7a547d7d0f1c8504d62ca2569543eab107ff177227d8dafc1b77d6f7fd6dab8e73d01ac6dd6c46764cb7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

MD5 d1a0d8504b6a46215e2a4cf521ddb7b5
SHA1 3d6e16808a1e17ccdaca99f37ed30468391c62e0
SHA256 cb357178d5e09917800b0669d958b5517c4f8b322c01f2adeca3ea7fa4e707c1
SHA512 2ee68d71b04a78e1bc353f66daaeac1ab9f2e1119d7b6974571f8ef1a7a20fc1ea3903f3d90f3feffe7d820339abed4a26cabb230ddba3baa415309daad2d570

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\sessionstore-backups\recovery.jsonlz4

MD5 0982c41c3d1a47eb9cf4906d04f66a4e
SHA1 a7d2e27764fbf37abd051bab9d9d01bc7fab8345
SHA256 478a0f36b0852f0c8fd84d52bf60b675ad6421c78b1fada833bbc4021bd44746
SHA512 5f892c3959e0b9b5f7aa4596f824b53f795cd26a5ade83b549317af28e8c6cf74ec34eccc901879f0a42987c672a63cf5aa8603cae0853553fec0df4c4b4d732

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\p6p4nphm.default-release\cache2\entries\91327050A5D76DEDF98ADB9E359869511B7AF892

MD5 a307f93123b438433f3d404aa8e6e94f
SHA1 650f59e5983367fe5269dbcdf32e466305e858c6
SHA256 4831d2752b1df4259e39388ede385b3e4ebb4c106f011cd6261f8cdfc4c893fc
SHA512 e5414b9615c70c11363433d75c14d37d4675883b71d1fd9b0e3b339636e2e422d674b5c33b06c4febdb137b987e1732e53340896c9839119891d3580eb1860f3

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\p6p4nphm.default-release\cache2\entries\B192AF0B506CB512AA81C2997217F230DD365C3E

MD5 76385fa5dcd504e6e99353a7591db2a4
SHA1 8880d3919083541ff5893bb9370e449ab6e9ac83
SHA256 f8749fc16f7e05b808792e1135bb13f8459c49d71ece6b6b7b5f4e634505c1a3
SHA512 ff47791a8a56b6aa89be2a62e320bb332f51c52154ca913bbbcca84e556eb78a280ae7aac663d65f0a9f38022612493b79b29859569e73b47f9a1f0a469342ea

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6626458422c2a05939fe9601e84ace37
SHA1 a5dbf90e9cf8d7ffc1b172413dd0803a854f4a0f
SHA256 ba073bbd0488b8c8d89150879dfefd275bd9a5c5ab1dea19ddecdc6b32ec9825
SHA512 fafd698f1cf483261bd4be17d7555db386ce58ad0dcd3a12002ecdfd17876a5f68c3fc68cc43e75fd863c88dbe8470f8210fc59bb9d7b2784d83bc15532652a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 39380b869fd9f60c9c4ffdb6058dd480
SHA1 33a1d92dcca192c2e4b3a2b377ee8cdae0cce071
SHA256 b2e469e59c7bcff433d700b08f1cd5d266a39d5a3eb0b02f682f248ea6616f4a
SHA512 3491bc92ae2f1efea6171b9bf422f791ac201c25e9010c524f71849540b425c90a7cf5cee2bf8d1f812ad10a70ec944d792abbb5bffe0b17663de4139d90aa9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57f83b.TMP

MD5 78ce4ef00e990ebbb4fa6f356a59abc9
SHA1 33068a967a094b850e54c5fc2b6f675d60cb5e94
SHA256 d18eab9db4748a5d781877a85b8eb36c8e28303a0b832da8f3bc5c9da4a8fee0
SHA512 f1a412433c0cb55fdcd38f59dc48e11cef11f5460d0b4b9a511e76145ab9835fe3184a92882615ab5a15326505f1eb1ca55cf26cef9199acf2855b5083f9547f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\prefs-1.js

MD5 c69f41960d001e24d9fc3e95200ded8f
SHA1 ec24f678701cd1ad05491d9e39176cdea36c1299
SHA256 03ce1442428d86a38778e5e256807bf033ebf2e604d8bd3e8c8c0bc1adab15c4
SHA512 bda624e52cee86360486ed158e3f3ca2d5ebb63f43e28ebbee1c4f255f5d423f90ad02e60c5065833d09ae57fb9d6b65d1483187e00fc3812a325cf064583d28

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\p6p4nphm.default-release\cache2\entries\0F7B5CA5C294F3C4664E30F0722FAB303F6EFE19

MD5 86b8ee392f878dccfa3f9a7b0b5603ad
SHA1 2812b0e77be9dc5d7f8bcfe97318611493d33a14
SHA256 1449e7a9d941f685d5274a2290452da09320e3968e3351a608fe6597d60e2d3e
SHA512 157c21823740f1e9adf24faeac5656bcb0fb93b5bc33a03e8ab975ffbd4bb01a552c8503db2ecbac2b4dd6031e48f4d9fee075f82a3304d566af3ef42aebb8bb

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\p6p4nphm.default-release\cache2\entries\967A2F1B96722BA7A1E25347A9086C7667DF3C61

MD5 4d9b5e84cc4b752b354ed2c3515179b6
SHA1 39af478dacbee3b57f82d4583fc4d37ae2250de0
SHA256 df74de05d054ff60e8e3e4b74ec7e8be6682fccea7e2f8a42d7d4e2a4c8ca811
SHA512 bddfeeddc4015e59efdc6b103321ed7eebe10ef8ce8e3bfc88aad78282f4da7f38abfcc7a1e6979c25a0acdfda5c98fef54a41037067ae8e616cad7254e2b119

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 2e7571e761189c412f6a6c874f4a2f14
SHA1 7961673b7af644b69b1334a75f985b8eb1e85d89
SHA256 37563bebda26610f9b84a5bf3a7557dd387df8aeff66fddca5f8c9bf673b85b9
SHA512 7999355691eef789c65bd188db1d5bb66aba2577e61888db509a980b6592ddd9083a6ec56917ec5bf80c8be73b8af8aa2240b60757e3eb1766c5cbb84cc98394

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\p6p4nphm.default-release\cache2\entries\B0D57797F1D367C2E5F5B7B39AC196003C94E20C

MD5 3dd4f63fc7761a72e26f7550ad058908
SHA1 fba9b1ddadbf55dbfeeaa6010cfda0c520af8ae9
SHA256 9493cd995fedfc29cbd2cfbb208c450934caa36e314ea70a646242f863e6ea0c
SHA512 179292d804d94cec0ab03d0024543b473f221efd8b9a118d4bd9e11e13475937f046906eaa3af104b72ee3f3cd488a27f1305d4b786027fc780f8de82183fe02

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\p6p4nphm.default-release\cache2\entries\B057193FD5FE646E53AA0EE8AAB69D19AE3D2994

MD5 8a951081d2942a024e24a58352c6d92a
SHA1 a10620ead1cfd9237e2f8ba351c3c03cd6dcd583
SHA256 f3d56316ddcbcf0215b4747e603c6322f6355ac1f04d47dc296efaa0ee093a49
SHA512 5a9d7d696e5356fc4baba4a58cf709c22d0413d4206ba82f8e2466883a9f04791a74205628397a8ddf0f4efa195499c2bd6d8f7972d29a79c863cd0bde699dd3

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\p6p4nphm.default-release\cache2\entries\15EDEF29650D758897E738A3C3DFFADCF8E3DDD2

MD5 ec920aeef79efa1d7e01e64bb34888d0
SHA1 6557f57564cda4049603be0a48f434919db7452d
SHA256 2b0ce3412b73471ae069827e17e53f422af29e74c3a1afffa500555f275c2cad
SHA512 58538d801beacce5ffe7e0ae59464bc80e0cf58e6df2eb81200d4b6b59f8742b37bd5e1b10a228b0c988d5736b3affaf5c486c5ac1f72f7a9a55ce70aff6ed74

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\p6p4nphm.default-release\cache2\entries\3D7E3694408A336270CC4BEDEB292BC044F3F9E1

MD5 feea37df8799f330820e5aed7075367f
SHA1 7348ffbe724e53c0ed2feb6cd3b641b77128eccd
SHA256 64aa1e116316860ee76d1bc55723e940b97202f1eeaecd2e82a33c034e2bf380
SHA512 df0a2f26b8bda9693081a9553e25b7022b044e863e045ef6e2d93a715692fc17729c11ae6f38bf1d4d15c2462cc05950e2e4e928f20f75719c78a5dc43b0017f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\p6p4nphm.default-release\cache2\entries\72FB6C719F2B0D0A3F2DE9F2C177515A3B3D2251

MD5 84a31b285d66cac437aeb655ae7d2d16
SHA1 3a59b7a02c73c6c242faafe9d0e2a3eb08015353
SHA256 33317014e38b56f643600a610d057d148dc3b38d6a83bf98db8706f50b6f66c4
SHA512 59e1d779df7cdf93c3b8694aeb8b15556f0abf76f7ce3cab30e54f71c492ee626d59eaa99a2214e10927633d1c1a6c2e09b556af20bfbd1f1bdcd7314b54ad26

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\p6p4nphm.default-release\cache2\entries\CB275176A216449DBADCDDD501A4695BA9F7089B

MD5 8b77985ecce1692603b9f5166f4b3706
SHA1 60f3e422adf6b90bf5fae91df8d457fa29975d14
SHA256 9f5bd342aa22b755152254e7adc0c419753e62374695b3c9ab2ff3e143e40d2a
SHA512 1cfcbb27c9247858028a8d261e9a36f50ef48c8319cdf1e3cb4795b1c4c6657b765fbe76c246f2ec9d3feda09e574d6824ca04c525a47b7584ab99ac5a100b0a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8c194fec5cee0ff6358ec26a99f9e72d
SHA1 cf405620751481337a529146c4cf215ccebbaa84
SHA256 954407ce7d86681c568d6ff27cf85a981948d8d55a8204ebcc64e8c34f4488d0
SHA512 9461c0e53f031925b27851dd2b815a06df7cc8553038dd5edffe8eab8cdf20e42605a5603ac4cdf19fd4c704d137a0c503b5c5c7aae5b45d2b71315f432f6522

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\prefs-1.js

MD5 b84689337a34c124a7d10e2d4d5a8f3b
SHA1 46b195dac101180237c280b306b7bb00a1403e3e
SHA256 9b192dd7edeeb8c1cb91159e26c698dccc468ef51b5d321cdde452d48e347369
SHA512 842334a7970d00477fb19d9b6a335e917a518940812e4a8f60bdf997b1ba8e53c3664f1a05afdd1cfea4214f9184b00c3d7e3af72eb924ebffed5e800d655e79

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\sessionstore-backups\recovery.jsonlz4

MD5 421f3e5300e0269c9e12a40e4d4c8db1
SHA1 8338224967fbc30973f206ff4a50e72442770542
SHA256 82b3c3ceb135abc0752eaa270fe54c957b81655cb4f03273318a8bee8e37907a
SHA512 f624ffddc25a3ee1268882cfa5e429f85401218734e45e3970818a1ff22f2a30c64c7bfcaba288348dbac6a47be529e09d99b9da18fecd3efa8cf54651209d0c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 a7d020971edee484ea885fc4616e9b94
SHA1 8886c765643c22961bac6d7b2c3c8ecc81b06bb2
SHA256 b883ef00d35c211c6e80e81e27765a3a13cdc958461edb8c2c04841a8a6a44c5
SHA512 57532c64e20bd6e59771a201e5c35d821092813d6838b13752ea2f85fdcbe02cd22b2d318a4aa0f154e1490f89d6f7e5d20adf7211829c1e052fd5d7ffeb5972

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 609f45a40b2aca33446379834848848a
SHA1 7adfb35cf6d56a498f53ed1d2379b3a8c1143022
SHA256 ae33d4380e2bcc526d647c7de5053f4540572037ecdeae74cfb1ce29dd2148b4
SHA512 d1bbf6e9c7fb6e7b2e5f03a0405bd192b015f60113c3f79ed7d85b17dec9898fe3f22eb0f2bb3b553bfb879189b83b820218874546b68534e1e2bebcbe6e1d14

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old~RFe5823ee.TMP

MD5 38a27b54a7423c6d77c0504e2b3719f3
SHA1 015069c0c55693a68d9aa9bd98eb34ac97a11205
SHA256 761c03e168ef91f68eea80fe3164f6f604a42881a980a4c1fa7c92dfc44e7f6c
SHA512 6f00b8feff98d06e1204abe928d2bc29ae6286377e318635bcc65a941cb17f5f5479e077432dced919aa2582028dd8d7d7b71b48ba5c31de41cff9fb15d099b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 dc27fcdf7554ac66cd291ad0bfab339f
SHA1 6d16fab958406ba65074bebb3ab5519a00406cbe
SHA256 2d686e473b659dbfbd15d72f1f7375906395a687f05165b884693cdd7214b013
SHA512 b92fbe00f3e0bca3279bcd81af10ae5e7e60d6af830f5f88afd5717a3e46a4530bd3b40a964086fb42470077be45e0d508482536d449236915ee99ebac894e6d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b5fac1d55a1e33fecb72dc822bb93a61
SHA1 9a65018abcbe2e0f62e9fae9338178f042e62a97
SHA256 1f949b6d9c9d353fe8e07bd9c62757171514fcdee9f695bc68029786af24c52e
SHA512 6bb0fe66a6263a0a28c10da024506a155cc1a8c8df1d6bc08c0b419259d9fdecbf197854f62502f5d064c48c82f023d632f7b5689dec0e70fb61d5fa927d081d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c

MD5 69281da100964cfec7ae2f658e327d10
SHA1 503ffbb29a144105c4a897cc69e8dce126c3f9b1
SHA256 f2f8a553ba84d2913d5a55ebc99adf2ce48767bb5c1c68fbadacdb920d169cff
SHA512 ffa68cacc5a3a703eaa831616ab207b178f87a80924142a556f9e0939a8faec6f0432a6be4ab91e4c307c2cc98d32a925b8edc69fd5cf653e3978cfafa9daec8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

MD5 130e9ed324006d75b5c46bd727735a83
SHA1 8be4c63be96371eedc6d6821cf91f2f1314b2b40
SHA256 1609a7a1c75c7dfb17bc1c70272b7d96e1e044d90a03ac1bc05940fb3e3f82a6
SHA512 88df0d14d84ddc1fbfa4550a6fa81cb1a67cebecaaae812ef7b92a110ee576df33b90667afb580efea1a2c20f2e3eb21a96d22f9ad7983296ac7c9dbdc3ed9d6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

MD5 2efe732da132b815ebdb45e61f1baf05
SHA1 12d135e908ae982f4c62665c4eb2d2d9912795dd
SHA256 f99627f0d1bb86eedbc0cb49ab8edf2e4e9be79b4c4782cf1aa0ab6f3818c4bb
SHA512 ecb7badc41c3c2890e5fcca48859ab1bfa9cb50bfda1d59d461407bd6d754eb1fa4f434459c91fdbcf42adb531b545e0ac24f8f79ebc726f373aaf43916ec834

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 bc03b5207a5cad94556d29dfcc9af052
SHA1 c5a476388f25dcafe15bc54cc74271bdf2931747
SHA256 b09fe59f209b698430de7fad05dc39342ffd74d68a7b9dcf23d96da1035badae
SHA512 66685fd06762ad6580e73345aab63c7c6dfe9fecff0cfd9c9767c9edf1bbe133957ba63112b4dd805cdb123182be0b2bd97a1153d53c8de16b8adfd3496c5fb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 6685380eee1fd3b56af33dc73690cdf6
SHA1 7e98300635a92e6b9e096fcc9aeffc1e3e736ee6
SHA256 d6b0facb2579c6add50d92c8b5152831717636d3e5605e44df9e12765f06b889
SHA512 3bdd520fe5b2eadd16dfa3f23cbb61d0c52986c205021e23d11231f819e526ea3604ad4d0f24f1a57166285a35911872be55b643f207e0ed78287eddabdd6782

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe583dfe.TMP

MD5 0a328865722b5a4366917cbf1f5c7542
SHA1 c25ef0ad4e26cff2123f9d3ea60ec7c7b76f6626
SHA256 4136c68e5945a69edc94179f60fccadebee58e64d6d2b0796037ecaf99327063
SHA512 4b74196e0d20ad2211ce1dd6c6f9408b06fe4b2bdf05bc9cd0e83bfc88d2aedad00477ba78ccf2e8e3451dce65a0eab93724ff09cee657d06a8c3ea87b80fd42

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 18a382475cdd23b3520999399d4c4fd9
SHA1 204e0a09905ca95d796a3e84872c77c16dda79e6
SHA256 810c2334311b89dc89f7bf5bcca5ea6e32374872a1c4d82c7b5f4ada277864e2
SHA512 6d1575c89623d843b87f5a6dbb6f430c1582f633f0d32eaf7685c35c2c4653bd55ceccc653fa5a8f12ba34881f0e068f732460c37ca313f76c675673b9fc0495

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7dbb351230135b2a81223d010e499b04
SHA1 fe45d132b730ca12c72de8fb5fc41cf8a028c467
SHA256 5f8aac6ec74c41d30a97f3d74bf7247f5b74b497992c46dda9aa55ae7bbc0088
SHA512 4d75b2d97f15d4d94ee0876226fd39011af9c7e0c8df609645ab796ddb15823c5128104398e5d36a82085af0266d046d5a1727cdf15f28306e704866556e78d3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c37b7c8240fb48c46d255fbc9876fb25
SHA1 7051f771fa45600bd45973e9a155b840d37c75ae
SHA256 2ac5622d2fc8f2520c9c2b5e26ddedf7084a7b87ae803a25a6bb4867bafb831d
SHA512 28d19a00d4ad71133330d74507d90581c5aa731a758f579ee3915c45f5c74496d378e4b74bdcbb6929bb194bad3f80cb5a0c30bd5efa815a4c2ddce44ff84de0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 759efebe8df54889a3de9455e78b6c61
SHA1 c3ad779f804586ab2aea00992fe170317a7c9944
SHA256 655ab1be6dc11b7ec1f686cc7fcb175820998ce35fb3ac25d7eb53b0555ee092
SHA512 2d55808c2fcab9554904f5da46bd7a180a7431a212aec52eea5869bc1a9f37f8f09d9ac374fffb03f1437d2347e8b2acd7fa3985400d1a83934538b8aada8dd5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b97e67b93bcea813a6004859b3eae823
SHA1 40430d382246a0651ee57254ebb98216d178fd1f
SHA256 57b60c9a64113946653bf117e5eca69cb91125fade987f4d1155b8721f9e9bc2
SHA512 c100ccfd25dba1fcc0e06ba7e84622c42f3c324d72a2572972716e5a0174bdcfe23e5d495ad655a063b6452198eda551cdf38a3d27c212890e611ddc000134d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 50195d1da4a4733851b04b70b48ee9ab
SHA1 a64c766634784b0267a0be83c3637ac48b7bd285
SHA256 a8c98f0947a7486f4073b50ae508c289b78801602512e7e51e9ab9cdbd80d301
SHA512 11565cc96e7692044f5bfda589b12493f7de05f74409d6975b6c4c7f2f47ed5fa904f4b4a6ba29bda0e9e3da6f376848d945860ba0dd63cd8ba84773177a6e7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ad3619d925b143aea700a0bdffd6cad1
SHA1 75e3a4022a57e3b515202faaca91daeda9193034
SHA256 4dc3caa78b4c602afac36d281e1779d71a28df38ed8fe09cee0dcf56a747f7fb
SHA512 640945fc57245ed8dac053c6236a135bf1ee13d27188fac7c0ae90bdeb6e341aa1de73c694e6463d49d8cf3717d05c654a9fabf29a11911128467a6ee1d33831

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 a56f35fc90d89aa56be4f5f62b15e75e
SHA1 0f645833c642eef05c94187fd718d8db0347ce28
SHA256 c6f5f7cceb2cb86efbd0be9e08ec23756ef2971611f731ae7316c6a9108fa56b
SHA512 f094f90752bce7a93e0f9655c10c7294cc65bc8f0305df03c058b7618d2781224bb63c96f315e504b959f7e70eadb3f25378adb30e03f8e378cdc6a49c21cf04

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p6p4nphm.default-release\sessionstore-backups\recovery.jsonlz4

MD5 0cebded42023f0f0c0cca4093c7c270e
SHA1 32d748208d6172c4419420e041bb20886124acf6
SHA256 8662368e1d9f647aa753d9d8fa73fd95005ff1db42eb96199344aa3d7babae6a
SHA512 625f963a002d3ee7ee2c65f80f42e66a7728b9b8dcfcbd0b030046e3b0b4b462773611c4d85c4cb8c61e0742250078a5bccc072f4b44762d78888983f36614f7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG

MD5 53e557b167f9415938094fa545c1bd8c
SHA1 96176aab301dfb7bc423192115fcea50f658d6ba
SHA256 5e557d0933bee80f04e21f5b55ac3a475c97bf04c79058f69fa7b76db783f5e6
SHA512 f48dd394a8be2a3152a9983eb8f6fc4ce2d05514b4e1281937b2ed16e5a9cb31a1e98d9e505f306ccc2b8a0e0a39d545d637183ca1954d5825a977e54f8a5630

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 ba41b57e2760037105ed1f6455a86eee
SHA1 3f752a29f7f2a10bc8841063f9b2537bdee18bde
SHA256 938b2e6fe353aa5a2c6fa17f510a52091d250224db9d6e5e1c31e60fe09e01f0
SHA512 ba94f6170324bf0e513554a9b96b093ac7366ecc3c3cf3bfaffacf0fa3a72386ff5c288e1bcd3dbef7f9e11d72d79af4934924f2a3d7be389e194808efce9c17

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 81ac05c6d01d84d913a56c11909cdc7d
SHA1 55f6bd5429c5a35ed53caae2cd50d856edcb7883
SHA256 b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5
SHA512 0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 336b5fe95a38d5b516171ac783b62d56
SHA1 775aa554ce9b56270a4937b48ce86fa0df867975
SHA256 8ac685f483e76112da6e5bb3b1b3920cd7dbfab6d37aed99e0730c4febb92acf
SHA512 4ecc1420530217124c27c92b3ccddc33ecd9d1c412e58227350b32605bb80947281a77cbaf2464adf9f98d2bd8d6104e89a481b2aea17ed8b537c840a7123cfc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 de8652f7a09580ca7773b60c9101151f
SHA1 47c9305319f5d30922dc1a0bc27a5a585ea6dc11
SHA256 3b5b35c72f4461dedfc3b1e49e3074703916bc2c623e6c8075d68db48a4c2afb
SHA512 f70f6b61ffec1b9a3d1d79d15eafd00d059d55d5beaa31f52821b83c8746bba1b186be2ea4cd55931285975bd604b5da5ce7524076144c9f229a34b569f5a39b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 aceebdaba8001b5ba623d992c0c23004
SHA1 0d4e1544a6ad5e9276ddd7412c1fe30358bc27c8
SHA256 b71eee5a20d544e805e17773d3a492368f53a1fa8f95e8b9623e80c13480503f
SHA512 63e332af98ecbbe59e9d70bee47e84f803c8d92f541511a34481a6342d013bbe07e79c78264471b94f3cc000f318ffb9c27e072c2fc851b6ce8a4632ef8b2c48

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 bd9213a256b81b01a11089f9e5b66081
SHA1 86375ead01f103f7ce051caca03b4995b8b6ae58
SHA256 7a8c134c53c3d64ce8fc5af1666b9e5280c398fa25b058b506ed4a7ce31ab995
SHA512 a6f270e31c8bd0ec0faee91aa7428f08669002779a863573b08ab48236b3fbf929444c66ef1e4c50287b6700303a34576e846d148f5b4d5e4b79439bbe36954e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8bb1c3eb827aad8cea0642ce3900d3ba
SHA1 1ed54acc4f4126fd9a3abc06b5dfc0226a3aba70
SHA256 026fbff8390985de81c8ef1c0fa4b684a6925f4df5d069e018298d45bd908761
SHA512 0a75f34cf64fd8bd593ddcb1570b0eabdd4689cb723db610245d522f8d85688a39a40f4677e4ec569897787e3c218641f58239581f0f0a5ec42f1d91a8098918

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c1e74d707ce2d02c15f2ec23eddfbb7a
SHA1 7c9b51d04811707d40352de2f0859c76aca07018
SHA256 64d7d229d8c9653c73e54e52cd1027580cfaac2a6a43a146625e4887ee0fd8ca
SHA512 4eba4531d872843ac6ef71882d2634f91d342199d4f19a2449f472e1d7da898c00fa512c730bcc6191b3e1c5b5d4df354849b8056ceb6f937908b97ff379c507

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 3061710cbffd375f9f7735207e0dd48e
SHA1 7d99862931ff82d0016b65a5fa434914691be485
SHA256 907557fd3f797fa4f482657fbe7c7e530797f7f22e399c396dbcd8746edd77b1
SHA512 7b4a37f5494d2fc9c9d48856f59a0f0c8e179a85afc84aa29bab45bfc11a651a0ea13259e2c9b3a4c15b18bc9676cb2ff8885c7cd868d28f938d840f1d26d374

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe589815.TMP

MD5 4bbfd09a0464048bf28ae17f8d80d186
SHA1 631fceb1c64f2e64b7c40188947a74563071bf9e
SHA256 a9a6d1052d4692bcfac55e81756992f4225f28d18900ff99f9c305445a397b0a
SHA512 5d1fa4da31fdd273cf8b73626b440dde529321b92996fda618fbfd1a5370bf5d756cd95f9dac924af2b64618a997e87518e9b0117034ae2049e570a1e34cf2c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 5894a4246be13ee54ee1ae627e0c79a6
SHA1 8663c127b9d69457b3e6075c8658dcd7e7dfd261
SHA256 7865147a2a5c624d1e4b9087f7f6ad8d33f326ac632640829a7bdd69d0cc5a03
SHA512 64fa7803d7c5f223c01d5b9dac73dcd50506d18a055619f424ec973e6b5d30db46c3cfd8399bfba5e5b81b637daa2b5defda7575420b877fbeab73f5f0972385

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 f87ff681ded374aaeca5f1650aac0770
SHA1 83229241767fcd0cae2f86fea4abb06790ccc327
SHA256 0a451a8ebc30ac4c11415d282b23b4dfc1a75dd7d7555ec03faef52b83ca83cd
SHA512 a41f11df33c6e86d507848d4fdca014cb70dffa598cb98b1bccb76f38cc8c5ad2aa3008830e18a492dee4f2979cc3eddd3542de0a38e553a08046c1c926c9dd6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58a7e3.TMP

MD5 2ed6738df20cdbafad0ca7cdbb6d7670
SHA1 ecdf4a031d201c46870e1e1dc604a41acb6a9d4d
SHA256 f72c8101005dd4055ef1d9735b2f79d2b47960d0db178f5e4a47966f353138aa
SHA512 3825161aed2ea8259bf3f753fe919ef73ee504d568bf01f19d01725e0b1d57c4202a884ff9933b0b1127e57b6278be0ae5140fb4181ebfcb463a85aaebeaa844

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 c2209c4200f8783d0b94b3782b03b19b
SHA1 6a08cb2c7ac435d048c4a54fb6616e20da77a0ea
SHA256 618e6ed8f92a34925a572dd88e75c95e3fae1af365efcd392713e1fc565700fb
SHA512 699ef73db47b13edcb724deceb0fd47b6f9b6d8095ba197c5cdd0a8f2857fc6519ef4a7a927a32db8368232f8bfa271bfce90607186ad367c8d4701be6d0230a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 85b0de077a16082347ffd2895a7519c4
SHA1 373db8ec067b4225d3e619a0c1befabf2f949514
SHA256 afbc0948df87fa04b7ea4263f515410a793a06366dd358a9f161182a8c4ee1b8
SHA512 5e3251f12801aedc4d4aa41ce252782eb958ab7d6ab1e410906f0a8ba005baffc82820b6cd48c36d7100b9681486f5f34abb1aa75ec37c56f16a2741ab186568

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a8e330e148cb250237137628ab766c95
SHA1 88067ef0db647403f3cdad18db763cce455e6a38
SHA256 7ee316f95a51c838ab9bf060d72b95f58e34cf0533a216dde151c3bc34f7da8a
SHA512 889df5b11491a69b0711756a7ab839b6584739e15d476cae774d1c88767632610db74afdb3e4c5a812a47ebd40885c5189c0db47d1ce167fb1bdc358dfd14c2d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 f46b48c7dc14362de2a3af08daea167a
SHA1 81f3daa2aa4b92455519b3b8ff80f10a584b54f9
SHA256 75c5002e5547b9695c6c09d21c2a44a602590cb79a8d2813096f8f4f2d187732
SHA512 a70581ad47f13483c46c8521634271ab11c4cedf977dbee9b0d543694f214c24e0d8f5c5cda740a15973c0d79c477728b21c224b10a6c990a4642f220e0a9448

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 7ea95330407c3c23d6dcb00678bb11f9
SHA1 f03109d478427825fb8be7c6a87064073b80e09f
SHA256 2fff276344253776faece9629cca827c64f5e6e4e93b0311c25093406896238e
SHA512 8695df578de0f0393fd76674e2eff463215c0cac1e42674c485fc7e46ef2efa09f9385453768c42d93f550a8b65db119d028a0796d953cd19113bc3d758bbe64

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9aff07af645898b898106488088e680a
SHA1 6636b413af1f48b288fddcd3a0eba7ea02baae55
SHA256 bdd7efd9e4be4e1f6df626a5c578d4ae4df7b4ff2ddbebf83f3977dc0b191599
SHA512 c237e7923fa601d3eeb80366caa70d61746e357899c6b56d5877cd49c8dfc6508d64e5e8301922ca21032b62aa6d4cdefc75227115338e1e508f3d921ce07d82

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

MD5 3b40598a735a304a93194868c712d563
SHA1 6ccfd7117bf97966c78900872119f749873e5347
SHA256 e8b23f654dc1dc41d425a7ba52885933403e1ee55867aa52f18b641e93a8cdd6
SHA512 4e159ca9cfb5ebe7af0e847923f82d4219a467121cb51be9a0f0f6a2345067e234df5ef51206e71c80e5727333a5917e0aa1ca2fbd7ba72f280b69fdb9acb3df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

MD5 4e08eee044c91ace0ad7a46cd9542a0a
SHA1 b542dc6b9818c8c1e07563d3656389c67b3ed5f7
SHA256 e5602fcd6ae093bef4648c93d192f79d4d6849d783096aecfdd2f53e3ad85982
SHA512 72851bad9b83bfff6a47141bd5ad47bf1a2fffc7c8c62e611606b06208f5daa3c52ff49f60945ae58884e22476069b99c7a7f44f1ea8d624cf2ad4f4227d3b59

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 2872a06453157b41e7e50e7ce062fcdd
SHA1 45d4f46f8747aa84b70437d2799ad5fa71e8ab52
SHA256 3937fb842b8ba3de78a6da3e995447bbce5877a7c6309dd0f4d361d544363d25
SHA512 dbd0b0fb2c98511477b5453e584b546363bb077dbda3d34c3b03ebe56a14216b6446f45cc66a4a4d47c2d4f6a032667e0d056755296a04fd460d0109232caaab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c203a519b18e92739272440b14bc5067
SHA1 ec0fdf734b04c317ed299bb7ec4ae8de0e9a8f3d
SHA256 6802da46f443c1a62d34132571245d98454e4dd7f194c7b6fce9abc29daf1768
SHA512 0e07480270b5271380e71c4a308d8ecc5a410d9e0742adf8fc62fa52ecb4ef36335d49cbf93f04e9aad6a0e257f9a606df1327b26fa85bb130ac5da4bd104813

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 fbced799b67c41f8dff3a045e30ea22a
SHA1 e5fe795c71b234565c1eb03d9243b566f4023cc8
SHA256 c6f62b91d8229c955d9fee465a3a5bcf7e3da4dab7a8d275a441b0f5cb997871
SHA512 40090369f48016a8d52471ea6577825760b652db688e22642f83ea1c8ed10bf67543cd472c4de816a64e2f91896cfdd5f49f31452e312c40073504d8930a3b34

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 18bd10d1d392a2fe7a04dcd94ca56707
SHA1 ede1eafe792473cc5e1023e0a6e2ac20b465cc7d
SHA256 86685e417310406d58ce68a0da30429a9f6f1dc45179dc18d18be908cbbf0b1e
SHA512 9f9d0ad28e20c438a0c1520b66e02b8e24830299765d8d475e0524a8910cafc57cd37520a6e2ffe5cca6d616341299dae035147042fdb9fedacdcc219fce0aae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 33f037983108b6e21ffaa0c139440f03
SHA1 d666dba55ddf30f5c2c9eb56250432acb76e7223
SHA256 8af575304d5539323788b55f6b81039785281ec9a30f6d61f3478e1505dae9a1
SHA512 288275fae613ecee36321d48d7c8a4e108fd6bc375b185da1c218a22755c07bac74317c44db465788c65fd87dbcbe3e8c6759ae77cfa023c6d9e344b3c4b6802

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3f1e5962b097b737449e3fc924f5354a
SHA1 253c2df5699e3db3752060be212595b22edf67f4
SHA256 e6f9e7851377b4287b7587011832239e6cf8c554cbda0d050399385210c99127
SHA512 cb4f287a2fc30ec2b3aaa7deb2b50577c5244d4d79bb3c2cf9f8e3573d3531293d5e43715d816e139902eb5a60c0750465fbb03120ff48fd8157384770e0e7a5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 75ca77e655017e1622ecb3d02170ecc0
SHA1 2b41500eebcef4de167af0d844b91ddb58f962f8
SHA256 781ba39de3c86e2e2cd9a8f7f57d3b657f83a34735e10267654064775d2a6899
SHA512 d73259cc307e1b37e8d30bf8c9bc035988d7036d996d71d24b11b758c4cdac8aa7ed5d29344077a59ba7a4759b94c4796436df28da0e5d8b9cbf1ce79010293d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 33208230e05958a32ecfa3d3ff452085
SHA1 aefc9e9dbb41594bf97b9ca4b47927b35bb869ba
SHA256 49a8810f54ac996bfad8a85286ffc67630f04361c47ee5fbd1d67b0e0d58ad00
SHA512 4397bdf8485be497b78453bd4c984569b61f565dd0dd784a061545dbced9288f1b95c4bc24a2ae19bac5acb69a3695584d0f899cadf6ea2a9446eed4c5cd6c25

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 9fcf253e0b5735c243723d2d21292741
SHA1 49f5ea9590c5d5495765ee53e49959bcb9d0e8e8
SHA256 d3ac6b21b7c341b7733ce57b376036c7e2a4233f82464e8676fcac65ee9b1c2b
SHA512 d216c4aca518877729146845bf5728a2c4c26be6a70f5c68f306fcac1f61a55ae11d3aff4455f46aef306722cfb7577548b29235deffca3de752721e51e8513b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 95eb11671ec99f66601d005b9859892b
SHA1 bfb71b4a57af2cfabd0c250a14b4282362792d2e
SHA256 e475a1dacc8a4d2babc4fa7f2f1a3a13a0e8583bea1416c36a2fe6d8b0da83a7
SHA512 9b04b9f2cac3484214587954dc7bf46446e15082efd1b76a19d7a7592a74033267ed78dbab0bc64e642a7055c5ca3f0aa4e1562013b40c7ede886f18e3e02a51

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 aac9daa9fbd0a896f415cb631da7f954
SHA1 94e7321a4d9cb4f42d662f5685a36920807c8c38
SHA256 c9da818db49a51bb93b938ccaf2941b1b3df40f0d1a8e8710cd14284b5c01715
SHA512 2dae89fdacc8c85ec21603c7ebe3b4f0d8362ea3678670c079745bde82737757c110f5d66ffe53559a8331a49a809005813e12b830941f0f72707ed43ebcc4b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036

MD5 27a05b77e7bba6c2b279f1a67cd6acef
SHA1 3164de3d460475f745bba673aecd9f7d799d7509
SHA256 71aca97ad43f1a016bcc6a04f90587cba90db71a03358130d686acf042e00f83
SHA512 5cdf58d637dc70be10b36d7ca7230404ca4cd58af53028183cfc28335dd8d3ccb24f0653c0844acf67deb18f8b529dfa83ecb2af34dc1129662dbdf20c0bba06

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 3522b881d8d810955a2a9df1faac8f5f
SHA1 a8f67a9362a5a97f221f290833745293356afa7c
SHA256 199fde34de903f2e32e05a32c58c7e1f736f38e9395b5cf820cf3f3a2e847ab2
SHA512 99b5eba0d085d389db9d4b1c5c343c519fb1b3cb45d9a66f190664eddfe592a43638d68511a062ea21f6c530075b0f57e4fa6d91d228518713dd50a688ea6314

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 c317b2fef3cac388982fdebe2140eaa6
SHA1 c053aebce0127d508f288f2198b8c9f20a5a2403
SHA256 e728108b303053d4dfad1ba6840bbd551c056ea42da470d949ab131678b84d60
SHA512 80ac77af0700c9ecdc7a19ada2c2336d03b48acce5bcfe75de902a02ea3894a0c94f2ef8f1ca5d253af088fe516cbf36b2ae56e5d41e6f3c636b8391c8bd9aa1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 5d1c433d35a2d1e0c7ff9fb45cf4f825
SHA1 8059f73d650acb68f8188474dd641854fc148d8f
SHA256 bff39553c675f1b7166d712c5ca32b584779edc5d33d829d13954fffe19d6daa
SHA512 9ec1b3fe1bd7c8218825d7c71ed2ead670eadcc62c7418f8a8a652883764e4132acf3ec61076271092d3a92c2b8665261bac353b3d0b667eb695fe90d7599d4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5c5b51d643d105cd3c03b6eefbcfc2b8
SHA1 51fa111d174bbaa41e6fdbbda550dbcf2a0da30a
SHA256 35eae0eebd4bbcd283814ad0f2d1ee508d90f3fcffc4f56c7c8195435b361fb9
SHA512 6ce4fa08c95ac91eba1de3b045b3e6f561ef43d42db5fd85484be8ecf41051e0e5a8afcd01132f66e2d18867efcbf696575738fe81b8eba5394047d6f16f8970

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 c07f469f6277de7a5634b270a48a4825
SHA1 15396814ab1b042c6b7049da0197b12bd0992eab
SHA256 860194aec6e43080b26747964384567f6e4c40ffd93ff169e5543f5b0216e772
SHA512 cdc7adbed8602ecc55595dfc1362aecf36016dd34cabe6513ef21ba4f196102386e876348ad3813b53e8ae8c567d886aafec1032b931de72d97d8bac7439d731

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 af5caa96007cc9146f1cade63b36d054
SHA1 1714c4d7c877a9e08525f9b20bb81dea1fe1bc92
SHA256 f25e4ba79d1b3792f4b9e4710f11c6664ac603a388eb588f56aac23bc0b9df8f
SHA512 ceb91d3720e51bbb51a5e9e62275b8380de75ae8155513f2f940f3a8438c9a9f046845a5866482542535fb6ee0e8ba2b1e4cc16e4030dd6a82d0833d24a47dc8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 154b236fb65151bc446e09b7175edbe4
SHA1 5e247b4329d0660752bbf2e547bab83a045840ec
SHA256 63631c9b01084e4756c8e768d6165434a99c33816a4d58dbdf4246852a0f4659
SHA512 bed2685250cc1fcb2e5425b83bdad93d07d3db186089322fd7ed8ce93e9c84a29b3a6f92d2199e4147a26cb0abbad84ebd20140a9e92098d9bb539b4ce27ec89

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 2e5326b53e0e0e79c247098738e0bfa8
SHA1 f5e7a90080303e8d269333a59d05b8d9b9c546c9
SHA256 82bcf2dcd64f4092399f4dfe7f234200b7c93bea7b99d4c27621146d92106212
SHA512 a2b8c11bb99ec8311f628562a687280d01960e663e273d259fbc7c1790f211af283084c2847cb4ad5a907ddf9d7a3ad9426a1ea0e3c6553dde20f301fc71c14a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 0c7013fb5a0cf986f1678f8ae2043a10
SHA1 c0ccb1afccb8859a8953aa73b6414be990abc18c
SHA256 ce29e91409a10de31a73cfd60b76a30a06f5f2275b2b4f0f496819affda86486
SHA512 8bf9c7e3cd928226ad3e7376c94ff83aab6291e0190f5355618f904b162db8b18d4fbdd9687e64014a344153f5c4264b091ef428cdeb0c5ed29be478f08d35c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 46ed3734bad1a4e98c8e248e54872fc7
SHA1 c0bc14387ff12f739dc8b96b5107bddb054f403d
SHA256 efa920f591999e0d6581d859db29432cf14e97dd7eb96502644b311209cdd3c2
SHA512 b5659ef19c7ff68a1ee6e70a99acbcaf2ca02de3a1f2cd8a052a42beae2d0eacc2898635b5144ee4ad65a208e55d84ba41105fcbbd5994b884a820636b7aa808

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 cfcd0fc97b0c1d255bb12423fcd26f18
SHA1 19626326d895cc6860112709efe03dd03896bd8a
SHA256 93c68b0221c95c14b7ac6e9077b29f96677df11da595d741f7d11125febffe2f
SHA512 e3259b40e9752a096913737a6dc11dd1ecfb0cb940f0646db49184734a8e9cae80f46da9c38ebbd8cc6fc88ab4d124e8d4bec2baa4c31dceaf6e23f2beb8de79

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 0951fd52bdf38e8bdbaf56904b3328dd
SHA1 2e01e5a07cf2f27550d41e2c8d72d9ab034cba3a
SHA256 8b297a8ae51c25f80b81525d8244b8fa5d26b752cdd07c14602519e076bd5032
SHA512 398c8aa0386e47aca7928d0df85ba9246cabe6da65a6e52c10d576161c113efea737e6d9b5f72cc71178d2967c81786930a9efe06b6e13c82053665089293603