Malware Analysis Report

2024-11-16 15:57

Sample ID 240214-b4zygafb66
Target 6099a8fd5e1e9b9a92139992443f93c1.bin
SHA256 fee1fccde7b4f3ea58fe37455f276b711a42aee63e2d3161b9d5be95a38cfb6f
Tags
google phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

fee1fccde7b4f3ea58fe37455f276b711a42aee63e2d3161b9d5be95a38cfb6f

Threat Level: Known bad

The file 6099a8fd5e1e9b9a92139992443f93c1.bin was found to be: Known bad.

Malicious Activity Summary

google phishing

Detected google phishing page

Checks computer location settings

AutoIT Executable

Unsigned PE

Enumerates physical storage devices

Suspicious behavior: EnumeratesProcesses

Uses Task Scheduler COM API

Checks processor information in registry

Enumerates system info in registry

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Suspicious use of SetWindowsHookEx

Modifies registry class

Modifies Internet Explorer settings

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-14 01:42

Signatures

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-14 01:42

Reported

2024-02-14 01:45

Platform

win7-20231129-en

Max time kernel

76s

Max time network

150s

Command Line

"C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe"

Signatures

Detected google phishing page

phishing google

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\DOMStorage C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath = "C:\\Users\\Admin\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\DOMStorage\facebook.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{55AB8751-CADA-11EE-BA32-F6E8909E8427} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{55B04A11-CADA-11EE-BA32-F6E8909E8427} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff5600000000000000dc04000065020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1276 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1276 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1276 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1276 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1276 wrote to memory of 2072 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1276 wrote to memory of 2072 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1276 wrote to memory of 2072 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1276 wrote to memory of 2072 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1276 wrote to memory of 2188 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1276 wrote to memory of 2188 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1276 wrote to memory of 2188 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1276 wrote to memory of 2188 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1276 wrote to memory of 2560 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1276 wrote to memory of 2560 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1276 wrote to memory of 2560 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1276 wrote to memory of 2560 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3068 wrote to memory of 2596 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3068 wrote to memory of 2596 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3068 wrote to memory of 2596 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3068 wrote to memory of 2596 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2188 wrote to memory of 2656 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2188 wrote to memory of 2656 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2188 wrote to memory of 2656 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2188 wrote to memory of 2656 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2072 wrote to memory of 2508 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2072 wrote to memory of 2508 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2072 wrote to memory of 2508 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2072 wrote to memory of 2508 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2560 wrote to memory of 2524 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2560 wrote to memory of 2524 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2560 wrote to memory of 2524 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2560 wrote to memory of 2524 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1276 wrote to memory of 1976 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1276 wrote to memory of 1976 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1276 wrote to memory of 1976 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1276 wrote to memory of 1976 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1976 wrote to memory of 1584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1976 wrote to memory of 1584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1976 wrote to memory of 1584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1276 wrote to memory of 2896 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1276 wrote to memory of 2896 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1276 wrote to memory of 2896 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1276 wrote to memory of 2896 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2896 wrote to memory of 1748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2896 wrote to memory of 1748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2896 wrote to memory of 1748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1276 wrote to memory of 2112 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1276 wrote to memory of 2112 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1276 wrote to memory of 2112 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1276 wrote to memory of 2112 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1276 wrote to memory of 2712 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1276 wrote to memory of 2712 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1276 wrote to memory of 2712 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1276 wrote to memory of 2712 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1276 wrote to memory of 2680 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1276 wrote to memory of 2680 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1276 wrote to memory of 2680 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1276 wrote to memory of 2680 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2112 wrote to memory of 2540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2112 wrote to memory of 2540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2112 wrote to memory of 2540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 1700 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2712 wrote to memory of 1700 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2712 wrote to memory of 1700 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe

"C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.linkedin.com/login

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/video

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3068 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2188 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2072 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2560 CREDAT:275457 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6429758,0x7fef6429768,0x7fef6429778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6429758,0x7fef6429768,0x7fef6429778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6429758,0x7fef6429768,0x7fef6429778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2568.0.1219006574\520433930" -parentBuildID 20221007134813 -prefsHandle 1280 -prefMapHandle 1276 -prefsLen 20600 -prefMapSize 233275 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9baffa79-06fb-4b0a-a560-48b23376d506} 2568 "\\.\pipe\gecko-crash-server-pipe.2568" 1344 fff8e58 gpu

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1120 --field-trial-handle=1372,i,3558259909358596573,17563651477017597430,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1584 --field-trial-handle=1372,i,3558259909358596573,17563651477017597430,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1512 --field-trial-handle=1372,i,3558259909358596573,17563651477017597430,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1104 --field-trial-handle=1308,i,16366188522132398830,10615874241722950260,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2568.1.651464019\893788817" -parentBuildID 20221007134813 -prefsHandle 1532 -prefMapHandle 1528 -prefsLen 21461 -prefMapSize 233275 -appDir "C:\Program Files\Mozilla Firefox\browser" - {350bc98f-ba0c-40b9-a003-2ca02620b580} 2568 "\\.\pipe\gecko-crash-server-pipe.2568" 1544 41ec458 socket

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1172 --field-trial-handle=1328,i,5934316165645764179,11405380011655952598,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1452 --field-trial-handle=1328,i,5934316165645764179,11405380011655952598,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1480 --field-trial-handle=1308,i,16366188522132398830,10615874241722950260,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=1764 --field-trial-handle=1372,i,3558259909358596573,17563651477017597430,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2304 --field-trial-handle=1372,i,3558259909358596573,17563651477017597430,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2676 --field-trial-handle=1372,i,3558259909358596573,17563651477017597430,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2776 --field-trial-handle=1372,i,3558259909358596573,17563651477017597430,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2568.2.1874146669\1919466523" -childID 1 -isForBrowser -prefsHandle 2420 -prefMapHandle 2164 -prefsLen 21499 -prefMapSize 233275 -jsInitHandle 564 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a176c17b-c8d9-4ad2-9029-b74a6f97d697} 2568 "\\.\pipe\gecko-crash-server-pipe.2568" 2188 1ab90258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2568.3.589351990\296097079" -childID 2 -isForBrowser -prefsHandle 2896 -prefMapHandle 2876 -prefsLen 25956 -prefMapSize 233275 -jsInitHandle 564 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3982dc8f-8ca4-4c03-8ae5-010d1e0177a8} 2568 "\\.\pipe\gecko-crash-server-pipe.2568" 2908 d61f58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3380 --field-trial-handle=1372,i,3558259909358596573,17563651477017597430,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3392 --field-trial-handle=1372,i,3558259909358596573,17563651477017597430,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1140 --field-trial-handle=1372,i,3558259909358596573,17563651477017597430,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2568.6.1603644261\1403745220" -childID 5 -isForBrowser -prefsHandle 3884 -prefMapHandle 3888 -prefsLen 26177 -prefMapSize 233275 -jsInitHandle 564 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bd5ecf1c-4251-411e-903c-fc9e3b59d514} 2568 "\\.\pipe\gecko-crash-server-pipe.2568" 3868 1f3f8a58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2568.5.285978561\289493576" -childID 4 -isForBrowser -prefsHandle 3720 -prefMapHandle 3724 -prefsLen 26177 -prefMapSize 233275 -jsInitHandle 564 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2d2e9741-12ba-4546-a4d9-581a0be6186c} 2568 "\\.\pipe\gecko-crash-server-pipe.2568" 3708 1f3f7558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2568.4.1716894018\1601588251" -childID 3 -isForBrowser -prefsHandle 3596 -prefMapHandle 3592 -prefsLen 26015 -prefMapSize 233275 -jsInitHandle 564 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7378a072-ac4f-438f-aa1f-9b158c36cf04} 2568 "\\.\pipe\gecko-crash-server-pipe.2568" 3612 1cbb1858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2568.7.1062512205\1147499530" -childID 6 -isForBrowser -prefsHandle 4260 -prefMapHandle 3908 -prefsLen 26387 -prefMapSize 233275 -jsInitHandle 564 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8eece693-371e-44cf-955e-39cba3dc19c3} 2568 "\\.\pipe\gecko-crash-server-pipe.2568" 3724 200d8758 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2568 --field-trial-handle=1372,i,3558259909358596573,17563651477017597430,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1176 --field-trial-handle=1372,i,3558259909358596573,17563651477017597430,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2568.8.1083624350\539184080" -childID 7 -isForBrowser -prefsHandle 4372 -prefMapHandle 4484 -prefsLen 26546 -prefMapSize 233275 -jsInitHandle 564 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9cac396f-de74-409d-b175-d11f36ba5f99} 2568 "\\.\pipe\gecko-crash-server-pipe.2568" 4520 1d4a0e58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2568.9.1603539712\499045659" -childID 8 -isForBrowser -prefsHandle 4436 -prefMapHandle 4464 -prefsLen 26546 -prefMapSize 233275 -jsInitHandle 564 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1d31a5f8-3194-43f9-bfd6-0bb2861b8d40} 2568 "\\.\pipe\gecko-crash-server-pipe.2568" 4536 228f5558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2568.10.1147392820\1754016763" -parentBuildID 20221007134813 -prefsHandle 4792 -prefMapHandle 3052 -prefsLen 26546 -prefMapSize 233275 -appDir "C:\Program Files\Mozilla Firefox\browser" - {19e4acf7-22a2-48e7-9f6c-0b3357858ce9} 2568 "\\.\pipe\gecko-crash-server-pipe.2568" 4736 1eb98658 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2568.11.1066025112\1590304347" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 5000 -prefMapHandle 4996 -prefsLen 26546 -prefMapSize 233275 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8efb0c3d-cb09-45ff-8565-6ad804ed1a54} 2568 "\\.\pipe\gecko-crash-server-pipe.2568" 5012 1eb97158 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2568.12.586509269\1694505972" -childID 9 -isForBrowser -prefsHandle 5400 -prefMapHandle 5404 -prefsLen 26546 -prefMapSize 233275 -jsInitHandle 564 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2b965eeb-b268-4ce7-8950-96a113d64e35} 2568 "\\.\pipe\gecko-crash-server-pipe.2568" 5388 1dbfab58 tab

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 142.250.178.14:443 www.youtube.com tcp
GB 142.250.178.14:443 www.youtube.com tcp
US 8.8.8.8:53 pki.goog udp
US 8.8.8.8:53 pki.goog udp
US 216.239.32.29:80 pki.goog tcp
US 216.239.32.29:80 pki.goog tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
GB 142.250.178.14:443 www.youtube.com tcp
GB 142.250.178.14:443 www.youtube.com tcp
GB 142.250.178.14:443 www.youtube.com tcp
GB 142.250.178.14:443 www.youtube.com tcp
US 8.8.8.8:53 static.licdn.com udp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 m.facebook.com udp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.35:443 facebook.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 fbcdn.net udp
GB 88.221.134.88:443 static.licdn.com tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 fbsbx.com udp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 88.221.134.88:443 static.licdn.com tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 92.123.128.161:80 www.bing.com tcp
GB 92.123.128.161:80 www.bing.com tcp
GB 92.123.128.167:80 www.bing.com tcp
GB 92.123.128.167:80 www.bing.com tcp
GB 92.123.128.167:80 www.bing.com tcp
GB 92.123.128.167:80 www.bing.com tcp
GB 92.123.128.181:80 www.bing.com tcp
GB 92.123.128.181:80 www.bing.com tcp
US 8.8.8.8:53 location.services.mozilla.com udp
US 44.237.193.248:443 location.services.mozilla.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 142.250.178.14:443 www.youtube.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.178.14:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 locprod2-elb-us-west-2.prod.mozaws.net udp
US 8.8.8.8:53 locprod2-elb-us-west-2.prod.mozaws.net udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 accounts.google.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 44.227.167.82:443 shavar.prod.mozaws.net tcp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.213.22:443 i.ytimg.com tcp
GB 142.250.178.14:443 www.youtube.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.151.35:443 www.facebook.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
GB 172.217.16.238:443 www.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
GB 172.217.16.238:443 www3.l.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
GB 172.217.169.74:443 content-autofill.googleapis.com tcp
N/A 127.0.0.1:50490 tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 accounts.youtube.com udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 www.facebook.com udp
GB 142.250.178.14:443 www.youtube.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 142.250.178.14:443 youtube-ui.l.google.com udp
GB 172.217.169.74:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.213.22:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 216.58.213.22:443 i.ytimg.com udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
GB 142.250.200.14:443 play.google.com udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 142.250.178.4:443 www.google.com tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.202:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.202:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.202:443 jnn-pa.googleapis.com udp
GB 172.217.169.10:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.200.42:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
N/A 127.0.0.1:50542 tcp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 142.250.179.238:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
GB 142.250.179.238:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1---sn-4g5e6nzl.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com udp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.178.14:443 www.youtube.com udp
GB 142.250.178.14:443 www.youtube.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
GB 142.250.178.14:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp

Files

memory/1276-0-0x00000000002C0000-0x00000000002C1000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55ADE8B1-CADA-11EE-BA32-F6E8909E8427}.dat

MD5 8aeb1037d0d817fc4a777d46335feba9
SHA1 6b37c7c7c63cfcc0ec7144923f6e5c777a8ce82f
SHA256 fb0651c9f7bd32dd7ca6fcfc3cf001cb9ccaeef09c51e34578ec87d307edb499
SHA512 d38d737b2789dce5afcb5bd8aaf59576e93d9250f328c95b644981fc8eb9d2e67a35b7644491a61fa368f33640db998e047450264696d9624e7e21e0d4cfad07

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55AB8751-CADA-11EE-BA32-F6E8909E8427}.dat

MD5 8aeef8c93aafb7545b2a7f0258463f08
SHA1 10fb330d5f48c06607c2db355f116a4a18b2934f
SHA256 141f8f7efdf5b97836b6391394ec8e2a4f3f83b0d9299069a1df496c1594e0a9
SHA512 3867c97aed0561f56361d0dd6d73c31d46b45bf657d059011271d3fd0701cb7e9709f4e9dec74e67cd451a11552a3cbe16f975f2b62592e0eac01d0737fe4d79

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55AB8751-CADA-11EE-BA32-F6E8909E8427}.dat

MD5 b65315953324ffda4da6017ddcc486ab
SHA1 e69440e16d8470c72350ffa1267457115c66ee99
SHA256 468e097d2dcd56f873d0d3771d9124b7bc7386e22fe95df9090cff54acf91fa8
SHA512 6cfbe40bdc69d349cd17c0c1424bec63b493fd6b3ffce51fcdb5912cf383fd977cbd869112020be704eec6053a866edd50a670afffeeae0faf271f7c26d1c5ee

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55AE0FC1-CADA-11EE-BA32-F6E8909E8427}.dat

MD5 86bc4c264a600796780ce3c645f05db2
SHA1 362bb33c123ce0a2d4bee0b9cbcf8eb46439340a
SHA256 f08a4e0bcc9cd9c7ce6b04aeffc6565905a93f67a79f265619360f8f2b432f72
SHA512 57656b4c6b36167c49e49d769f1d7e09619bb5668de2ed8d6427282981ddecd7af1a3deb3d496910bfae4b16fbb7f3b68f32a2f1f4750fbde17ac7bd9fc27826

C:\Users\Admin\AppData\Local\Temp\CabDA7.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1978e08f3938f0fcda5fa3ef82a691d4
SHA1 42d3a329548b4960273db1006e3ea9931aac3a52
SHA256 f4c2590b500f6a62063128225e72b8c3aa5eea3c3944b3b434c5836ac6538184
SHA512 982a8ab38f7a954aabc6b982a080fd61686ddbdc4366f2bcd05a4ba06425af8a7286d2420eebdd44e6e0a1094e731baa50e14f9de668e0640bb6374150ca56a4

C:\Users\Admin\AppData\Local\Temp\TarE92.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4A9377E7E528F7E56B69A81C500ABC24

MD5 3e455215095192e1b75d379fb187298a
SHA1 b1bc968bd4f49d622aa89a81f2150152a41d829c
SHA256 ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99
SHA512 54ba004d5435e8b10531431c392ed99776120d363808137de7eb59030463f863cadd02bdf918f596b6d20964b31725c2363cd7601799caa9360a1c36fe819fbd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4A9377E7E528F7E56B69A81C500ABC24

MD5 af570ef74c249faefb27f3e24d19ca23
SHA1 f8eb3ea837c21b180381d55d82c5af9f9084625c
SHA256 d51564ed7034c332cf407f03f115437736e887c2971224a441271d7cce301b99
SHA512 deb281b459838c231e7d64160da9f6c9ca9894d6d8ae7f063d5bd5423c214afa0b0aa6df21db296f4928e854a373ce445630d13f9d55e3ca85ea9c9c923dfb8b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 080915c1a8548700ef1791d1a19b138b
SHA1 9a9ff7d96bad7070165c8d57fa7d560abf9f61c2
SHA256 ebfc5b1c860326c5f743976a3affe6c9d3e7cc4fcba49e1590e6944c9652c771
SHA512 62bfdd0157af815826841311c4cd72cf3dc24d5aaa020ff71662dfa3bcfa37ef0e925292fc7d33302445b5d2a4d34382d0c165549073418d513e6244cc5c9cb9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 7e86f89dab85e87ba12d9286a16dfb29
SHA1 358eb5f3c67299685443c5dd6e333cb8e4c51a8f
SHA256 d4eeeccc5a8fdab61ae5ebf49c207e10917bed089f4c219b155e55b8271da01d
SHA512 ae9bf844c41a2a07088a1f9110ffd39868ac5219152eaaa56f8480eb4ba7af6df6fb3b449818738b23bc883d2305b41c234f7920a8d3b6b5953cf85638314ac7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 530dbc978742b3b2a91a262fa74ea305
SHA1 a214133e5393cb31fc17a75996dbbecb88da872b
SHA256 31affe9fb6599e797f0720bd825dab11b58afbd6542b3501ae2db200fd2942b7
SHA512 0dbf41750a659f8664937c8fb688875495506f57298233b06be98afc5d56bc944b2db55c43e716731c9c0320fbd87434b6edabee2c9d74522b89e914b105129b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 c1190c42174e910532e883fdf8dd8900
SHA1 ea06696fb9791c2ab88466c233b41b3650a3cdfc
SHA256 8809a93d757545a411f5db0b2e7ef3ec694c7ea24dd12ff189d581aca51b9900
SHA512 a6c2d15eed54b9e1667c07b83b3b1b63cda14ba006882f772af2840e9cc1aec77556b042897e33446bcf8624793886f3778e71ace72a642deb464b983c29f4c8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 d1681f4b26cd3a7226497f52812ed6b6
SHA1 233ea027053ee1b9b1aef61d7170240063f9adf8
SHA256 792d8705935e44e9392bc7f13048dc46c2133f74044dab7e7719b69149eed8b0
SHA512 ef2cac24460cf55b2a826ec699d057de709728f318c941fc7843ca398f7e0d2c9ed35d6c86f2451556693aae5a85cb1367c1cbc74a6dd9257beb79bbf01b51a5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 72a47b1acb9fddf31227fa31a64c5948
SHA1 f08996ac86e1f6b2dd07de5b20fb5d39b335019b
SHA256 20f41fc3eda9ea9a21228743b81d69f9eedc0b40324a4d3bb649487615f2e5ad
SHA512 947fd432c10bf6de803dd4f85dc564cff725b35f3e751d98fc849f74fbebd3873350e7657cce1588f1b9d6dd71bcea139ebe5ad1beaf654635cf2ae40a1d266b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b5b37f8d330961e870ade77da5019281
SHA1 8b4e893d9aa209ad4a5b5ba74f58ffc827c532ac
SHA256 e4f2fa28f76065566ecb36f2b0bd954dca9733bd30cbfbe06ee35eac49e9cf8f
SHA512 5e1bcd993e613524502ee1a7a934c2d22dac8200854d1002364f3f55ff1e2c066c7d634dd8ac2f3d6d872462f82e126b7a26c7bb2e4722ac470f3bfa67bbb9e0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 bb8dcd8eff65987e4b4ed16cc38ed8dd
SHA1 2132149c91aaa6a8a90045c17f8ff46b3688fd0a
SHA256 5ccca3ae611bab192afa35d4e5ae53a1fb5d2751990c2c1138a38fbe128a03cd
SHA512 9b4317b3719e57b0154e224fe4983372f1361d4e8a4764550d09307ba1e6024c898a90c1f3992a87124741b97a4708548edbd4298a305bee0b6128ad1d349332

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 1e359300f7a9517cc0412db8ebadf653
SHA1 1d13659fb689cded49965eb972853ba61047c8e5
SHA256 772603425e55aff9502c4dbe6b8c18c73a5853c7d35350228a6e7f87312c226a
SHA512 a2bc912e68f9d62015c7c5f8c94729afc5e81dd01a6727441aeea06553095363dc83bac0da5e26ae4fcf25a4b3b25b663cc80c5bee603924083837e69a5332f7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 7a85170c867f93fc07ddbd04afe36eb3
SHA1 7f119738f81a742a88a0e60eaf6a4fe2c3bff419
SHA256 89af6a9c52423b86477670a1a09d46b6474a95d5a11d85e9e49b3a0a6c712da1
SHA512 61e4f525c953a7c9b77abbc69590d7c3120a0c4231897259e3f93948eec9ee297ed41123e0a7ec3fdde2399ac96cc4e5336cd5ba651fe51abe15900ee8bdd22b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 f7ee29adbaf05e608532d3b2ec7bb651
SHA1 a4aaad28ef15fec2431144d769ae7c50d8f0ba88
SHA256 f9190e34886523fe86b001c84114321a99d9b7dff2dd660748161bf6afa92115
SHA512 842598a626568a0c65923891e9ed7d75b755e49e327d0f45324b0aca85cb41a34c48fe4988373f4bb15040ab09f4aac687c42bef2fbd613e5dc67ec5c0a82589

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 59c51ce0184fe2c0a885b1134c0074ad
SHA1 ed7adaaefcfa66424ccbce56a199d23bde6670ef
SHA256 5fdd85463abdf64bc0c19a6938fa224c23234567e960bd1714848bd797d7b7c0
SHA512 0b04f3132b2a3298f0ac9aaeb257f529b3853f151150ef2f1d9b5eff1a64bb83f7ff58ac6743744082cbb27f3273b8296767dd95564aec6ba0dc455d1f46f646

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0c47a18fc125b61b887e9e3f6edeb118
SHA1 d675247d4d2102af7c873f5583792ca8903e4a44
SHA256 ba8a3288b82d81e8eb5d746f6fd14c607f89c696198cf0f7db17b43450b28139
SHA512 3dc84eab23f06fcf68ca1731297e0086f818ca57399396cbabaa56495b00c0e28250a8a6be81e89b16d0c4da338bfd6468f7ecebec245e2f93f22bb0054d4131

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c9f234ee8335a7d70d6394d940a439bf
SHA1 4bfdd4d46817ce8e8ab08db2ea28d536c32c6001
SHA256 69893af995336137e9a449446566fab32324fe8ed05ae8dda27c28279bcc9efb
SHA512 a75e114d8bd060829c8c2e6c7b2fda790a081ee5233967a875b2e56f319ce4ee1caa25c2bac72ee32545ac20d4e45a0520750bbffc375d2548db31a9412dd5b2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 80f7c82a8c19395593bf8fdfd77e6b3c
SHA1 5beb25c739b0238cda2b50d458c146e1b12a2f62
SHA256 ee1a961015777741ccb0fc22524937b7686df21f0d6e00796394b773c2034a1b
SHA512 b074e3a9dbdc464ca469525265780a059f0d583f6e489909c6daa980ab06d0fd2ae735aa06dfd2e8148e6c40cbb043a314426d25a191d582893d132daaa252c1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 22498b704008e2672aeb838c05679a8b
SHA1 8f374bf0afdaa38c0a6a84a16df26bdb191c3819
SHA256 33794ac8317f6cb1d840a7009277ebff28b5953f1bfbc9b399572489c1f45975
SHA512 88311583f7bef5bc7ced144d15be928dd929f65f6c7d09af316ea62ce950e51866496cbd4f2c1ca1b50a7d2bc32b19b4896d3df945253ecd6f5041f924f7c14d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 ba1f73ab37094a6641eb0194386efe48
SHA1 442663a799bc6cb1da059eaf01e755c7e34e6cd7
SHA256 fece992556f7b40f83be0259505bd55f83e7c46fcc1456da24de5f9d16e3cf1b
SHA512 44f2f14a3e3bfa948490fddd8a6339c1d5501b7a4839e59492fe2e25016ce99a01f55bac9b3381b82d70c0d01944e8907c4b279e07c30f72881ff4e618159ea0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 2e55ad91a590e850745754f65f76da35
SHA1 77a4481161dea42a3e850cc4e408aec45cc8c6cf
SHA256 21475378f90b4df67ec81f028ebec5a7ac62d59146fcf6b0536d191bce013caa
SHA512 b573768567626f9aa95542f039f6934bbd0f7c63a37e7aea9ac53a0ac7f9caf810956fa43e4af3b5ec898119c2e5067277dfc4147ba4578c370de491a90dc6b8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 444044e3fe094d56836f17c958462c9b
SHA1 d501049c9904f4319285d70fe81f51f3c13fe9d9
SHA256 3abdd6ee33a3927f0421a483dbc4e01734d75fe6cd7eb7b42d530be4cb7d31a7
SHA512 5e37ca8877feae0ae9dbc1acd5905e8a577c9f81acc7b8f41f42ebb192fb105273b6f8ae921e5321700266adf248867c1c6bc226fad4b8e82a8159016463c975

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NE377NW\favicon[1].ico

MD5 f2a495d85735b9a0ac65deb19c129985
SHA1 f2e22853e5da3e1017d5e1e319eeefe4f622e8c8
SHA256 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
SHA512 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\n7bgnbu\imagestore.dat

MD5 0a472aa62cb49c544b05d93cce48ce7f
SHA1 3f2a15698cb654e0c27261b53251a83c979b0255
SHA256 ce679c9ad74fb7549bad5dffd68c593e269a9f9d4fd32854d93e7628b45c43c2
SHA512 019281faf447ba598f225bcb2e549387858049cc7a315549f0c53002e323a5f5548b2bf4848184e9250a388823c41662d830621f0ed765fd1bcd7b52dd517737

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\4EOSX8JG\accounts.google[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\D52JENXF.txt

MD5 c0b30bf160f0cc45891c83e718e4838b
SHA1 f4e087e00ceff84f821eef8cd8d728cef091d8a1
SHA256 b61a9f144f5e9819e34883e22d4534467262b90e98a963e7268742f1c815dc7c
SHA512 17f2064bf03044822900eecfda31738c04e71e2ac761319464bed6fa130943e7d1fab7814075984492796777da4add0b314436b63095d75a7c0fbe3e67f6e820

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 8672f2b72b88e9cbd7a54c4be1f92c48
SHA1 592e831ade6a49038005017d885f63fad65b113d
SHA256 4e2b990487a8eadc49a9eb57106fa2661420d56cfb3a31f2405ac41274169736
SHA512 ddfba4cc4f8a8259010c306fdbddc57fbe58727c9c079c5692dcf5785303a1c3838fad402d55737d0243a02e5edd7e741ec6aac6e9895e2bd981802a8ad4843b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 68e2efa707550d385447458ad1f4ad89
SHA1 2e49ff02892b1d2d808989a1026bbc3b358b30c1
SHA256 e4a3cbf95a61b481638db6d458571d653988b6c7c2166487fedaaf8afd0b9468
SHA512 449170b5ed6d863742c29441bfaec8471b82982cad824c141b359ded1c109f8eb87118feba5399fc35e26b74e5bb93b3c223cefaa359b1e4ea21971890c957d8

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PWD8VZKV\favicon[1].ico

MD5 f3418a443e7d841097c714d69ec4bcb8
SHA1 49263695f6b0cdd72f45cf1b775e660fdc36c606
SHA256 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
SHA512 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\n7bgnbu\imagestore.dat

MD5 43b5df73f5c1a1a3fd6a4785bd44e526
SHA1 83c94868abd3f216eeb6b511b53fcaeb414bb90f
SHA256 95e20595ad6af30e75aa7948465166e2baa59710e96ac2b21d4019d8ba07eb8d
SHA512 b4099b6ba4907c4a89e4b40ac7aaf7f14ebcae1f22321e982b8075fcec0e7ff44b37e90bb212bcaf7e02786e2937214a0543eb4db1dd43562bee2ca4ab25486e

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NE377NW\4Kv5U5b1o3f[1].png

MD5 a81a5e7f71ae4153e6f888f1c92e5e11
SHA1 39c3945c30abff65b372a7d8c691178ae9d9eee0
SHA256 2bc7a47889c56ad49f1b8b97385d5a4d212e79bb8a9b30df0665a165f58b273e
SHA512 1df32349b33f6a6fcb1f8b6093abd737fa0638cdd6e3fd90a7e1852bd0e40bc2633cb4e13c4824fb948d1e012e5cb9eed0b038b121404865495d4e57e123db69

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\n7bgnbu\imagestore.dat

MD5 3b31cd57e58b0d7b3db7c20b0764a21c
SHA1 60d3a02dda44ea2db88295df1262695a64d3d234
SHA256 bdf9b5dd0c11751e0026282acaa6b6d635e2b0e02ef04740e50771164923a516
SHA512 3edc877b38357e599c5e93a985e4b2a48cfdb1c1c150d8357680b6a89d43410cf2e6548b7c91c23e052edb3a5ad4e0b0e12df6000018187648f8cfe4dc66e10d

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\n7bgnbu\imagestore.dat

MD5 12b7d5f71a28ebb99e826b75ce33532a
SHA1 46475c764123ca28e0dc2d5f62ad7f56668a0ce2
SHA256 2d62881daf09dcedb7515a5bc1d45f89e91404a2906a975b2b2f088899b00740
SHA512 2be564936c2761b858af85a11610b929e0b36c72c8f80afc57391a5ea314d39a86ec757e1d901a92c72c874a8237a98415db8cf61dd69b91392a51988a0e4842

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NE377NW\favicon[2].ico

MD5 b2ccd167c908a44e1dd69df79382286a
SHA1 d9349f1bdcf3c1556cd77ae1f0029475596342aa
SHA256 19b079c09197fba68d021fa3ba394ec91703909ffd237efa3eb9a2bca13148ec
SHA512 a95feb4454f74d54157e69d1491836655f2fee7991f0f258587e80014f11e2898d466a6d57a574f59f6e155872218829a1a3dc1ad5f078b486e594e08f5a6f8d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 eb3d0b30c862fffedd258c3f4e57ae0c
SHA1 3bbd03bcf44242b3acca32c365da606d723aae77
SHA256 c7045de0d0b06c8b48f49c6cead5517119dfe77102d43050dc056bea19403995
SHA512 e0df96ee59e24f00b4393937449c61eea4638e75de2d336250a9b50357bfaf05f80e8ab7d788dcffab106869bc17d0b453f694826214ac1a79f375b5b68bd16d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f08c8a8e2fcc230b29ce7a7c01cca215
SHA1 35625c695410249fddac50393d1f16f4f168098f
SHA256 54d5896861e25bb95f4b96bbb8470ba1daf689861cdfa7e6cde7062878e8377b
SHA512 31874f6268fea5f8848d44e8821502bebeb5a3161314e6e90952c5ef87baebd1e783a1c7ba827eae999a01a21e745078c7945bdb1833cea1afc0ed5c52893575

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c46a244f0a84112518778f66afc7de07
SHA1 3e2d2f2df52b77d3f185ebb2e0f84bf3a3ddec56
SHA256 6dff91adcdae18526741719c6d000b218092a5b931a5943d4379c4e645f44ff7
SHA512 e9ad470eeaa43c28ffdd9428ea5c5bce1a6f5b5e3e32337f50f3fe17a5f595c4322784413534296604f7fe0cd8998227b190678fb49d5cf99f285c325b238f29

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 07dd48b40ba45841f658a0be64320286
SHA1 3a8ff33bfcd41273dd24012aa4eee201158d92cf
SHA256 264c3469823dffaaf670fe5b7457d8f84abaed8784f632b9d5716b241ea5302a
SHA512 a73ba9209284e8e81148c0548d6a87c536795faa45bd492fd7832dab902e015756d9e7ac8cc674fb9960a43a37941c3721778b6226e65c77614ebe872f4acb9c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 051455c4cec7e910e0581126df0cb8ee
SHA1 5dcc2878b195b646330c451dc17ecc6f842dfb52
SHA256 36f8f2d0365f958ec0126391839e74c7110f7b58f734bcbbfe59d991fe38c9a3
SHA512 ce2bb85f375ed4cfc121d4a55668e1e9f75f60f9b28ecbd9cc018917b500c45627a6b74b03afbe09b817869aac6d080d0dc71d95dbe952fa6cf5ff0843825a40

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a37f5ca0b7c01116a72bad60427d1867
SHA1 20ebcebf94518ae01f75d514bafd26a6700ef339
SHA256 9a3032d1a2c3fb35a9d1580262a8d9352c096cbcb18d09d597196a0dfbddde9a
SHA512 e90093f9f4b17de6cd34971b7824299d223a6feb9abfc0cb42bcc62de0a0145c57f9a47e44ecbabb9f539deeac5af4ee797e8e8e35b5d62954e085d61e180450

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 99c34d51c09503218ca5e7dcea7e2c1d
SHA1 82202f96a41660960a7d23ebe1eb3cc0bd2c027c
SHA256 9b5cbf4ca89a42d2f25eb0e2302038e504f74ec832605b95ffc18313461d596c
SHA512 a1e1c125585b4bfd92265171fd345090026a518d98f138c2f001f000a1e17a9eec94548fb24b83a2f4dba88db2ae862d90969803873ad9bb23e54c7aa39eb6de

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 0d44f59170ea2a474737486671c0d3e7
SHA1 125ac4618bb91984ab4703e8fbca2cae7db79da1
SHA256 aae1adc5b7166f4e558e650de960adce3fcc0c45ea1d02395ac1399c32d93eba
SHA512 8c945a686b5e563d6681171d8da4c7f6121ff27252771b082596e0fbe19cb43af88393b9817984701021083c0dcb8a3de371a39e866b6d8685adcb9b60ade540

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 99f22acd98b63c48f4725b44022e922e
SHA1 6adab4ada473064f56c34860aeb02430d3c3e8b6
SHA256 f6b09e4f613e101ddd86ca7e44aef3f3df0b86a7d2e50145f92a17ce40010a1c
SHA512 b6c08ddddfd3ab4fb27d01e5ece1910ae49092bde9e09e56ba3f4e20f2248b4f2af69b2b8bd0e287e5cfa00a2320630f3dd915c710c5b1f7a6149b6866f604f0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 609657d50d67871f13da8c71fa8b7e01
SHA1 438a010c5c64a776236ae6886dc5d859b5378a53
SHA256 3fc807249b9a2031d57a8c5074c2737b0a1a4286a4789e8be63ccda322b3a205
SHA512 c6379510fb82a74b8fe7fc3f657139a63c7062a04069ec1d26c59b555c6acb6c6a415fb4118c7031e44f858f9c28352f95523e12acfba2bbddd84454957666c2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f09d9855960e077e4570abf6f519beb1
SHA1 d570f42441809c634991cd54c7ba78ddb57cff0b
SHA256 34a3f714777fb7e12e910d376efbca509813599947b72fdbbaf4501e22551991
SHA512 106cfa136250f41248d1f03eccef9d3b837190b9911e3264c10ad91a378598a0ce5c93b824d207c75d59d0bb1afffac984dd98df3ef776ced6c22f20e85b6385

C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

MD5 da597791be3b6e732f0bc8b20e38ee62
SHA1 1125c45d285c360542027d7554a5c442288974de
SHA256 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07
SHA512 d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

memory/1276-1166-0x00000000002C0000-0x00000000002C1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 fd594fb3d522c7a9f8c0fb3a5681ce2d
SHA1 49754d03b252e227e501037d3aafc0833dc55b2c
SHA256 606ae4a11c4621c74b7b28c56ea91c7eed02bdfc9f97b55ac51744b7ec1b52a3
SHA512 8e28213f3d390d706bec610924ddd1158ed1980bd5369c4791d5cb78baa96ebff86f9b647ac1b02b93220117803f539870b037c93aeedcb1a6796ea6b84b3312

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

\??\pipe\crashpad_2896_OHETPIJYCZZPPMHD

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 265db1c9337422f9af69ef2b4e1c7205
SHA1 3e38976bb5cf035c75c9bc185f72a80e70f41c2e
SHA256 7ca5a3ccc077698ca62ac8157676814b3d8e93586364d0318987e37b4f8590bc
SHA512 3cc9b76d8d4b6edb4c41677be3483ac37785f3bbfea4489f3855433ebf84ea25fc48efee9b74cab268dc9cb7fb4789a81c94e75c7bf723721de28aef53d8b529

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\f926f86a-e5c9-4dce-9d1f-cf802311fd64.tmp

MD5 0d5a39bfd038b3cb9eebc03e58c7beec
SHA1 c4fa67d32db0707fba6e3ee1a71d8e49a1746de1
SHA256 c584d612aab302f1307d296a1058359c906d2c4184b20a70fb0f33d728634d07
SHA512 6a1e2a472b13c763e103180da01b8ba9c1b0737870c1b8d4414bf9a14cf90c7d18f2961bcc679eae6eb949c93ba4a11174d749d797fac222f36a82ba9f3c28c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\deec9c23-651a-48c0-93c5-d368834fac53.tmp

MD5 f78d4948e96c179f46f0e237665d044e
SHA1 707943776841b0d04a8a004dc22b6774c73c627b
SHA256 47051861802f1ee29a82419c93bec2fd48f342b451c5ad671c9ebec7be7fc4e1
SHA512 636604164ee248b777022340faa20f45f55562fc0a4045d099f216f77a42d4586a7d4857528d4b8c79ff98669c664d745ea0d8d361789d8891dc4c601297e507

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\datareporting\glean\db\data.safe.bin

MD5 19bbbe43fbb9d96267361779aed6dd5e
SHA1 2d45297696f0e5f00c723e914c19cfae67d45f7b
SHA256 ef82f263fc53adb60bdbd08fba39c2b68877a3a2c6377113cc55ebdef1640967
SHA512 5a1fc3c4671c07bc77beac6844f99062fc25c7eaded2cc08b262289e076606f1bf8e7d465d3389e65d3c57674f555db7c0dcf9c4ae3250efbabc62247169cbac

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\datareporting\glean\pending_pings\ea62c7f8-8919-4e30-a799-b0828a236c29

MD5 8e8116a7206c9eab046da60ddaf1e761
SHA1 d87882b62b09275fdebea4c7439d5fcc27a4d66f
SHA256 9e8257cea22c8fc38b253ea65f448e6717067fcf55901961a5092f2eb7597292
SHA512 dcf0787130eff5d4dcb4fa749e390adfe67fc3284aa7846ecafa16394062cd5a59d5fd245bc2ae15d9075f03787dc3b7b9703919a3cd82d2936065e33fabb5a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 d76ae35807ab1c199d7b1b42f1213d8a
SHA1 2d4538c10b3074bd3d66860752e21e9bf646be87
SHA256 5dba66533fa9cc307e5a5f7c6c431f737dad5aa5e6f21053939c707b7931e9e5
SHA512 cbc073ba23f3d94389e5a5173c69626baf25efe9352224061d65adba5356ab3ece2c44114d28513ec92837740246e11ae02c436effbcabd3c96b5bfba0c1c585

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\prefs.js

MD5 37bcae5e8df49bf20b8e8eb79f2483b2
SHA1 24f9c6388b7c44a26d4ce58eb093f3a69365f58c
SHA256 15672cc36e6f55ce75ecaa211ba3948b34b19b4964159fe381f6c10e2471b4a5
SHA512 5d6487beba6c995f5eed9bd78b3b147037c375aabbc19065fce6264fc3d6a46df4ba8dbac7b157297cafb6434936d26ca6a2366110ede58503aa8796d6bfe4e0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\prefs-1.js

MD5 2452aa90c215cab07c409cafc04825d3
SHA1 26aa70bb73e90e91dd903b8faccd0f817a11d789
SHA256 58957f81b57be62f0ff8eeb9810c7629f166cf9b5f46e3f6f765d6a871b4f8da
SHA512 c3405f000525df4e46993fd7672d319f47ee75ad07ce0bdf20a0fa378b4d97c837cbd7343ec72b0be219650c48dbb13fd8a154b3f30c7c4629a0590a83133695

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf7683df.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\sessionstore-backups\recovery.jsonlz4

MD5 6bf0046982dd76066851fa6de201077f
SHA1 9027bdda57473532165bd61e48bcb8309c5ead2e
SHA256 970741c2cc4dbfab70cccc57fba0f33668d75243eaf13c958a2e2d4b4b47283b
SHA512 359aef9dbd95e2b709d1f171b7d601082196019a40a2466ae97078a3542fa1b56e429c85b56974ec127ef2a6c2b4c2cd92ea69bec9ae707be7b70a57c3decead

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 d2ca7d6019ae381e0c5ff10f0753f266
SHA1 aebaecbee32d925b34d16673cc9bccf7ebce840c
SHA256 82ad4b4597d61e32a7c078375236b354f5c12ec9af032e38c9bc1defa31d4528
SHA512 b379210a6cf8156d030ca83468d735b1f922eea235edb6c1612eb74b0c6c00e92a678baa991141248a435d514e4ae81298750c841bb6a4e8c6e7f40516bfb943

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\olrckem2.default-release\cache2\entries\B244729BC80B4AC34542A2CF7ABB28C54E8B5AC9

MD5 1602446e11254db25dc15b7c050710bd
SHA1 96070fbdcc81f6675c4cd15f8fb1d69d3aa5fe42
SHA256 c94389bb71424a9fedea39647909ac864a4b4b85a13328bbd34062a8994b3fd9
SHA512 d60df3b59ddfc46d3026c4a60d56999861d4d6c2f7464d7d779f26b2775f73ccf80e9126a8a098571c7c9881ccd7b36a3539f33b182b1fb7b8257c44cbf925df

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\olrckem2.default-release\cache2\entries\5386253589D09F6437E215B7DD9D35AC8A9667C7

MD5 2c0afb0ec5d3076e318f95940d66e6cb
SHA1 632b0f69695155109b65485e25f2be8f73c7e3b2
SHA256 0cc642669943d743ac25b86b4a4398b02a45f38ffca388fc16afd22b8e6ff34b
SHA512 e5ca847e49398f01fa53784ce8c1888d384ace2e58cf904cfbb8451cfbead0db54f696b969e24e05537287bd7fd4b5ecb121f406c9c5f79518d74986ab5c7eb4

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\olrckem2.default-release\cache2\entries\70F9110B15BE4CA3789C4E686EFE371A84369C0A

MD5 a7a8da2889850c219fc9363ea119ec8a
SHA1 45578ae9650454fe949bda6e399ae9b059d2c5ee
SHA256 5e4c5f7db314cb16c9fa3779b9902c026fd0803a6849b74f00fc31269aaa5d9a
SHA512 fef3013129bee9da4f35a1a3f3f7178df56dfaae2aa9dd7882a4a9fcc2a46c956def318f37cf2f4d673e7ff6f483e8ee2fc72a34bd7d10d26dade39148604769

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\olrckem2.default-release\cache2\entries\DFF427F3036CB4FD84301A0F4A7459DEC961B2C3

MD5 abc76e73b73036cb850d0330590b0e79
SHA1 57ee61af909a670dcfb48d882875f2c39ab77e68
SHA256 1f2bf6424c49c04eb2fc20e61051fa91cb5c27ecf2c35df8c62b829bc4cc1087
SHA512 4ab7f8674cc44ccbd831b8bea93d400c4f33ecd41462fd92f83c3f90ac749a4834aa5c44da27e74b185fcd9da52ff0ef8dc35b7c8db4a66cbb3255fbdd96ff63

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\storage\default\https+++www.youtube.com\cache\morgue\253\{32fb3192-3885-4ce8-beb9-6392f2011dfd}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\storage\default\https+++www.youtube.com\idb\3428119661yCt7-%iCt7-%r4efs4p8o.sqlite

MD5 1ad43ceedeae8248e49389ea2f4fef07
SHA1 09f00ce2e35c696fc99359332f98f1debb7c7c24
SHA256 b452d6f0a309f415f15c80a7499d2ab20c54b697d99e74d551c610787bc60fe9
SHA512 020c5292f5adbfea364089c82ea8c3101c6ea5f4a20212278d6f7cf80fd1fc53e35684fb9c1ec822e8027186163379aa7de3e4fc7579ee546b469d43722f2047

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\sessionstore-backups\recovery.jsonlz4

MD5 502b6f6f267fbd2201a0f5d04e8058bb
SHA1 46010bc45dfb313748c07523274a35d279473220
SHA256 d9f0d225f9aefbb4933f2e8735dcd77255cd12fe8a4ae51ac722b8c4f45c4362
SHA512 8519ca3d654c36201005090e3d744246e57e32a367ed08d2f17ec1e4ac7a661285bff38f28e72d4388ed0c593d8710b959f50ae21d923451ee644d54276e5208

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\prefs-1.js

MD5 d396a82f6bd801016c4283399de8f023
SHA1 e33c51931f7145ed18694a8a6dace49c2fd92a51
SHA256 b99c8a1f12679134bc57a0ea0113b6937c847ef9241e77304ba41735d625d68f
SHA512 f6882aad3f5e7983f178dc145b548a1d7ef3223fccb28d056db39ecee22dae6d4a6a16b08e954fd2857f0bac9fae75953cb1c5420bdc2e8479b704ca410d516d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e2e2e4015349ec5abba697cf051a6d62
SHA1 385213393b6a5d4c39cc6fc4eedd197fa7fa30db
SHA256 68446165e064d0f842a09a7f482b8cec7ddb0fd123c5d4160d2281638cd608e9
SHA512 2270ef93e3a32566342d64a9cb3b3fb4e366714b11e5cc3b1bc734fbd023a2ca41f17fcab0b85e2eee65f08a7061be98083bf9ae5e14d70a45311a00ffe9ff88

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8b1e151af6d9cc723d072f382caa8091
SHA1 1e803d365752a917bbb24290b541164d01eb807c
SHA256 62d0f1f9b97584d046380c316651b6c291bba251797f7d76c8d85a6ac2d57dfc
SHA512 afdfebcc4b7f37f75f5742b978afc39acb0232408d38c2dadcdb6569ecd3bdc20ade95907fe77a2d46dba184b299d1b8104235e4827917556f5fa5da667061b5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bbdba07658a1afc03b616f9b23634e31
SHA1 612cc53c038026605178f9061af8fb5a3ba0f220
SHA256 6c2fcb615c24e4807388041354d23640f77fde6b748cdec03322e560ec505cf1
SHA512 0bf94f822812001af5263fdd938b1e994b1078cd81e9ab6183b2d8d8f2e060a9d0897adda4c21113c3b671258c81b90f9d5877cd3a8ab05d66a8384f047a3c99

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fd99bc29de6d1560d69e674db3cebe28
SHA1 b0b5bfa2d3578e466762372f8e6f59d8879fd4e5
SHA256 08454b6bb52b972f2faa5857063ac0994ce8fc9f682f506daaa05511b1f80ea3
SHA512 c821a690a2319310c9b5fbf50e0f8395304419d52482d8ab54af45bc136c8fa6afd2232197e7f59b59b8979eec3da3da3ae2148b2ed65dcb595e1587d5f3e97e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 33cb25631b0f02caed313486526a6bbf
SHA1 d9524855af25dc9d412583cb5fab2a6c090ec014
SHA256 5a951bb4903f2f158e7f0993ccb76447600a5280407793da3afbeea940455fdc
SHA512 b59b3cee5e145301fe8c769ecbd6e894bda77c96e5d390675b533783d52b181534345ce8546a250a513ffa39640dc87687686256de432da9cf05a4efa0e84d49

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2f2dd2d8267c1dd82055234b9b49c899
SHA1 965bd1ac4b8231742906ebe5b9c571e102e2be0a
SHA256 8e91dcac71ce42db8166badbe09f50c010aace8bab89a6a0955d2fa5e539e463
SHA512 bef5d617fc9aff48f2ae262cb7fac50a934c7ec0adcd977d2c5eb8ae213e3dfdf8c730ac8799ccb7239ae1fcb1a4a929109e1a3d438970ca48f28416e75cddcb

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c92866f03ff6b12c4e1ad9462f9497fa
SHA1 c6f651108b1914777f82270869ee9580c773205a
SHA256 1995b60b187eea7c4cca7755467dba219960837ae01e279effcf64d2f15f9e80
SHA512 99b0707b9a92c1b113d9f2ba74151ff3cd7da45ee33edfb94e054f801cfa1a5e646577e6e64b250cb8058e5a5e17cf2fe02525d40d5afc3fe3c3f98ed494be09

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f84707adf029f145d7bc59bd2ac1cdca
SHA1 4a9e62ffe0e2ef38efcd8d84c93fd0cb5231d15f
SHA256 07ff251481c035e134edaf5f887a935f409ae1276d55005131f446109dcdf44c
SHA512 94ce4ca50d8ca396d8b4083c4a66f87baac5b42010e23384d3ed9d43d1879f743e5cef9d5625a7b7a75b055aa436737df38618ba97749a0d4deade91fe25e954

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e72139f2762013876f0375cb972bcaa1
SHA1 cb3c503f8e868824946b1bfaa787682ea78b9d6a
SHA256 6f8f046fe8dba61041adb2ed25bb649b14076fe120c3f91d3a4b9495583fd497
SHA512 e15ed8f0cf577d8906a603cef5893b97b6faad03a0b6866a51b4de376c13e1490acdd3f8df9288092390ed4e9ef6546feac024b46cd44e97f570d6eeb86ba5e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\d450c10d-7711-42a5-a3df-804ada79c291.tmp

MD5 201cbe89ca1ddea22c1eb12a9d762f7f
SHA1 ca9b1b0114dc5bc6f5b13ae61cee4c9d36b0b53c
SHA256 9baf4080cb1d82c1d30b25deb8e1852ecb1f25246fd9de9f5946469c929b8fd4
SHA512 24a07b30c5e56a43b026052613ca2408f677c75e240f06ff0d1a3c525664a6e2a49b61b192870b255c2831dcc280fcd20984a6cd24117299a7054f27eac491da

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 56e2d476183a600f0f4557ea3e9ec44f
SHA1 9b69c325530c27500fdc1d6961810ef429efa79d
SHA256 0abd81a8b41ede8224c803d5db6ed1c1730db11725bf3b76737074bacac67b49
SHA512 4c48ad43c8e42b00084873af50c2a19049ed2f22d8f42178aa2c4f84e62368c0441a74a9f45e0c7ba5693338959868eefd709db35439f4c0a7147f862f91383b

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 4f31ee1f94906b36cfc512f7516ff63f
SHA1 28b5b04122ad5e077df00526b91ccaac18866ff1
SHA256 7a39fc2733c0bc3271fd84ee41be37e070588e3a50385e3a978a036c167c0a77
SHA512 f2ae7c93dfc2cb4432d74f793ffb3f74f1051cfdbd950526ae90575fadb2d7803736471aff082473f7189b54c476e78e279bb48ad2c678fc6d661ce1cb13fc67

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\olrckem2.default-release\prefs.js

MD5 53152b063d4f5fbe8bedfb6d0a6726f3
SHA1 3fa8b4c02a06c5d0efd16f4ad0459e57c4f210f3
SHA256 2db0e16f0a257afb5622f1d1fcbd47e537915b89a8a9f67da8f4673198b4176d
SHA512 5bff33748585ac7e0d53228c51a0b38f50027e795b565533781be038d0e13cc142eb913e11276371c1f36028b7902a7d1295951cc936c3beb15db232c23a3a33

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3dc5b49d093d6e9a496d57eafe6d310c
SHA1 84f2dd830eb02e0b23c3d5d07274f3b8e3155f1e
SHA256 0e4b035cf21f9311eaca5e1e035076b498dbd81b1753eb79463fa1fbaf71b278
SHA512 a70f19410a60ff71bd45e3becbea6c88fdee76c177fc2491d15f96bc7024e32856040be9b9de8daabd5db460d7209a3edb4222394553b544ae525d7f873775d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ee010f5d02042e5375a4dac03cdef012
SHA1 8d99f32fd225fbe05f66da02b2765b444d92e329
SHA256 ac432353053d1b893c63c46b2bd46987b54e0e0ea7449aebfeec9f2717e66b2c
SHA512 4dee685d0a4b3f832bae1270c21ac0034e088e844210c5a8b587915dd00baedb8f1b2171da562b0e2954ddcdba8aa34f11ba83db65a0191feecaf9d0b53264a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a2b09e6764a7c02e4c7de8749789ea17
SHA1 95203808f2f74f1ef9dcd1026db25ff2b4ff0ca4
SHA256 ce3e07a6142670e15f4eb4fc7ef82ab1590f12df438c6be56e9dc842a2bb50aa
SHA512 0e2a2bc271d4cfedfc1d6ff3bf48345c64201f57867b213f63b709ed6d0a6ce5ea36aa494a54c5de54acbb9a99bb43f7e5761a6d1dadb14c997830d872bf9f5e

Analysis: behavioral2

Detonation Overview

Submitted

2024-02-14 01:42

Reported

2024-02-14 01:45

Platform

win10v2004-20231215-en

Max time kernel

153s

Max time network

159s

Command Line

"C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-983843758-932321429-1636175382-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-983843758-932321429-1636175382-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-983843758-932321429-1636175382-1000\{4A438498-C040-41D4-91F9-60CDCE729A48} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-983843758-932321429-1636175382-1000\{D15F3FA0-341C-4D55-A9AF-C4284E062D66} C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4264 wrote to memory of 388 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4264 wrote to memory of 388 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 388 wrote to memory of 3208 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 388 wrote to memory of 3208 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4264 wrote to memory of 4408 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4264 wrote to memory of 4408 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4408 wrote to memory of 4944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4408 wrote to memory of 4944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4264 wrote to memory of 1848 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4264 wrote to memory of 1848 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1848 wrote to memory of 2096 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1848 wrote to memory of 2096 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4264 wrote to memory of 4812 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4264 wrote to memory of 4812 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4812 wrote to memory of 4168 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4812 wrote to memory of 4168 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4264 wrote to memory of 916 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4264 wrote to memory of 916 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4264 wrote to memory of 648 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4264 wrote to memory of 648 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 916 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 916 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 648 wrote to memory of 4740 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 648 wrote to memory of 4740 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4264 wrote to memory of 3656 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4264 wrote to memory of 3656 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3656 wrote to memory of 3096 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3656 wrote to memory of 3096 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4264 wrote to memory of 1496 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4264 wrote to memory of 1496 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4264 wrote to memory of 3380 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4264 wrote to memory of 3380 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3380 wrote to memory of 1008 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3380 wrote to memory of 1008 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1496 wrote to memory of 1720 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1496 wrote to memory of 1720 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4264 wrote to memory of 1840 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4264 wrote to memory of 1840 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1840 wrote to memory of 2432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1840 wrote to memory of 2432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4264 wrote to memory of 2744 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4264 wrote to memory of 2744 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4264 wrote to memory of 2692 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4264 wrote to memory of 2692 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2744 wrote to memory of 2824 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2744 wrote to memory of 2824 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2744 wrote to memory of 2824 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2744 wrote to memory of 2824 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2744 wrote to memory of 2824 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2744 wrote to memory of 2824 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2744 wrote to memory of 2824 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2744 wrote to memory of 2824 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2744 wrote to memory of 2824 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2744 wrote to memory of 2824 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2744 wrote to memory of 2824 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4264 wrote to memory of 4140 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4264 wrote to memory of 4140 N/A C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4140 wrote to memory of 2140 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4140 wrote to memory of 2140 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4140 wrote to memory of 2140 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4140 wrote to memory of 2140 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4140 wrote to memory of 2140 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4140 wrote to memory of 2140 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4140 wrote to memory of 2140 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe

"C:\Users\Admin\AppData\Local\Temp\9d6e803608352225b79cc75bf2f876703124a268ff193ce6ce7d30a6b2bb0da9.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff823dd46f8,0x7ff823dd4708,0x7ff823dd4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.linkedin.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff823dd46f8,0x7ff823dd4708,0x7ff823dd4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff823dd46f8,0x7ff823dd4708,0x7ff823dd4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff823dd46f8,0x7ff823dd4708,0x7ff823dd4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ff823dd46f8,0x7ff823dd4708,0x7ff823dd4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff823dd46f8,0x7ff823dd4708,0x7ff823dd4718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff823dd46f8,0x7ff823dd4708,0x7ff823dd4718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff8151d9758,0x7ff8151d9768,0x7ff8151d9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff8151d9758,0x7ff8151d9768,0x7ff8151d9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff8151d9758,0x7ff8151d9768,0x7ff8151d9778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1912,10403331388843656534,6488007628087384059,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2848 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1912,10403331388843656534,6488007628087384059,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,10403331388843656534,6488007628087384059,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,13282434157523770049,7603588836216092111,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,13282434157523770049,7603588836216092111,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,10403331388843656534,6488007628087384059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,10403331388843656534,6488007628087384059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2692.0.1361339981\364401257" -parentBuildID 20221007134813 -prefsHandle 1864 -prefMapHandle 1856 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c7ae84c1-3de8-4e29-86a9-4f1678b4648b} 2692 "\\.\pipe\gecko-crash-server-pipe.2692" 1960 2d64f9d7358 gpu

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,10403331388843656534,6488007628087384059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3908 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,10403331388843656534,6488007628087384059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4116 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2036,1721936451583984867,16416569169416534265,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1804,12316279869449520312,4690358963267866146,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1800,7557325766055019261,9626829013081790521,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1436,2127138258671422349,2539572887279400873,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1532,14926599747365916732,6839661061067379189,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,10403331388843656534,6488007628087384059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4356 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2692.1.1945862758\1142869128" -parentBuildID 20221007134813 -prefsHandle 2392 -prefMapHandle 2388 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ee68f845-2795-4ca3-aef0-fa9f1e0af473} 2692 "\\.\pipe\gecko-crash-server-pipe.2692" 2412 2d642fe4f58 socket

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,10403331388843656534,6488007628087384059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4516 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,10403331388843656534,6488007628087384059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,10403331388843656534,6488007628087384059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5296 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,10403331388843656534,6488007628087384059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,10403331388843656534,6488007628087384059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5568 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,10403331388843656534,6488007628087384059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2692.2.1123610009\463690156" -childID 1 -isForBrowser -prefsHandle 2888 -prefMapHandle 2880 -prefsLen 21603 -prefMapSize 233444 -jsInitHandle 1336 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1d508d9e-a2ff-4389-ac09-7487b16e12b7} 2692 "\\.\pipe\gecko-crash-server-pipe.2692" 1448 2d65331e158 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,10403331388843656534,6488007628087384059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5952 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2140 --field-trial-handle=1884,i,6484974221374328857,10606309611254135910,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1792 --field-trial-handle=1748,i,8175185030115007211,15668720061633233250,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=1748,i,8175185030115007211,15668720061633233250,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3044 --field-trial-handle=1884,i,6484974221374328857,10606309611254135910,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3896 --field-trial-handle=1884,i,6484974221374328857,10606309611254135910,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4828 --field-trial-handle=1884,i,6484974221374328857,10606309611254135910,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2692.4.619238583\313618340" -childID 3 -isForBrowser -prefsHandle 2956 -prefMapHandle 3548 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1336 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f5f45fbd-74af-4d80-a513-5cc4d32a75a1} 2692 "\\.\pipe\gecko-crash-server-pipe.2692" 3672 2d653f28a58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2692.5.773413600\938714766" -childID 4 -isForBrowser -prefsHandle 3860 -prefMapHandle 3864 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1336 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {004e7d1c-31b0-4fce-92c5-772b03433c1c} 2692 "\\.\pipe\gecko-crash-server-pipe.2692" 3960 2d653f29058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2692.3.906510800\908608321" -childID 2 -isForBrowser -prefsHandle 3148 -prefMapHandle 2920 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1336 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7303f9a9-15d0-42ea-9af3-09a7832e5fb2} 2692 "\\.\pipe\gecko-crash-server-pipe.2692" 3532 2d653f29c58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4820 --field-trial-handle=1884,i,6484974221374328857,10606309611254135910,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3796 --field-trial-handle=1884,i,6484974221374328857,10606309611254135910,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3036 --field-trial-handle=1884,i,6484974221374328857,10606309611254135910,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1880,i,1731964710912352338,12523807062386715353,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1884,i,6484974221374328857,10606309611254135910,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1884,i,6484974221374328857,10606309611254135910,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1632 --field-trial-handle=1880,i,1731964710912352338,12523807062386715353,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2692.6.1280046502\22664649" -childID 5 -isForBrowser -prefsHandle 4752 -prefMapHandle 4748 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1336 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a2b6cfad-58ce-4a18-9820-ddf07ac5625e} 2692 "\\.\pipe\gecko-crash-server-pipe.2692" 4764 2d642f5e858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2692.7.430476445\1872405323" -childID 6 -isForBrowser -prefsHandle 5600 -prefMapHandle 5584 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1336 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7c412480-70ce-4bd3-a262-cbcc1e2b7228} 2692 "\\.\pipe\gecko-crash-server-pipe.2692" 5500 2d6569efb58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2692.8.1939304128\1320746938" -childID 7 -isForBrowser -prefsHandle 5812 -prefMapHandle 5808 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1336 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {106b2c2d-b66c-4a96-9f41-28c2c6fc34a1} 2692 "\\.\pipe\gecko-crash-server-pipe.2692" 5816 2d6569f0d58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2692.9.109234233\1525804551" -childID 8 -isForBrowser -prefsHandle 5768 -prefMapHandle 5764 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1336 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fe4d8fab-9f21-4f0e-8850-eabebda60064} 2692 "\\.\pipe\gecko-crash-server-pipe.2692" 5300 2d6567d3358 tab

C:\Windows\System32\Conhost.exe

\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1912,10403331388843656534,6488007628087384059,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3948 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1912,10403331388843656534,6488007628087384059,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4004 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3724 --field-trial-handle=1884,i,6484974221374328857,10606309611254135910,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5344 --field-trial-handle=1884,i,6484974221374328857,10606309611254135910,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2692.10.1755394462\138722433" -childID 9 -isForBrowser -prefsHandle 4960 -prefMapHandle 4284 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1336 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8cda0dfc-afb2-4900-bebe-a38ced09bc92} 2692 "\\.\pipe\gecko-crash-server-pipe.2692" 4968 2d655155458 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5732 --field-trial-handle=1884,i,6484974221374328857,10606309611254135910,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1912,10403331388843656534,6488007628087384059,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2336 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2692.11.495417417\1989585320" -parentBuildID 20221007134813 -prefsHandle 6344 -prefMapHandle 6360 -prefsLen 27337 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9f230e90-b628-4690-a0a8-462236a353ed} 2692 "\\.\pipe\gecko-crash-server-pipe.2692" 6368 2d656649758 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2692.12.1354263805\1091987086" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 6100 -prefMapHandle 5496 -prefsLen 27337 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cb612d8c-f349-4444-bbc5-eff69cb67480} 2692 "\\.\pipe\gecko-crash-server-pipe.2692" 5560 2d656734a58 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2692.13.25694962\455120779" -childID 10 -isForBrowser -prefsHandle 6236 -prefMapHandle 4280 -prefsLen 27337 -prefMapSize 233444 -jsInitHandle 1336 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {254d4c1e-1b5c-46d5-b3e7-85db846038d6} 2692 "\\.\pipe\gecko-crash-server-pipe.2692" 6228 2d6567d3958 tab

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,10403331388843656534,6488007628087384059,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2816 --field-trial-handle=1884,i,6484974221374328857,10606309611254135910,131072 /prefetch:2

Network

Country Destination Domain Proto
US 138.91.171.81:80 tcp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.linkedin.com udp
GB 142.250.178.14:443 www.youtube.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 13.107.42.14:443 www.linkedin.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 68.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 35.221.240.157.in-addr.arpa udp
GB 142.250.178.14:443 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 79.121.231.20.in-addr.arpa udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 23.147.70.163.in-addr.arpa udp
GB 157.240.221.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.178.14:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 172.217.169.74:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.178.14:443 www.youtube.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 34.160.144.191:443 prod.content-signature-chains.prod.webservices.mozgcp.net tcp
US 52.10.159.154:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 static.licdn.com udp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 142.250.178.14:443 youtube-ui.l.google.com udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 8.8.8.8:53 74.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 35.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 154.159.10.52.in-addr.arpa udp
US 8.8.8.8:53 104.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
N/A 224.0.0.251:5353 udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.213.22:443 i.ytimg.com tcp
US 8.8.8.8:53 22.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 216.58.213.22:443 i.ytimg.com tcp
GB 142.250.178.14:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
GB 216.58.213.22:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.213.22:443 i.ytimg.com udp
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
GB 157.240.221.35:443 www.facebook.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 216.58.213.22:443 i.ytimg.com udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 140.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 ponf.linkedin.com udp
US 144.2.9.1:443 ponf.linkedin.com tcp
US 8.8.8.8:53 1.9.2.144.in-addr.arpa udp
N/A 127.0.0.1:63954 tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 platform.linkedin.com udp
GB 88.221.134.90:443 platform.linkedin.com tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 90.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 stun.l.google.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 142.250.144.127:19302 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 127.144.250.142.in-addr.arpa udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 142.250.179.238:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 142.250.179.238:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1---sn-4g5e6nzl.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 209.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 102.11.125.74.in-addr.arpa udp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
GB 172.217.169.74:443 content-autofill.googleapis.com udp
N/A 127.0.0.1:58535 tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 rr1---sn-t0a7lnee.googlevideo.com udp
CA 74.125.172.38:443 rr1---sn-t0a7lnee.googlevideo.com tcp
CA 74.125.172.38:443 rr1---sn-t0a7lnee.googlevideo.com tcp
CA 74.125.172.38:443 rr1---sn-t0a7lnee.googlevideo.com tcp
CA 74.125.172.38:443 rr1---sn-t0a7lnee.googlevideo.com tcp
CA 74.125.172.38:443 rr1---sn-t0a7lnee.googlevideo.com tcp
CA 74.125.172.38:443 rr1---sn-t0a7lnee.googlevideo.com tcp
US 8.8.8.8:53 38.172.125.74.in-addr.arpa udp
US 8.8.8.8:53 rr4---sn-5hne6nzy.googlevideo.com udp
NL 172.217.132.169:443 rr4---sn-5hne6nzy.googlevideo.com tcp
NL 172.217.132.169:443 rr4---sn-5hne6nzy.googlevideo.com tcp
NL 172.217.132.169:443 rr4---sn-5hne6nzy.googlevideo.com tcp
NL 172.217.132.169:443 rr4---sn-5hne6nzy.googlevideo.com tcp
NL 172.217.132.169:443 rr4---sn-5hne6nzy.googlevideo.com tcp
NL 172.217.132.169:443 rr4---sn-5hne6nzy.googlevideo.com tcp
US 8.8.8.8:53 169.132.217.172.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.200.42:443 jnn-pa.googleapis.com tcp
GB 142.250.200.42:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.200.42:443 jnn-pa.googleapis.com udp
GB 142.250.200.42:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
DE 172.217.16.131:443 beacons.gcp.gvt2.com tcp
DE 172.217.16.131:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 131.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp
GB 142.250.187.238:443 youtube.com tcp
DE 172.217.16.131:443 beacons.gcp.gvt2.com udp
GB 142.250.187.238:443 youtube.com tcp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.42:443 jnn-pa.googleapis.com udp
GB 142.250.200.42:443 jnn-pa.googleapis.com tcp
GB 142.250.200.42:443 jnn-pa.googleapis.com udp
GB 142.250.178.14:443 youtube-ui.l.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 163.70.151.35:443 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
GB 142.250.178.14:443 youtube-ui.l.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 google.com udp
GB 216.58.201.110:443 google.com tcp
US 8.8.8.8:53 e2c48.gcp.gvt2.com udp
US 35.206.35.210:443 e2c48.gcp.gvt2.com tcp
US 8.8.8.8:53 210.35.206.35.in-addr.arpa udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.178.14:443 youtube-ui.l.google.com udp
DE 172.217.16.131:443 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 e2c35.gcp.gvt2.com udp
IN 35.207.247.6:443 e2c35.gcp.gvt2.com tcp
US 8.8.8.8:53 6.247.207.35.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com udp
US 8.8.8.8:53 beacons.gvt2.com udp
DE 216.58.206.35:443 beacons.gvt2.com tcp
US 8.8.8.8:53 35.206.58.216.in-addr.arpa udp
US 8.8.8.8:53 beacons3.gvt2.com udp
US 8.8.8.8:53 clients2.google.com udp
GB 172.217.169.3:443 beacons3.gvt2.com tcp
GB 172.217.169.3:443 beacons3.gvt2.com udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 576c26ee6b9afa995256adb0bf1921c9
SHA1 5409d75623f25059fe79a8e86139c854c834c6a0
SHA256 188d83fc73f8001fc0eac076d6859074000c57e1e33a65c83c73b4dab185f81e
SHA512 b9dbadb0f522eedb2bf28385f3ff41476caeedc048bc02988356b336e5cf526394a04b3bca5b3397af5dde4482e2851c18eca8aeaaf417a7536e7ea7718f9043

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 011193d03a2492ca44f9a78bdfb8caa5
SHA1 71c9ead344657b55b635898851385b5de45c7604
SHA256 d21f642fdbc0f194081ffdd6a3d51b2781daef229ae6ba54c336156825b247a0
SHA512 239c7d603721c694b7902996ba576c9d56acddca4e2e7bbe500039d26d0c6edafbbdc2d9f326f01d71e162872d6ff3247366481828e0659703507878ed3dd210

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 88979a1699fde16b4c698f9cd10ee87e
SHA1 8a61fb3cde8d379bb8a461a7be8dc2e93b5ad2f4
SHA256 d147732816cd1a5a493235680728ef3dd4fb9be1713d565f63d72c0cdbf1a898
SHA512 fe0de028e0285c3dd5c4e37be64c6a5985ead36423345de1eeb6d3f5d961a3a811e14878e9d3c42de87744be3b5ed32d07a78e78ce5b0eca4edcb6d84333e3bd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

\??\pipe\LOCAL\crashpad_388_PIDKEIGZAMPORCGQ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 8388f139c0d190499e63cb0ed2ab91f1
SHA1 8701cb141fa32c9d1a50553be57dbbf9155eaf0d
SHA256 f10a346fdb016b26d07392f1f8054319eaf11a1bc1488d3ba89f49e4bb8217ee
SHA512 35df480195f42c2f54ed98a982053d2fcb8894f5231d31a63cfef41f7ef6d6a75ba900ede562058a112a57f2304bfe3003a09c78c1cb51372465fa9c8324afb5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 7aa86cc355b07c0614cec2ce504d1917
SHA1 d7bf8c27363dd5470608ab2f86eaa70f52359bda
SHA256 68115cd17fffaf0eaa468617005ef72f52b4eb62f1036d37f92ba7622fc91450
SHA512 13f40273c7c2c0753084be0626a97493d5ea21631646da91a7c94a58fcf86188983efa939a83401f0bb17d6fabb95e9e334a37e7b420f741fa35d764224cd8b3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\4fab7c00-daa5-48d9-b83c-c070a9791649.tmp

MD5 92a9cc71301a7d720339275524c0d256
SHA1 c98703c0a38bf0e7a10466e86dc8977d495de851
SHA256 9e0657c1f9ad18b384136220dc026c0032c6019a65d0e0b58ab68ffa2c6e0c0b
SHA512 afacbcb95f8ec9bdb63b59168923a3d4738e543025ca01b868dc773670d2dfa85028a6bb6496f0054f1f4d6d90a2fd7da954f253626940ef43105d78a2835885

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 80804d9d790c1a59e2fb2f7ed821def4
SHA1 becd970ef284a44c95e353786081ed45d133b98a
SHA256 f9fed47071e90bacb8273ed4967500cb221aa9edc5bb175322360a885b655326
SHA512 38ad93af4f7a1a00df0a26703ad61dfd74cc566a2101e77542581a8d6284760fff97ab8dbfe9885099ced2e7689f80822fcf4c8c1be0c7cd61a3b81b7854bfe8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 64ae224c35dbbac9777eb8e9b8fe4385
SHA1 0ceb8d5812f8824fa20dc5cf84126e9d16bb833c
SHA256 001a4bb68a1525fd51de0fe685d1bff8d0eafb89084e3b68abbee03dca7e8a4d
SHA512 d4319c320a6b3f2d369ea3c3e52cbb8e0461755b84a34ffc5c4e7aebc62493c0433f97f505a617bb113e8ec96f3ae826a50bdcdd2d1c84f2ef0a93ccb821fecf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\7ffc6a65-e098-47f9-9d4b-5be6dfc61289.tmp

MD5 bffd53ac9f20eb35da1bd0741145690e
SHA1 68bf32aa5e354123869d436ba90a944211c1fcf4
SHA256 c9d1b5d620916183fd968a916ddf6898503ae5c5bf012540068708c792ea10d7
SHA512 8bbb5d241332ae3549845c339ba9a16e819026b664041bcf74f101b0026a5ad7d04a633e5c2e30871e46d190bf8aaa44e8bd17d36aa7539fafeebd7ce732c5c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d1721e3183869290f33c58c210720735
SHA1 efa9b90aade8df302d030ffb34780767a347838d
SHA256 bd215e2febcf31c9415af2e7038258d0bad6d39755f041142fe419dbf14cd571
SHA512 a55a12b52e9117c98fcb0b350289fa8c83d09e2aa0bbe91e3c8908d1cb05e8013d3b42029ed008c3e054537b1cf9c29cfcd49d9f61dd2a47eca668cb01af301a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 265db1c9337422f9af69ef2b4e1c7205
SHA1 3e38976bb5cf035c75c9bc185f72a80e70f41c2e
SHA256 7ca5a3ccc077698ca62ac8157676814b3d8e93586364d0318987e37b4f8590bc
SHA512 3cc9b76d8d4b6edb4c41677be3483ac37785f3bbfea4489f3855433ebf84ea25fc48efee9b74cab268dc9cb7fb4789a81c94e75c7bf723721de28aef53d8b529

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c4af425d264bf976e19af54bb9587728
SHA1 44ff2d8adf8310bff0d203b413e61543bda39e51
SHA256 db839bf1d4e514175d35a5693df3313bf065992735b0ce28b0c5148b7320c0a0
SHA512 b6c463e86dd3120e2201156bd8269b29e124b1a4ac06baf61e79f23429c9b3659b6a6b27f93456e340ebcc50fc9bc697d15ffe9272109a6913eafb502464d720

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4b4206d7b4dca3d35dd1f69e94cce1c8
SHA1 19b84a25604f6e62355a4508f815b73e1b62ab3e
SHA256 e6ceb8cda8214a47210faff30e91c0724b57b58548e572be7f281cb7b27fe216
SHA512 5b3c1291586aee7c6e446542910ed73211f89618b06acaa2761b3b5280a64f909920e7fc8b04ac8da1a2f6d807060e6b498785eb6a4e3f81bcef3d5d86f9f054

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\datareporting\glean\pending_pings\65aa6b74-690f-47ab-bbf6-614011c6ca74

MD5 afd111eb77220f8c2d831fb9ec40fb1c
SHA1 18fb506f1492bec625f3bccbea311875c1fbb99b
SHA256 d6103b3de05ba99b48b13c20f3c78c0dba26bb044925a07842cf9fb3ccc38fcb
SHA512 157604bd61a279a47b7bd7e607e831bcc0539a54e734cb9b16426e4e1992d86fbc4208df9f85f1f0d7722e85ff04acf62d635f2db300e84da3ba726b9afacfbc

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\datareporting\glean\db\data.safe.bin

MD5 eb6392798ada5f49b8c8759a9f20747c
SHA1 52e4bd1ff59c840d40314d347f08ba38e3980637
SHA256 1934343c71daa654c9c0fd7bff008fcb76ed630be8bb9522767ada44bb6779cf
SHA512 9b37614c5a6d74de5ead13528348106b7b4c559dca21a0652098aa6d66aeabe0ce1fa1977892096edb8e4e1a04c7fb0890c94d47eacf8556ea783c0d7be34b06

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\prefs.js

MD5 d6ee9e1c4e4fef80b89975d55751fe1b
SHA1 bc130aa0ca3c88a09d6fcbf53d6854d5c4cdcffa
SHA256 cd2645d745aca2d91e292d4ba28427dd279acabea7f91a7cac8fcd0404c91c02
SHA512 cc1e991feb03f0b8f2646c966be422b49f6b1e681df594c80a77995ae618584bb3137eb662ec917d5ffea7c3de07a782f8f375c87febfac93e25a082ed3eb398

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 1bd251010f40d2f9a5248de5ec953dab
SHA1 2dff8cfcfdf1f8e14436d997340b1616740f0550
SHA256 7f51459d68c89983c9b5327a3cb9e45fc003f403f9696eb8d0e0eba62114f3af
SHA512 9cabef3298a8c9226534025a2be52fa935e69d5320deb0b1a9f8ed509b19ecbe2272f32e0ec539fc50f8bf7f6d40ae5daf6c37a2cf38ce6bdf46cf5bfb94c28d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\prefs.js

MD5 06d14fde6369f12ac5295d378d12168a
SHA1 73dcb2266c200c173723c1036d9d11c89c108469
SHA256 1825e941292e2a1d162d9f200b30b30e9159bceed34eea4433f7678c0a345d8a
SHA512 52d724e37ea96e145e5d4f48edaa6624d6b8a80eb489b2672b3bca3a235b7a1b979d2d6880b7b35ff59917576b2af4e1f87369f4cf315cb4e3cf9356c710d951

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\sessionstore-backups\recovery.jsonlz4

MD5 c3942953805b743fa2e6b859adfe5fd2
SHA1 085ed252b6f1c214272a3a17e433cdc14382d1ed
SHA256 dca9a5a29da586e0cf465ba66eae8d3ee7ff30155aebbe7ce0a9b10f47bf67da
SHA512 ec12d24419f9e6987f75f6073dde30879239005802fd0481d3c541abf7d7067a0c6c2b0f9c50e46a2d66e466dc6f50e8129b3841734fcfc3d66e1b4c815e2f9e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\prefs-1.js

MD5 2915d120e51e44c3aaa9019621d94026
SHA1 7a5916e09dfe3d66bda0ab1a739bc187fbe08081
SHA256 55b240696a1a7e59f0427a2ac519615ed55ef297ea8678e41dc8833b735c96de
SHA512 bcb5b5acaaa4312f5ad008af427641da8fb07a6dd26b21634de3206af2e7fdcebc0a73704936c3c330766c807896126a9d67139d904c6c48562faec01b2f7987

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 392621679e0f0c654a199caa68c9138d
SHA1 483c2c52cf1eb75f77aa68ecd9ffeb7433cf2ceb
SHA256 5ed12b090f93a3a4676ff796a8271c4144f23b808a565eff4d9f8528a205dc39
SHA512 f9df9c0cc457d27f2918e67502233b61b8bb7695e7c0f5ea759abd89925a654778bffc94550d9ea917f708daad8e2ee368a3e03d61b4344c46c1d76b16a096a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\57af9f9f-0cef-4334-a01b-66a561f3e96f.tmp

MD5 dcba24a4644b9e30cab834b479f46d14
SHA1 3d7cb1f12570267ca6935de5056f67350614ca98
SHA256 9659ef2844e9a413d65c512e9c46e54f9fcfc2b695b512396af95076a0bf8786
SHA512 0cb6a736f3275dd399364d158dcfb770d7fb3f6bc3e8a0cc547fcc598e38c72d94852eac16008617840390484ad1cf1140f3d5dfe23785bd836f8ce2696bc786

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 564f4e31447f8d950a57b20285a7da8e
SHA1 488eedbb61ff56ee7412e2cab5243d4ba148efc0
SHA256 838ecb39912dcda957d8cb2c4f93768a164a898948a3b439b44876874330279c
SHA512 fd00d3703c80ddcebdde87b3c9090f01df5c44c6d608e383cb7cf4f6ea391448c2deb47ef83460193284862e0786b6dfae726065d156bb2697cd03a58af01dff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

MD5 7a204d478c8dfe822bf86f9103bbd9b3
SHA1 7114b36ea1588d9372d730b2ee5dec7a3aee36d1
SHA256 d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb
SHA512 f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 da29cb493c53312e79489d310b981a52
SHA1 d698887e9670ffca8739c82acdfde4eb78b43a0b
SHA256 c4ef5c1949ab47d0c4a3626c6f5f15898d00f41e5a387980646441f1157e2ada
SHA512 47f6c02eb3ec065843fbd124d601073dc9a287bef8b4bfb6f9f4cc85ac96ab86e9bfa666f3778a01adf2abfe8b8fb20aaf568b904c990d2d40279f9b7e79597c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 253c157634fee533e34b860e2be1e5e1
SHA1 a52a1ef67670e3168287fb60c52283ec10b82bfd
SHA256 0868b902aca912b1aadb501a9f940976c776759502fb148e467b1566acc85fb7
SHA512 59e0bfc3f89c1bb950a01a7dc8db710bf468ff434602f5dcb45924c488a49c770a54a3587fb528084f08a6bce5d8ba260459efeca4286913d27fe585690d8cba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 f5b764fa779a5880b1fbe26496fe2448
SHA1 aa46339e9208e7218fb66b15e62324eb1c0722e8
SHA256 97de05bd79a3fd624c0d06f4cb63c244b20a035308ab249a5ef3e503a9338f3d
SHA512 5bfc27e6164bcd0e42cd9aec04ba6bf3a82113ba4ad85aa5d34a550266e20ea6a6e55550ae669af4c2091319e505e1309d27b7c50269c157da0f004d246fe745

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 6e98cfe080ba46cf74e13c388c3aeb5b
SHA1 9d6bb29e189a77dc9367a0350534f3f6507ca06e
SHA256 2c3a4c14bc75cbf00d205d1ccd3b24bafc662379fcdf556735fcc5a16b6f5f6d
SHA512 e1bb73a86160b5d41a03b3278a450e8729724fd5c063a301487c936efd45d644608aa67373d786468e388180329834794b4c05329fc3f7b9041f08f0eabe921c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

MD5 5e4d33a5703753386e62965dd67a4784
SHA1 1fa8446a2f615a207eed64a3df1a90485d926a3e
SHA256 2dc856305dcc7acc6a3c4ba5745248735dffb3e06066774aea9a035da6847e33
SHA512 ae89bfafc7eacc9bbf6e8c33a7e246a8fa87e515fee2ec83c40ef7edcf7209e2f7d1e471e985e88c6ffd093428ac6a51ab8b7cbf33f55e8408b2357513aa1487

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

MD5 12531b746b3180fbf0dd8d6f9f2e01cd
SHA1 ff6ae11a6ffdd22e3135f81e7030c999ac3ade63
SHA256 3c3edf5a3795003729b390f6641c06d03f96b0bcd4374de7b9dc9483424a5dbd
SHA512 e66a78b2f590a3e5fd9e1cc4f1b48a05ae3b274b03dde5303cb6e706761220852bb38550aef978cca387348f7eeebc0d8c12fbd559fb19c24bb4bd502e871133

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4626ce459ea6e66e7cb0aa1a96b0a396
SHA1 5ad78e88a0b81bd16dfa30c52fb4a3b158f1d405
SHA256 0c44c82195c49b01815dd62194105efe4eba0a1a2606742c5f5ab372934584c1
SHA512 434ddf746b1f78c2cc68f335ff35f2c599cca55f899aa9a343a8a6c55bb45225a564c35c7cc26e3d8fce165e5889748ca974b6a3a4c4e67435bdda0579685841

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 5785e1f5903e9e13f36007a96d8386be
SHA1 0f251706691964b6b792c13234b90b3ad543735c
SHA256 009329b87858d9054bc3ec5606a271d0bb75711a7e080a1c0c9c8a6dc603d64c
SHA512 a9395b6122fdb12a111f46ac9cbcc62d8d8163d9abdfeab60278bc4d9dbc168e7b20d211d3761f2849bbe228ee53fa444224b6d94e076aebdf512ea7fdac957c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

MD5 48a1f77ccf0f523f5c2864f20fc9c4e6
SHA1 a97d896b97804750932a9e8444f7a65cfbb295a2
SHA256 0097fe392f2479647d8c9f3840c7ac49f8296b1908bf0e99722a86f223037ed8
SHA512 e89189bc54043bb14f6535b55ba9aec1f27cc36defeaa5274e5f22acc50854bd9b34073a41649a4cbd66abf456bca5b1a695354bc4de3569c9bba9a494e05098

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 668b29469ac51f4c657796ca066dac8b
SHA1 235b293589d74d8c983370e4594e052de87bb557
SHA256 680aaffe5d0486dbe0a54439c3154dc1d07676fd260e309cef7992f60a414417
SHA512 87ace8edbe6441850fd38fa4c737926c699fee857b3cd29368fc6e1942d27e55f61b8e4d6c0edf5a52424e0276181caf93a9949529cbc7d08264b2152adb5556

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

MD5 5f5efdd040f2922daca602ce7b40d81b
SHA1 046975b03c432c1c82ad08e11ba0f62bb02c30b3
SHA256 cc31388d7013dc8778c15d6acf297704502252661efecd4e55bea7dbc2be1a16
SHA512 fd371cc68a32eeed0696a41dc3c451a3d58054199c14a627547b8707b5d1b572024dd52d843a4cf8ff01776caf9010ad3db60e78ce74c2bf4e8564e6bd605c8b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 63920b301a0969e4feb6ac870f99fa29
SHA1 738393a169fb989bc0cdd099172fb0a0b21b84b6
SHA256 314d4f341916761723de6ee5d83f2c8fc85fc00a484b0366e907f77367fa88f2
SHA512 ffd6daa1139424d20dce7bf3eff347361663ad63b91b7a547d7d0f1c8504d62ca2569543eab107ff177227d8dafc1b77d6f7fd6dab8e73d01ac6dd6c46764cb7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

MD5 4441dcffff82f71f58e356982a17dd0f
SHA1 e4ebbba7b2f75194e272c50cd030ea8e60f8543f
SHA256 88d15b09c358aff9cb98722b2ddf51c54904358b5d6803e24bf2d42919f59b36
SHA512 91979179f1974686a6fb5cfc6b798dacb0a3bc315163c9b95fa43870610ad8db5bb252ac2d2ae53c4a7a877ffa4848f98a054be896de044d2aa7e721dee8b4bd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d345014258ac38d678076c107ceb45da
SHA1 1ea839837b956b78e84fd405591946d334165f39
SHA256 c429d7555126eb010c338f922fae1f6291d9ff050fd78e254b172a169f5a9a4d
SHA512 8993324e934b3bfe9003f9e14d1f1f12626a8d033ba17b254fcfed06143dbcb67e90c9da8f4f56114e0772a6d38c7d206fac442d7671d87910b902d4cb6b9ed0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

MD5 d1a0d8504b6a46215e2a4cf521ddb7b5
SHA1 3d6e16808a1e17ccdaca99f37ed30468391c62e0
SHA256 cb357178d5e09917800b0669d958b5517c4f8b322c01f2adeca3ea7fa4e707c1
SHA512 2ee68d71b04a78e1bc353f66daaeac1ab9f2e1119d7b6974571f8ef1a7a20fc1ea3903f3d90f3feffe7d820339abed4a26cabb230ddba3baa415309daad2d570

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 78ce367b18fb959090ba95dc12aa5495
SHA1 5584b000bcf77916370ecff2f44c8acfe6c03f32
SHA256 6f62c6740f7cd0f95cc5d827c3dce9460a322d77eb526fdfcdd86596921f5836
SHA512 e1f716cf51b862c0e728d7f85fc9e516f33d274e7eab0dd619fcce973e5dc47128dc227d400c3134728582c11d5055bb2377ed829bd5fc67eb2113045451b06d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e62d04d70b1adfa78b2944613b1c6429
SHA1 9b3d96bcb7f6fb1427d9dfa03b0e2c271f29c8f7
SHA256 5f1e9b5980a2334c073b7e9a78ec3a8ea085516c4bcedf72fd5b9e9d804adb8b
SHA512 8301baeb079e534aeb84c6c41385e774390c5abfc181b93285a298e928553840ca678a2dbd0f3e6be6e5c28fdf1e43ed77dfcd33ea3dd221415b0e286df437d3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bf8f08ed3f375a790d7138e903f892af
SHA1 ca7110822c7dbc00e970e9e8f7cbe4d78f3b225f
SHA256 21549332ba6756050dd6fe5904840bd6700b622726c4d700b162409f6365aaae
SHA512 e48209fa6ebcbc2fee83d6a922731fac3fae7465b6bb0923a556c1dfad10bb29ce2b9ef06f8c8d11ce92c33e5f1af9c044f5a40daa83cce1f5cfa0d7800bfa00

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57faea.TMP

MD5 fd3f44fc7f6f5b8314383d9a3cc5f20e
SHA1 118b6b024545e2e7ec83457e79ad157593c54c22
SHA256 8cc65aa17f5e657d5cffb61e03f5e15d0df69348f5878040928306f5837654da
SHA512 80bb5a7788f5511347157c7f90027737f786649ff30c055071b0fc1da3dd53e3bd385171fb4f7ca44ba8ee8968addff5af0eb07104783de6cc7106d02f4d3d61

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\sessionstore-backups\recovery.jsonlz4

MD5 044b56693dd2a254af436d11de960de5
SHA1 adb948326e42ac14b7217d015a6f53f2c40cf47c
SHA256 bfa0147e5f0c20096fbe627673a4b87ba7ecf93768584820095c270b41b02881
SHA512 bf4ecce4ce7e73ffc6e153157a5b37a75596db899692749c2e29de828281ec1b4c113a93e6f0150638497582ccbd7a527f9b739eb929c7d40b3cc0ac87996fed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

MD5 86a123e9d116a2d9eeaaec4b74c7b14e
SHA1 8551fe9835c92f9edbfdbf208f7669cba07275a1
SHA256 49b6b42771a5503dfd7e1f740b0743cce2a762b50fe7601d64b54dcef727d81b
SHA512 67a68b8155852e57263a895bba3d5019182289fc0d251bbe4f21bcd5ab3595725c7e9f0edf647c094d53280691551c43a4a4f903cff24861597623cd3b807e31

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

MD5 e0dc14bbc0aebf02ca61aeb9a00ed186
SHA1 34dfea0890a6d20c35c2600f452a76b842e0effc
SHA256 7fb8f9ae7a90e65ffebacb516543f48c8c1fb9b62c6587bbeb349f038ce99e81
SHA512 81ddc85bc750ff41d3e6fd8db7d61af355debcaaef8c1513c5db0ad043abea6564fb5787c4d65a2adb1a276ae2846d5f3a5c07502db4d174b94d5189183f5044

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 142b8de30a1590f832c1bdbd427ee4c8
SHA1 4d34b991d3794ee25f7ffd240ebd05b27dea96d7
SHA256 5c037cd504304ba267a4be2c340ca85868acc8c3800bfc3b90f5ac5407c7137b
SHA512 867439c2326d86c7f9b7d8f918b5af568153effd98c3506b607c30ddf3a8018f9eda3f9ec60af59b88fae40cffba36c5612256095a481a10382e0b432bc8d491

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

MD5 c0bb1898deb6810d4caf0b61943b147a
SHA1 1caaf9e1b922b8f9af31e3c18a65c94405fead01
SHA256 87e61b45e3596b8e3b8327aac3f7bbb32b11a5a831ba5e5dc901b6bfce9e9fc5
SHA512 345f5257ea58edb45a08d5d0ca5b519376961f824c810c4ae0aacca34e87516300a9b7bb31f8ea0c837acc0af4c53547f51de9c5e5f3ff2f218837c77f2ea25e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

MD5 32552d138aef803d3f201e9a628e6d10
SHA1 23514b3fb1e165dcfc5e6e856ee309be204883c6
SHA256 76fe43b1163c0e2689f2d0f754b717de4f48ac5b25ae6ac8f1035797504ebcd8
SHA512 7df8c52cecc50363e2b62e4a966d19ea81ad841cc07bbddf40db0387f6b2dd1fb35e84dc813d1ae8312f6946736768e560f956ad81e39e4fcc5e56da97d54e8b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

MD5 d0de503da7598d3b6096486b9b7127ce
SHA1 92278ba8bafeecbeed1a819bec0897d747e22f3d
SHA256 120dee267455f0dea0d431c6b11baeb221149c37e9079f763b67748011a49667
SHA512 72b540ed868eeafaf62339948a88b7b92529c981ceb7fa8bba59958a2f704d45c59fb5301e14e591702a7915f178163ea56b167764c249333726d625c7088bc9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

MD5 87eb4106e11e9abfda6824a212de637c
SHA1 10dcf6e8015607a2397122951cce165a3486fdab
SHA256 c69786ae14df6f96ff9aef338d30302d9afff842f8f8064e67e1650078144bef
SHA512 85bef92e0354d5bcaa2bf7478bc70d31c1fe891b4bcef3f931ea798d21ad71265ade3ca3f9c6f39b4c5086b74239407956363adb37547957b534dd6a04d8480e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

MD5 7966a84a9fc9f716a92c0a9efa5e9af2
SHA1 26fe35cbc294063ca0a5eef54e59a48c3f7f98fb
SHA256 f7337f61808d0324897ef52b01c47426be31802200d504b21f63bb9faf867a41
SHA512 53bfdae63c7160f4a7693ba39065f9afd12e4409b9452bc7c9a2dd7c6b92d6ee43df1680f88b51ee0cf1ac66f646414a5817737b556cb1595bb2ef2f23e913d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

MD5 4703a03ead0adf1bddc356f504d3f43c
SHA1 ae012783bbee9c0c319991315ec2a500d12c8901
SHA256 045c420833499069f3bb17e1e949d3be6b69887112cdc27d568a1e4577707fe4
SHA512 48bcc644117ffe59900406d8b8c6cbaf3d5a082e08834c3825fe512ca09abfc9ce98e06aa1bd37013c765d679fc71cf313d51fa914a1d7a91d4c423fd1fbc314

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

MD5 81a629561461893973022a5bbd48472f
SHA1 6332f6c9170452f820d6a19e5e9782aab83fdec9
SHA256 eba6d555c6906716aeb0b7f8daf0357e68f813666f65468c016c82e02422b2d7
SHA512 78bd9543ab1bbabed4df81c09cfd6a13a912cbd23e0669d66ad3ada2da74289b6fe1c1c808e91c0e83a011176c2c373c7d97b851afa13bf21b953103f6e4388f

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\prefs-1.js

MD5 494e5647ea70d2e70ecb0d34d0eb38a8
SHA1 1e45cd4b7cd32852f84d2e524550af94ca8b3739
SHA256 a0c17b1581adfa70433b8abe1146dbf83e77d3544b3d7d67d406193bfabc6d4f
SHA512 130c9d743f97da9168cfd144ece89eaaddb21bfa1602af41c4fd7aba28370b0ecd424329c9522c329018022015744713a3bbba9a3eceec0cc02106ef333330e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026

MD5 94fed37e1438c3ae21818fc7a9f1bee3
SHA1 0b5e1efd4d2de54c7cf36ee99ada097ef64a8d82
SHA256 4937e46a8ab1ab6306f8d453795304594fa87acee7303e2517fb7ea6bfdc525c
SHA512 c8773c4a2fb69e406d0157e9d5647af550319bb103ca0a94ff2610f55d69983bacc4923f8040ef2ff210d2d6895b829c124e26bc8c2fba14c4d55f4b0d710c99

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

MD5 fdb40a11700643e8acf25b599cb85586
SHA1 d993f153d2d335540ce890e75e559045f1a6a40a
SHA256 d8322d468024c17c622954a39092d99a1a3c93cc83d5eb5fd1a595929874c286
SHA512 e45b4c73024d5bbe2494a5aae5cfde5d1b50cc6ef9ad9b26f0470e4470a53a0f1f272e8c5c77721f4e37aa17906910319165903d86c23473a09d3f48ca11fb21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

MD5 7ebc1ac326009bad5ac7a9b1bf15f12f
SHA1 2119178fd3d6647d72a3cffc850337f44087d6b1
SHA256 5152f7cf2d1df2a0f20acfacdc1b83bab1cc9182a050611b71e6dba55f02654c
SHA512 165d44a568a0b5ae6b90253876f1101200398795e5de976813ad78516ced965c819cd683fa5f7d70f1213a9ab57398ec5411d619650813c1fa4090fe6796032c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

MD5 40565ae77bdd56c5065c3040f299cbd3
SHA1 326505677956a0caa2d8c422b300e510a0c44099
SHA256 a366a1cec37da47e00204083349df8c8ab365b666391bad9298ffeb692539ad7
SHA512 630930aff08acd9b76e3267597fbcd35cc74f4faf0180d8b164896b8ea0fa487f92cd054f0ba3382dfcfafd8a29d7b202ba4c291c6be3f2900cc4f64963d62c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 73923a5b795df1f29ebbf18d6bafc58f
SHA1 aa11026a32a9f9e54c14fa93819381f3678e5851
SHA256 8fc1deee62ab6002b8f73aa4791413dce4b37d23c672b0e57c36b74167d70356
SHA512 41af733149423d2f2376db616a3f1e2328bd99072bdb2b822dab7465cf89bf4219ca0dfdaa18fbf3478cf69252f61171b4184c071306c86c44e7d3025d47fff8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

MD5 b2dcd7c2b08e0023901f11dc0e6cf2d8
SHA1 734dd44b21ee39b4bfb0a7a91b8be252e1e5a64a
SHA256 5a14af69c8d4fb7dffe412e2c04e5740a6af5fdbeb723e5ab53637f17cd0036e
SHA512 3404a227bdc9fa772d6c6b241716b46597c57ebaa28f36b30719cdb0a31f702e2cf37f31df3448dec9f37a7a3d5e42a1cce75c629bcebb13395bcb8a55a6e3a0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d620ed5d9730c898291337b8488dcfc5
SHA1 11c5d793f999b0d2bd1c1cf5a8d438f09e3ca017
SHA256 ef8267a57fe8bcf1fc552ed6ab487e719700cd9c7ec62f7bcaa48ca36588ebfd
SHA512 b5e0288a60b60f62bc2fdda1050d351827601fc1d504270033cc2de9dea5ea4f94b1242967c076918fad2882c55a530d2eb9a483a801af2081b4c0346aa31775

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000001.dbtmp

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 9261e2a6e8c967312cb5954112fde952
SHA1 5f0a08ac60d1a883a5117c67492b4ded324d387e
SHA256 11d92e2164d43c882e20c213eb510376270dd2b828b7d064110c6097b607ea7f
SHA512 f966d2e1cc80673daa8194ee18206a61b01325d7e0b32605360e40159604ae30e9222967eaf5beb698bfb585be7ab4e91e2de27c35eb94c7d9da930270f34932

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old~RFe582a86.TMP

MD5 d6586fd552fdd9a96824def88d450d76
SHA1 3a3eb765c017ae2718480f08ccff3124fd83218c
SHA256 9262bb2162159dd84b484f9b77c0a8909360ad25e24231e909af5f647e9d4e44
SHA512 5e2fc0c78c0165cbfce6aa3152951e9f3154cea63aad17f3dd11137f165e1679197be65a9f262a4deb5dd56651177270d4085ba8c7ef55510ea733389065a265

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3429d274f3eca59df8b87a423542be26
SHA1 d847191c0b33a2df0035876a72878a49ce331668
SHA256 7bde2062dc9a2b5ee2ffca71d1d1d517c50f0d519f11f366a1aacff2936e30b5
SHA512 b3895d0dcecaf5a2cd28354378b2430e9d2781643f71e74ad3111ead92ec875566616d0afe145dbcd64a2c871bccb0e0b00f907b866f72af8c57f541a0a74d2c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\prefs.js

MD5 69ad4d457eabd0684b81c31bbff5f9c3
SHA1 443ac0d5b555e1a76e3fb29ad15ab8d341164b0e
SHA256 1e16da0e13994c301b5d33ef5d9ada345064ed12694ddf9ac1fca0c9048e33a2
SHA512 a1210b7241e1172a9ad2b4ce2fc6562ba54aa0b55db43629fa4015e42be2ea244452ca3719ce7d729d452cfb0e96e0810004370d5aec982aa29dd49f076d362d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 aa3e6d8ad5e424d045c0ec66f7c3f169
SHA1 38388a79b4651d738dcf6853a2e3a481b1bec39b
SHA256 f7fd895f94a0ade5c21dc03b0b8061c77776fc6123ff6fd3a55c98db55654099
SHA512 9e4e102088dc55a35d2f80edbe47b29893846453143e4343d666b11ec39b2ec5363523c714292794718ae38c5605097b863601dc467aeb8ef8d09fc1ceb5b632

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 2e90d841c3520304f95d24cbe093df0e
SHA1 2813b78e4b0e0fff612b4cc2f639ff0f9883cfe7
SHA256 d7c325ddb0da21ca71f772ab7492dc40ea35b5df2e3329e19d19bc78cf708a61
SHA512 e9f481e4e784828f3b1851bdcee0c389611648db634d5e05b683aaf998df8f9c5a9e6ef51cacb128a5813c745fcee380fec76c5285c9159cff94a6f60345d923

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe583256.TMP

MD5 391b8b2c1adc524ecfce997d5f7d27ee
SHA1 6b9b15ca9ac70a90bcbb944fce8afd5fc10789c9
SHA256 3e0d7e236c9780a6b39dd48a8faa8c276f4ef48ec07b8b8311c3b54eeea21713
SHA512 e302422bac69061b29e577620c5a560ea37c68d0a9f1163e8fec48630097301c0cbd09cf7321570f89d07f69515ad4dc89faee0b5108404fbcc2350ac4daed12

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 7f2720cdb40030fa13bd30ec4b62e0c6
SHA1 d1b371f7072a3582a8c6584b29657633ae2ed4d4
SHA256 dbc0475d826ee9a09d569dddb5caae843ad957b77e9cb26445a3163bb98c6d47
SHA512 084d8dcf315a1011ee08de6b37d2edfe63f08f5aa892383cee4a8830ca0dcfd877df3ea4d85742fa517751bf9a0c373d74208e0c437833ef1efdc64dbc3df122

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 1cbf50fffafdc7d5f74a5e742402bde5
SHA1 58baed17812a0e3d22ce043cd2ebce299ba8ccb1
SHA256 86465596b79178cf9d17aa9467d3a67226161fad11772b32539c5109b9af9c01
SHA512 e7f6a431d9a91b050c27fcd426be48152fc4ac29876cde9331f48b70bb1f75aa35ec5b18c344e9ac5b6afc959596c884e53e40be35dd0cb18b873f84f4b11427

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\sessionstore-backups\recovery.jsonlz4

MD5 850751e1eeb5483886e401157e89e550
SHA1 4805b62a5bc0a22a2538c35150525c5287abd94b
SHA256 cb94432f2e16dd118a6c963a55c6363f56bc59896e3c1e332395fbff49e04821
SHA512 d01c38176280dd723ccd65024ecc137bcde9cb35943f192048193d7305300e8c1f38dce72bab168497671f48b9e7fbafac434f6f5469b65d507b799fa8dedec4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 1fdb63325a490d261daed27d9a376736
SHA1 20ebd618d739a740cdf5eb008c2c4b24b993fa65
SHA256 0418db3497ec53ac5e19ec008c38ffb02c58c8b320732796d7e94058d009a0a5
SHA512 77a99d9e3288b3457a6a5c9293893be14da15f91140a94b668e6685bb73ab3c50789e07741d0168af00ca4ad6658625afdb7d75ab2d4ce4ce58d2287954a997a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a49787c0-0f59-4880-ab69-80108bacff3b\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b3a3478c90fe361427bb21eda27682fb
SHA1 0b059ec4355b00ad8dfb61e1aa8437c31f96777b
SHA256 442717c7f65cd3bcb8751729811505809bf78929ed7d57f269e8a18875f252c0
SHA512 99dd44ae44c33b656e5ff51c2ad1b4f155c2cc62186de14d4ab771e22703e49d079b52df631ff773ad8fa45683f8e8feb7eee9a9ef8c7a29b32491ddba14fe32

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 68af80138248c53fbc7dd5777e505913
SHA1 a382fd71bc67ec079c44d3fa533d80379a0b8f98
SHA256 824c7b2ad3d1bc444bda0a43732739e1aa64c2fc1c79128248e06b041fa3975f
SHA512 01b0818efe6216530c9bfd99b97e2a2bceabd2a4726b407e1b4cfdf74e79c8574bae5f76d60f0f6bce390d55b7386aa6954c728331edbcdbc47948f15ada1b1c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\storage\default\https+++www.youtube.com\cache\morgue\72\{b8634ed4-f850-44f6-92ac-bb2a14da4248}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 679547cdd732ad04fadc0390b894c3f6
SHA1 1c9aba9e15438d9d904c3349da5f4cb5a043782a
SHA256 be37f06819705e954e37c9f91930c29f9ff8e6227f8d39b05d9d0f632f2a8e06
SHA512 0d25a2c2805326700cc109b00bdab8d28e94438854750d083e8288cff52a20d9ca3f42fdcc0714c3dba838073071d1429bcdeb8d0171db8e16abc6e721738ee9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 81ac05c6d01d84d913a56c11909cdc7d
SHA1 55f6bd5429c5a35ed53caae2cd50d856edcb7883
SHA256 b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5
SHA512 0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\storage\default\https+++www.youtube.com\idb\405212989yCt7-%iCt7-%r6e9s1p5o.sqlite

MD5 f0f52066c6195b22a298c1a62cabdebf
SHA1 0783e49cba9d62b8abb9e234620174bb827df5dd
SHA256 528ab4f54aacf689ef98129bd1255d5e5d1a39fd22d688a7c18ecb20660419e6
SHA512 2d08bcd96dd4615ba74005205e0cb7af8f26134dac03af74eec7267a1c541cba20ca4772217cb9cb44ff5ae829822d07af98278b876d8b551cf6dd548c2f22e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9899f7dbf8e4a31ff23b72bf2939540e
SHA1 e783254a3a64a1302df31eb76ea8165cb8c3fa26
SHA256 c54798498e1f5d208f067378aad421588b2d991c61e097dc6a4dd35f548df38f
SHA512 454bb4ba41ac20c0a9662138a9bd5708fde72f27c7af0dfa317d6136aa99717b90d81dea9673aad19a51166ee73f323cf99bf3088e24dc76507c08cd44258fc9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 082e78287d2424bf34fbf717976de031
SHA1 f05a3b6f8f55a277d54e53cf80b8987cdd7bbc15
SHA256 d28004d2d2a6e88f6982802b2a1f0890b938ff3fd4e50a1fb25400382635a39f
SHA512 544325f4f0593c21ecb6b54aa67389d46e2b418ac527a901d5b0d7e4291e58ad77a2539b840266b7543334fbe3acd8e313b5bc9d54972cb2e47c34e48f28f97a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 11ab7bb799b8675eadf20a749ee138ef
SHA1 0c9345a33f9ce75c822b5a3ff92f0495055b0df1
SHA256 c5a72160578e98ef8065c10f3ef7107480299cb62e28c0256da229bb82b4f0c6
SHA512 b586a89fa6c7f39b5255336ba4c20e3abfcb611bcf27e203dcb4456fcb1068f16e758b500269da93052184a2a59d3698466327cb16658d24d09cdf75fa894c25

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\sessionstore-backups\recovery.jsonlz4

MD5 e9d247989deb4f4e74dd56fa95ffe2b4
SHA1 4e9942bea78a4a855dd00f3429c394bf25851df0
SHA256 59c61ecf63d71256f99eab211e8f606b0923dffb6653229a2990c6317fbd2468
SHA512 989cbd7c7e642edf8fce8c35b7a486d75d4ac52ff2db00a4625e8d41a361e48b876636d4fa674a23de1705a91a19a1c4cb19bf4ebc73db0da0e6288f76227b26

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c1dc22337bdcfd112aa8097cc7a52e7c
SHA1 c3fb1a170bf8c40ae944f56feeccf8c949fe36ef
SHA256 aa81eb7077a74a03e055453b330ff91e78cb81f12a2eb06bcf91d96afc95999e
SHA512 7301f82ca0121d20ad463b5d122d69fc32d3d3e32da0746d833ff76ba1f949827acbe257ff891ad6db70123f66e6c4a65c082c36fe74aa52f48243768fc5ab65

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 39ca3c3186f5865d2a8f1b5b4f551e3c
SHA1 4b9be73dff400bc141c01bcf7d8a394afc6f148f
SHA256 2aa85385e4b9ed2a2a7de9558d79b31ce68588eaae15fefa08009dd733df696d
SHA512 e8ac59d4abc22bd2acf50f4fb112f31656ebb27205559bf8e36340999528bea4dd0d89f90f21eaa50cfd30de501bb84f10695e96aa17e34d3039ebce8c8879da

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d193c66b9f257b65288e65af743ebfe8
SHA1 91147478fc69e095f317b667405ba09dcb0b2aae
SHA256 fa5f8153963c3de70a50c33cd68b8d6c0e0cce431fcfca406dde37b956faf002
SHA512 6c2fb51893cbc11323e7e52e97326045f3db16e73bc0b5a00933b3afd9425eabfad795860c0934ca25970093b22aa1b271a621f18357a97869775020ad258ecb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8c132086477d607fe500d0417f011a7f
SHA1 0bd6ea78733a45562dcfe2996effc895f0f07b84
SHA256 eb00bb1bc5853a7455e3c3edc7492628803285e66a26ca02cd2c5b71594c9eb7
SHA512 d2e889772b06ecf44c822937cf9ae6e49a6d5a6be90abd95c940e417bb832fc1ee8803e8ce498c9907766578f264798544860f615eef19d29876c75098771cb2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 2e48fee626a9cf1bad7dbf9075fbc11e
SHA1 a2e5f0ee4a0001a1a484e32ddef9f9c3058767a5
SHA256 20b287e975e4f5c64a5053eeaec0d83c73bfd7619cdd53806984ddc8baa67695
SHA512 0bd2b3bc72627fe9d94a552b00dd738a507cd483226b9f84bce8b4d83197d50d996b03b4227e0c6f52bef06c7bcc5ebd386771048746ff3671f9952457a77e79

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe588c5d.TMP

MD5 5ddc4aedc30033a456cadc2fe55ef1db
SHA1 e357a6189cfdb2a9b220fd5c919cbc7aa67c72c8
SHA256 88fa9925e2ca3413c16078d655f1d350005311a1c905a6efe70a0394900f1cb0
SHA512 536abb63bba216a36d5e15f5970c5947bfb7f04ea7e8618ffbf4aa08c005ed89268a72682a90067506fdd258a20fa3c2a28fb77dfd0fc25e436ebb54a2e46df7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 853b4130b22dda431ce727b1599183d7
SHA1 cb1fe01cf693e260a9b5897ecbb31ac8f2ad93c9
SHA256 c372c3fa3bdd338320b9abebc94bd4e6e740c007ba902c414e187fc169c3e1db
SHA512 3f1dc01ea31d6c43bf2834c9d358c5c0bcf415b9be541d30c7d0fc55188e5afe9502d3ea0a185f58ec682dcadff12fe5de726b46f2b4facc104262b1adbc6c95

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

MD5 709f7544bd3e74c424113e6853948595
SHA1 a8c1d9e6c8493091727f0e303e45ab92b773343a
SHA256 0f2a35c8b824d54b483d0b2ea10964bb7af8eb6b1c86d40efbac4c55e1123a2f
SHA512 c2ed4cbb5e48d04eeb63c94d7d88acec5af101c2da003a34379023d8454d810ae357d0b4265da7027af38889fe307ca597f815111295ed62520f39aabeb2020a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

MD5 b2bd54885df8633d41cee18482f1e752
SHA1 04f9c72e5e9a381c61c3c8164517d592fa760d93
SHA256 73025b328c2322df28fdc617d6cece463468eb58b7b1ae028f0dd59f76fd8a96
SHA512 72caae77d7d3a96302efe670b7af7d46e55306d0787b115fb5f7bb5ab3204f582948709b8d65eaafe9761b7a93a72a510b3fea659c281dcd18de26c842c9099b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 4895b78fd1ea671b17ff17c4b9b1c382
SHA1 f476ba0afc843bdda43c1fe7c34a1674e54dd83e
SHA256 5bf2ae62298ab83285f0257a2a57375b608d4292649e59d2b27aec9f320ec97c
SHA512 6c78974ea5b36924fb91f7aa853751eabdf882bc9001c3e95cd8a374e1948ca9b3af2fa081088cfd50d2f5dd03cc7ef4445825e252bffe61b9f056f9318d44d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58b215.TMP

MD5 44a78d084b0d137e47b3004785a5478f
SHA1 078294e108d3315b062fde9be3247c9542a408e7
SHA256 c446d92bf14a570505f8b6f94811bd2a156c8ecd2fedbb5b9ea17e8a2b27a10d
SHA512 e8cb07df0e0e8c2d569b0c7c4e5efe2d73568d5e83a7157ec9c46e64eb31d57c30ac42082c97717edc81830ee4741630d6aef8140cb8334c693f03ee7b6d7c67

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 3c58c77606488daf465c369c0bcd254d
SHA1 021dc7d8443aa2ef0fa42ae225438f00e9b7c880
SHA256 9c8b14d51250daf51f8931dc2113b505d282bb44b82b4c45a2d27734f859a2d8
SHA512 de9a6f2d0620869a627dad69234c47f1da1674c4a9fce6eb6d759d851e42076dfcb11066edb22bb21bb2b72aecc3f24544322d5abb0aa47035295b244486890e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 f86e3ca1118a2de7b07bf0bac2c3f80c
SHA1 92e02b666b6bdb0290c61654011d4116c3661168
SHA256 fbc20b07e1acbca4ec301ec78a1c4763173914c8e8237ac354ec1f27ab8c54ba
SHA512 8ae405da75bb7fcae89ce64c5529b2ce5a8dfca0cd2c8d5d931668e31b90d141c2cdd0b7b4af7bc8b01745d7912237216ce897b3bd096d8d49dfec9d683a7de9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 5aaa8edd6a67b9866cc29689ad9def67
SHA1 fbe4c0a3c0835be79504064f4ca2a3fb685e637f
SHA256 cf125208b3c8c43493b77d30a96fdb0a682943c14706ed46b46a0491562fb23a
SHA512 aa7e67c0949a87127a8b459152140ebcb86a89a86d334d1324caf09a786d42045d8d76889d48538d22ac9770b213eca9c33f5dd005fe6eb7042f4a3791fa1044

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036

MD5 82cccb39e459a9730528c9a440411c29
SHA1 7a05d1207d076d8689feb9f5ef9954ef2744adc2
SHA256 90a24d0d36979e584d4b1b1e8f283bc36b0dd7b0c644b8d14c0b0a500ac22581
SHA512 69bff4c176c2e07770cf07987da0e838b949939b3d915f3514d4ddc1ec92e9d876561c075687312c3a9e2efbe7b007a2a6412d69db6b6670fae8ff8ac3a0dbfa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 565ecd3075856f6ab0ab244638f13c0b
SHA1 ad28a9f97f4d899e8d2ffe51a7d5413c1bc19e9f
SHA256 55fb653afef837b5cb36c14a86879abefa4c0445438c1226a0a8182e4eeb988c
SHA512 716ff0e857f7daba2afa026713999a9dd2f3842f702c361c6a4e08d052b2c6f19b943a9c5c13c443236cd4b083084ecd03597501ce24a77d9f0c931e511dbca8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 061bca4fd1623dbbc0afaa6645dc4afb
SHA1 1fe67bc2fc90e9bd5b14cfb3f96eef9c4a16b0a7
SHA256 df5e45fded2ffd3d948102f36714e2c1876d7623269521bf7f3c2fd3905ab125
SHA512 f317e75c368247e05c401443b06558db0bf47f793518a8450b9142fa55144cd7462a370dc17797b6908cbd785a0da7132778abe38686f77479cdd336da7d4771

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s5jf5e5i.default-release\sessionstore-backups\recovery.jsonlz4

MD5 b9b333c0fdbd492d58e90576cdb2cee8
SHA1 557881ee8497bfa3db07e739c3a4a9f593d74352
SHA256 740cae0f0a140561ade9cd98600db373273e41572a07209c67af5be1ca76c44f
SHA512 59fdab90bb341f8e98dc80860b15d921d784d73bf5b7afc404895f0feeaeb02a7a8e7da9fd8ce521b9dd7806f2e7a73bff63920780a2610e18f954cda3f99539

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d76d589e844ad855baaa79c48507733a
SHA1 7334a8fcb504120d5cddda796e47f052307481d2
SHA256 7955b6168451e8b17f06b6a260fa0366ef1a5d4a661ff27152f37bdda0135441
SHA512 f774d54e84c2d2235f2a77d2ba1ffd6785feafce2d2062615fc11c8ea9aa8c3a2d7d7d3c3ea0eff5380d6c7f6f862400e915dfe7248f0f42e8907e9e760c2aef

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 d3728676339bfc6c7ba2b51167b06cf7
SHA1 7b3b555646a9ea4a699fb372b0773e3024548ec2
SHA256 5bf234c0ab4aa9eb7a7914449061fd8ddf3d8140d6dc76195d1323b35620a895
SHA512 c548a9fa53fc757fa2b23ac22c7166c4e7fbd7c773c2a15f0b2d12eae43497c22aac260eb0def284bcdfcd0f8015dc340e33d7e7d25efb6f179f6a46cfb80381

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 7a65059c2a5335802b4654c06928a3b5
SHA1 e7848e0c6ad267078fb915381b8392d98ac53798
SHA256 276fa50be83400c2bb4e1b4b78abc51942fcf2c0463f0db7c286a58a783fc4af
SHA512 128c1314115266d37bc0f265b0817a610b3be37da283ed88e6a9840301c3b2d1df347ae55e73a5b561883d7477f754206e204d3a27f85261ec3cab66c0bced9e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 255a9f8a1653b2165e95bff52591543e
SHA1 accbd166df3b1c4f0cec74babd3edf380429027b
SHA256 6070a0daf892eb44d3d4c4388106521e73be21d8ce70ab5ae9f719349de82738
SHA512 f90dcf432e8ddca2ea71cff36a39cd0e9778924fbac152c1fbdba76e56e17049a78070f00b7382429f5f9e1301efebbba741aba08d6af7198da34bac72c4499e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 eef885d9155de91919b0ca175a3bb86d
SHA1 91f287106ca82b44e0e9119f7f1fd413c05aaff8
SHA256 89c56261ffc0cdbb2223a4286567253576f2b791ea5833faca0aca7bbd5bf32e
SHA512 9ee6b632257005b95b69ead4e07f7f28f7805ce493d26a13be0d4ca849e39f3b0ee7d502a46ac2652a45ca91e437a94037cb4e3915c16af14882a07c77d09227

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 1ecfbd80cdc626102991234be1d1693e
SHA1 61e17f920f07f4bd09cbccdc2cac4d4fe5ccf416
SHA256 24e03946f4a17f14a29ccc84a7426bd74f30c10a45a1eb07d47a99dbb73cd20c
SHA512 ba407bc86e91584fa6cf8505819adf5049a1378f3927c9eb0b767b72358f659f9a5f9d8e67aa88e5b8caca022988f6710982f5eef2c6943df6c072a9cc6a7367

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cadea1e48d58e053b07f41e48dbc7703
SHA1 790895de9110c0abdb358720d19e188965d3cca7
SHA256 293515cc757bdb776691381a57f59a8009f5b255d2d65ae0dcb8342854158786
SHA512 18646c2cdb76cf089d41ab14ee095fd8ed9815c6e318af84653b8a78272c1bdcc18b7fc0be0fadc23585ba175f5ac930222d339b5edd7e4b6d350aef9455e106

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f40666e0f6afa268176c0fa57fcff94f
SHA1 4698d923c1065aec079d4232ad1c4989ab33d4fc
SHA256 e9657f4c346a663fa1a4c1170eb6c9b7132bdfe543e2b488b2e9105da0ba517c
SHA512 6c96bf009a9cd9cd1ff98c4a6ea668ecf8970cc67ed227ab3a195491f2a51ba34e25f88f6c900d56fa8ad036a6c2bfbaf66bedc4fabb8d23584b8b6f1ad58db2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 60eb0d345f62835e249cb35434a74684
SHA1 3f79977d617913fa8ba0b75294793be1695255d5
SHA256 88f0a11612b71384cdb74180427e8e7f0d7381d75cb91c77f8ba0f98a6408b1c
SHA512 352f22732228e2a21b0ab3973b64054fc65c9800115ec3d022abd5138ac3acaac3e4e293cf25fa34ac2216ebf35a2dcf12c18485611629d70104d781d9679a68

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 9b6ea3752a2be0af76e4a9ce38490414
SHA1 9cf230f9df37a28f8d837c002a7c320039e256c8
SHA256 960da2c20a1a66281ea7c05baa88226d7702568105e2d82e64e64a8db02f90ff
SHA512 08bc688def35cbc87cd3f287bcb93c3bb4c7527adeaf42a2d66d9694f05dd75a935f2a522907ff72246314ce0d53df40223a3601250654b1b9712b68937196c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 fc92e4d2d5114a329700f29198ef6150
SHA1 327ebcc2378ea180a72bd9eafa71003b4de91b05
SHA256 780d84d28a847f67762b3c98bd3a309afcc566e6a836159cca3275b304e8d289
SHA512 fb17a18e1dbe2fb4498235f60a86527ecdbd2842f149e8e0a96f7da46fac58fe3bc087cea6ec4958427faacb8cd06377778d25ee5ea15a6859c0573f6aa71952

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 02162ffb49dda964df98bdaa5e44fa85
SHA1 906dda1ba31ebf90a3e00463f2acbf66a8a176f4
SHA256 ef40c74d9bccbc021ad2047f03c5669d32dca728e78a76eaf1dcc124e83e3163
SHA512 b15b22630fe9ef084d4f94d393b120660c50b6ee21ddd3c5d201d701553acf77f920af08dc0577db1a453dca6c153cf064a079bc8c2bc1bad59dd154ea209c0e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 95fb6213e72210d82b48eab6084957cf
SHA1 a245c4c0e3e3524f5d32235decd69d7431b22477
SHA256 cf4e2dc0d9d322d180f537f97d1528b1e6d250b7c5a1071cd25a00e1981854cd
SHA512 d2d4eb4a9e7291f031a11616d5feb680a4cb88d56b55e82c6c4fb1377cfa2bd1cc649496fbee2c4e296416f295e643c869e038c8101d7a2d65d022a8006c9757

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 5e43344592bc66b860cbe734e99c89cf
SHA1 a1d062d661401326ffc17ef3f85e28687bc48699
SHA256 5f478cc1c2f02a2e561ac7ee8cd2a7b76522f7706e337a0594875b7f967831b5
SHA512 e0a7635119fc3be8ab7915d0575b13b3af37478e329ce12607b08a2e7859e62fabbc476a8e21258f7ad0edc5c7875a0020a6203c90c2c37606c1f849fdc9999c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037

MD5 4bc860a0a3a02c4de3810295700e7474
SHA1 6380ff3c94abd046c8c97b22c705fce5a6507c0f
SHA256 6f2c1ea211d27d16a95fa58dfb6e4e666fb56c90810aa23cb455eb230e9950d6
SHA512 eec833434ef7910c7bcf6dfa14a784928a0621b25af06ae98f7f3f9e225f37d61c0afe9eab59d00053e6e4e100b83f3ad8c409624bb6804e12ef428cd7566905

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 6565df287f8b9ce2d725fa685a111481
SHA1 eddc8e4d396b8cec850b736467d18f62bea6920f
SHA256 1fd3b0e7d5f951cab039c0fe37e359927303451754c688608137c39947662f0d
SHA512 06c569235443d490245805b1d6dc4d2851da40fbcdaa85e0f383b2333d22c0465bdc443bf5df1b59c330de06262de1af61198d6427438af9698c73348ff3871a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 8a09aa058c3646d4942d4911ad41742c
SHA1 2e812daec808dde505efbf35786eb7f7ece0d84f
SHA256 f8bfd99502ac29c40f14f2aaea2c59ffed746819242b7cd88994ed8738a8eb36
SHA512 79d5992132778f5e2010d90f98b219c3a5dd236e7d765e2b08cdff106c9bd501c24e84a6d2e29db9b63d2a4c784f5a16d347675519cb6e740eac2e86825645e4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 c8b04cc37899d8cb831104104bba9e47
SHA1 61c95a712fd71652498bd99b59566f906433a4a2
SHA256 7489154e0b007802b338b47ae55d5d87d2db445630b87b627cdeefa4def4ff92
SHA512 03672782452eebe37273e2aa71b055c835c7e64cde585da077efc7c406e54720a7da9002bec847a5307af3e6f7cab625321370d32f14ea413bf8ca29f45730a6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 ae4f6e2095a778aec3007a1599793990
SHA1 10df497e5009e23df2510d674debaf983b5a4815
SHA256 d02cce36dd12d3fcce7d378b912478dc604269a2e66734a904fca4bb3b7e35d7
SHA512 1ae60faa0767b9e067f3554578178790ece181a83f595747731b321a8af64f8a19fcb59f66913c17a3034922f25ef67a1353b4ed531d7247b2d32d4a8d3a3e15

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e6f7ced8610a9feb3547ebec79661b07
SHA1 0d2df4e4bb1ed3cf731ee8c6c8c68f85fa0eb455
SHA256 9afb2f8d595c26c08adc3ded30090b4ab741f7da5c4987eea6c72da77b334577
SHA512 f224a7f0e2792a7b29d947e5f0ce250a18ef9115d992d675082239711d4836e1383f01d86d7dbaaef04b09e7722c5c352c03031eedb350fd541bf452d8d94534

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9cb4c30732f2ddc4ff938243cc6e0a46
SHA1 c5b9228435e05debbe7caed35cd3af60db96b7f4
SHA256 8a33cde3d849da118ac8aad75cfe0a1c0ab05f76814fa7098087a2ddedea7f94
SHA512 d6782793bb2a1087003278f6b70a1c1ece18c3e1304ebc5fb72437e395008f846e2963c813f69f97e16dc90da3e15cf0c2f55e3b59c320d659e37693e1c83e54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 ee029e34a617639e2760c4cf8aa30a40
SHA1 2c690785bb26c86342661b6aa355624c602007b7
SHA256 f5c10a134bc87fba604ef9b1cdc253f24b03b0cc9226345f5e720c015ae1486c
SHA512 372c9d72d12c176c4c63a2e4cffbc0fa8bd60af4be5110bceb290845ca8f0fce40e1ee0867283b46879d66ce207ad4cf3595fbd3b62ce5bc21173c6a02d74bc5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 ec43c88a733bdaed24e4215baedb8297
SHA1 ed37ec826d8eb0635ef18c9fb4841879611a6ff4
SHA256 e3a6648eeaaa9b8b15b1ccfd96c45f394455d549713bca24fbaa60fac9179a36
SHA512 4fa26269d6e3c5b39b494d9130fb6402cf5445efd9f76cb307ca42a88b2f0fa0d0a7d813056e7a37f2b25a9292f877e2e8345d27181156b48de1dbd10aaf6a10

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 600576d14ed72043608f76c04047c44a
SHA1 8669feb614ddad42396084b844a04f41914bba62
SHA256 0c96f18c144433f4ce31403661126dab4598eebe54ef365c7dda5ab19ba106a5
SHA512 90cdbcca6cc27a4a4f10e87e72b3b0e7af946aac6df4b43cfd56111e63dc3b711e3113aca5d6b5f926bcb6b3dbe031743af7ff42f29cf4e758ace492eff548c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 1d95db52c153d4894f1062bcd9f446a3
SHA1 e989d3f13c36a022f7a73f3d4476d328b10b306b
SHA256 431c112713fc8f807e1724875da6bf8e6df97ecf9786a86cf17fd231871179c5
SHA512 ea5477be85a783a99c600dff57b7ed0cc7ccec7b1f5882ae14812be39792d4d4ed91f7201d9b215acbc8cac442375846f8ef2d0e6f5a821473bfc900d7ad1fc1