Malware Analysis Report

2024-11-16 15:46

Sample ID 240217-fjffjsbc8t
Target ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe
SHA256 ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4
Tags
google phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4

Threat Level: Known bad

The file ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe was found to be: Known bad.

Malicious Activity Summary

google phishing

Detected google phishing page

Checks computer location settings

AutoIT Executable

Unsigned PE

Enumerates physical storage devices

Enumerates system info in registry

Modifies Internet Explorer settings

Modifies registry class

Suspicious behavior: EnumeratesProcesses

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Checks processor information in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies data under HKEY_USERS

Uses Task Scheduler COM API

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-17 04:53

Signatures

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-17 04:53

Reported

2024-02-17 04:56

Platform

win7-20231215-en

Max time kernel

75s

Max time network

149s

Command Line

"C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe"

Signatures

Detected google phishing page

phishing google

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{8DBD3081-CD50-11EE-88A2-EEC5CD00071E} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 20e759635d61da01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com\ = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\DOMStorage C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000969d72c3e5a03a40a0257479feadc03a0000000002000000000010660000000100002000000058135f61c3480ccc29671cdd5a45bec6829135f7a47fc9b5d317c0200b675f5b000000000e8000000002000020000000a041c9f3e9fd8808e890a034ee2dfece9c2534aa88d8b2153c14ba0538f87dac900000008818da21f4563e8e723af23626b78b0e2dc847f24ec3fe5d01b73cadd62cc822678025c8c5ab83c8327b781465e64c7cf34e05264c3bb6955dceda71bc14be278b5eadef48c3f821fe3a295b69efb73dbe0a09a5935a3cf957c595609b3a9e36645745e96825d08c59773285264daac75e32536018a32b000f78d57b24897d32de650993f13833f9443b9f2fa7667acf400000007b1ece07de625e65e7b5830d32eb64b0cfc5c79bed0fc52962cd344d5e777dc984daba276df14af6f55b5e5fec54d7261a727b01741029a61224c5d25bf17cba C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\DOMStorage\facebook.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{8DBACF21-CD50-11EE-88A2-EEC5CD00071E} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{8DBAF631-CD50-11EE-88A2-EEC5CD00071E} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\DOMStorage\facebook.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "414307504" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{8DBD5791-CD50-11EE-88A2-EEC5CD00071E} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2060 wrote to memory of 2356 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2060 wrote to memory of 2356 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2060 wrote to memory of 2356 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2060 wrote to memory of 2356 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2060 wrote to memory of 1832 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2060 wrote to memory of 1832 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2060 wrote to memory of 1832 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2060 wrote to memory of 1832 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2060 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2060 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2060 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2060 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2060 wrote to memory of 2652 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2060 wrote to memory of 2652 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2060 wrote to memory of 2652 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2060 wrote to memory of 2652 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2356 wrote to memory of 2604 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2356 wrote to memory of 2604 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2356 wrote to memory of 2604 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2356 wrote to memory of 2604 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2652 wrote to memory of 2724 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2652 wrote to memory of 2724 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2652 wrote to memory of 2724 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2652 wrote to memory of 2724 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3068 wrote to memory of 2564 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3068 wrote to memory of 2564 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3068 wrote to memory of 2564 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3068 wrote to memory of 2564 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1832 wrote to memory of 1572 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1832 wrote to memory of 1572 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1832 wrote to memory of 1572 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1832 wrote to memory of 1572 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2060 wrote to memory of 1708 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2060 wrote to memory of 1708 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2060 wrote to memory of 1708 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2060 wrote to memory of 1708 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2060 wrote to memory of 2696 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2060 wrote to memory of 2696 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2060 wrote to memory of 2696 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2060 wrote to memory of 2696 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1708 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1708 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1708 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2696 wrote to memory of 348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2696 wrote to memory of 348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2696 wrote to memory of 348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2060 wrote to memory of 1792 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2060 wrote to memory of 1792 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2060 wrote to memory of 1792 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2060 wrote to memory of 1792 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2060 wrote to memory of 2044 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2060 wrote to memory of 2044 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2060 wrote to memory of 2044 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2060 wrote to memory of 2044 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2044 wrote to memory of 1264 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2044 wrote to memory of 1264 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2044 wrote to memory of 1264 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2044 wrote to memory of 1264 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2044 wrote to memory of 1264 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2044 wrote to memory of 1264 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2044 wrote to memory of 1264 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2044 wrote to memory of 1264 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2044 wrote to memory of 1264 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2044 wrote to memory of 1264 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe

"C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.linkedin.com/login

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/video

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2652 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2356 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3068 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1832 CREDAT:275457 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6889758,0x7fef6889768,0x7fef6889778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6889758,0x7fef6889768,0x7fef6889778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6889758,0x7fef6889768,0x7fef6889778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1264.0.943814540\1459040865" -parentBuildID 20221007134813 -prefsHandle 1208 -prefMapHandle 1200 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {765b65dc-a729-41a2-90d5-8a099567470a} 1264 "\\.\pipe\gecko-crash-server-pipe.1264" 1288 fefb558 gpu

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1068 --field-trial-handle=1232,i,3234228021341579236,6041886053078893598,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1512 --field-trial-handle=1232,i,3234228021341579236,6041886053078893598,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1596 --field-trial-handle=1232,i,3234228021341579236,6041886053078893598,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1264.1.1219456855\1597402667" -parentBuildID 20221007134813 -prefsHandle 1488 -prefMapHandle 1484 -prefsLen 21610 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {34db565f-a453-4015-aca1-f609fe1c4279} 1264 "\\.\pipe\gecko-crash-server-pipe.1264" 1516 ecebe58 socket

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2248 --field-trial-handle=1232,i,3234228021341579236,6041886053078893598,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2240 --field-trial-handle=1232,i,3234228021341579236,6041886053078893598,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2696 --field-trial-handle=1232,i,3234228021341579236,6041886053078893598,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2848 --field-trial-handle=1232,i,3234228021341579236,6041886053078893598,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1376 --field-trial-handle=972,i,12322737536524178091,15448547033240917365,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1124 --field-trial-handle=972,i,12322737536524178091,15448547033240917365,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1332 --field-trial-handle=1408,i,17006334441558006626,6805759355354947266,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1120 --field-trial-handle=1408,i,17006334441558006626,6805759355354947266,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1264.2.61135596\2130393354" -childID 1 -isForBrowser -prefsHandle 2100 -prefMapHandle 2096 -prefsLen 21648 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4d184fdd-43ee-41da-b2e3-22e695ece3e3} 1264 "\\.\pipe\gecko-crash-server-pipe.1264" 2072 e64158 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3232 --field-trial-handle=1232,i,3234228021341579236,6041886053078893598,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1264.3.730282483\29284784" -childID 2 -isForBrowser -prefsHandle 2912 -prefMapHandle 2908 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {da8c1fa6-0061-4161-9eb6-87f442adb064} 1264 "\\.\pipe\gecko-crash-server-pipe.1264" 2924 e61f58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1444 --field-trial-handle=1232,i,3234228021341579236,6041886053078893598,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1264.5.494452075\1774402026" -childID 4 -isForBrowser -prefsHandle 3784 -prefMapHandle 3788 -prefsLen 26170 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {53f0ba6b-7f71-4450-91ac-dc916906c3c9} 1264 "\\.\pipe\gecko-crash-server-pipe.1264" 3772 1f5a6e58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1264.4.391598735\967205124" -childID 3 -isForBrowser -prefsHandle 3648 -prefMapHandle 3644 -prefsLen 26170 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d37a2315-5ca1-4ec2-ad8f-f71c428fcfcc} 1264 "\\.\pipe\gecko-crash-server-pipe.1264" 3660 1f4f6158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1264.6.179463563\784782205" -childID 5 -isForBrowser -prefsHandle 3948 -prefMapHandle 3952 -prefsLen 26170 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c9c62e55-fa9f-4ac6-acca-5d8c4fe20aea} 1264 "\\.\pipe\gecko-crash-server-pipe.1264" 3936 1f954258 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=1240 --field-trial-handle=1232,i,3234228021341579236,6041886053078893598,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2780 --field-trial-handle=1232,i,3234228021341579236,6041886053078893598,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1264.7.1243765902\247416045" -childID 6 -isForBrowser -prefsHandle 4212 -prefMapHandle 4216 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {89ce79f1-0474-4312-8af9-79cf7759ac0a} 1264 "\\.\pipe\gecko-crash-server-pipe.1264" 4200 1fafd558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1264.8.1334530550\1270794733" -childID 7 -isForBrowser -prefsHandle 4448 -prefMapHandle 4444 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b00bfc19-d763-4d6b-8413-6e98ff0072c7} 1264 "\\.\pipe\gecko-crash-server-pipe.1264" 4556 21f5d958 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1264.9.987726528\1938621162" -childID 8 -isForBrowser -prefsHandle 4540 -prefMapHandle 4536 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b1ccc1f9-ab25-4887-befe-69005cc1b6ac} 1264 "\\.\pipe\gecko-crash-server-pipe.1264" 4572 220c9358 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1264.10.1940158274\2035596050" -parentBuildID 20221007134813 -prefsHandle 4400 -prefMapHandle 4396 -prefsLen 26251 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b8dcf84a-d3d2-4ef2-84d3-1475b953ffdb} 1264 "\\.\pipe\gecko-crash-server-pipe.1264" 4556 1f7cf858 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1264.11.797083774\1742653556" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 4988 -prefMapHandle 4336 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {669baaa7-9160-4654-ac55-ec3a8f64d8d7} 1264 "\\.\pipe\gecko-crash-server-pipe.1264" 5000 22679558 utility

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4488 --field-trial-handle=1232,i,3234228021341579236,6041886053078893598,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1264.12.696555243\140087225" -childID 9 -isForBrowser -prefsHandle 2892 -prefMapHandle 2888 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0a80550f-decd-4a5a-bcc4-3e12e61565c9} 1264 "\\.\pipe\gecko-crash-server-pipe.1264" 3348 e2f358 tab

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.linkedin.com udp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
US 8.8.8.8:53 m.facebook.com udp
GB 163.70.147.35:443 m.facebook.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
US 8.8.8.8:53 static.licdn.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 facebook.com udp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 fbcdn.net udp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 fbsbx.com udp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 163.70.147.35:443 fbsbx.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 142.250.179.238:443 www.youtube.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 52.24.144.241:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
GB 142.250.179.238:443 youtube-ui.l.google.com udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
GB 142.250.200.54:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 142.250.179.238:443 youtube-ui.l.google.com tcp
GB 142.250.179.238:443 youtube-ui.l.google.com tcp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
GB 142.250.179.238:443 youtube-ui.l.google.com tcp
GB 142.250.200.54:443 i.ytimg.com udp
GB 142.250.179.238:443 youtube-ui.l.google.com udp
GB 142.250.187.246:443 i.ytimg.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
N/A 127.0.0.1:50126 tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
N/A 127.0.0.1:50202 tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 rr5---sn-5hneknee.googlevideo.com udp
NL 74.125.8.74:443 rr5---sn-5hneknee.googlevideo.com tcp
NL 74.125.8.74:443 rr5---sn-5hneknee.googlevideo.com tcp
NL 74.125.8.74:443 rr5---sn-5hneknee.googlevideo.com tcp
NL 74.125.8.74:443 rr5---sn-5hneknee.googlevideo.com tcp
NL 74.125.8.74:443 rr5---sn-5hneknee.googlevideo.com tcp
NL 74.125.8.74:443 rr5---sn-5hneknee.googlevideo.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.202:443 jnn-pa.googleapis.com tcp
GB 142.250.187.202:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.202:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1---sn-4g5e6nzl.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
GB 142.250.179.234:443 jnn-pa.googleapis.com tcp
GB 142.250.179.234:443 jnn-pa.googleapis.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.179.238:443 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.221.35:443 www.facebook.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.221.35:443 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp

Files

memory/2060-0-0x0000000000860000-0x0000000000861000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{8DBAF631-CD50-11EE-88A2-EEC5CD00071E}.dat

MD5 f5a9d46f79ee2e9cf297303ea188ea05
SHA1 03805cd33da7e5a1dc04253be525e7c8c70db450
SHA256 b72320c5d2bb1053b99bf31bdcdc4db9ffea55761d4172da66f7a1a837fd06e6
SHA512 519d297aaa4112ab61875b2a02662a6faf8cf2e11831c5e32fe9aca139d050a9c4153e3dc8907b2bfcd6c12186cb70807164455f4ba5142304c2878de8a69358

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{8DBACF21-CD50-11EE-88A2-EEC5CD00071E}.dat

MD5 90ff854ee604ebb94425a6ddb8f934ee
SHA1 f2343a5ef38d652b70a0d5035cc103b3ab0f8a46
SHA256 f162410e9e304769a9bacfcb7f8f002e7159390dccf5674075d249d1aab99799
SHA512 87352d4162eeb2ccb80a98c9363cb8292a377b1d6e9b2c2dbc6f789fa9cf69d51fe51662a08dfc93df44838878f59901baad1dceb3b3bbc0c8a107eb9805ad0e

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{8DBD5791-CD50-11EE-88A2-EEC5CD00071E}.dat

MD5 5aa62636a764e2316f6a72a576011a20
SHA1 1302da8e091bed5af10faad0479e131d81db262e
SHA256 2edd6942ff23dabc7bc070159df030962b14a76950d9342bff25ae214f7128f4
SHA512 9c5dcd8d3a49dfcd3069bc03d3fcbc4906511e8f177b1eecefb29395816e4cd184c927be241961513b1770ae3fdf8d43bb43619d0d89af74843fdd8087387b4d

C:\Users\Admin\AppData\Local\Temp\CabEA3.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\Local\Temp\TarF51.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{8DBACF21-CD50-11EE-88A2-EEC5CD00071E}.dat

MD5 96e776337bacc4babb36c4774d81ff0c
SHA1 766b9fcb12e9e3e752c102d66d09af5fb54da248
SHA256 09bec0b47bbfafa115c4eeddb1faa7daa37772953574ffdb499f85e927ff3825
SHA512 9234d72e9fe2ed5dbe4538db985733ee4afb84e2b01a69f276138c1be1434e4c5a162a73c227508a9bf3ae1bafc5747e183c47dcce5909712d07f1174a182982

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 29b0a6ab1379c5f94b2206e2d4258411
SHA1 4e46b4fd15c0bf6641078bf96c47d35700cf0a48
SHA256 33957cc8b9e337176780ff22cf625ffeffe6755355bf64912be4c0d4185b3c55
SHA512 ed9b486877d9f41c4279e1a77891b28ee917ec813066da4887bc2d760b8e024ea418ad2dd7b46491eb96d9474181700f0c920a451dc3e0560b62eb5c817360ce

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 3b6b39eb9ec703be47866abf887296f7
SHA1 585beff138dd92f14d9392237117a669c047cfff
SHA256 9e92adc3670d602a9688a1eb9aa649777cfb18882897b189fb483f0a371d4520
SHA512 bfd12f4cd8186faa9f7da86adf4ce392b7f6aaea521600dcb13bd0c0ce2dd4061bf65bb58463460298281f2b6eeb6b94ab9e660c77a1eba1666c89280d21c5a5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 3ebda12073bbe6497a9171e0de07ce74
SHA1 c3ff257deddbb6f1c97eae05fb854db698fb49d4
SHA256 812a1fa3d44093a6f694fda8e81266f7c8d11f2d765ce0a90b6fc614540cb756
SHA512 e7737c0a6650f49ea7cc9e807be081448271c42fde54d2bb55efe3cf559850a662470a690679c028d9e4aec1e8291b58cf6cc783222eab31bcd3d46e210c50a2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3ed67c64c482fff4117daa6a005af88f
SHA1 b2912b5a8861824100c30fcce16bd354afd00506
SHA256 fd4d09691fb4aa571caf48e64529a40047ada8778060f2df63649f18e569b8f0
SHA512 02f388842e3d96d185765706751963c0375ad3cc30b4fa8566078593ab8e009656b6a6f35c7d51d8442ea3d07f265f5ca7c3a95a8de7365de00559b68bb3d87d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 57c8fce151ff1ecec44ca827ad224da0
SHA1 3a88460fd229f47e4af58aba86aa0a6fa223ca46
SHA256 e17416044e584cfcedbcdce68decbb617a9215ca313b526372602ce053a9f6b9
SHA512 124e2dbff71ef6474a485772c49d0125d61bd144023995e61c8fc1992354dd0bf16077ccc4fe8c9bc5e895ef66ad37d54bd83b5963e27517bdeaf6e4c3aa47e2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 cd200d81ae9ee6f676569714195c72c0
SHA1 03925518ed42dfcc6238317ed62828ffbc47e67b
SHA256 67615bf87f2990680175050c46cdfa6f5b96d2b2ae9760f7f344008c4575dbff
SHA512 ec7f97058379e8e4e98b9b7d4f79e425eef90f0cb1950481676b796e0c5d6cd7495dfd5e8e713bacac5e9be2e312a402762a16fe949d21d32370c2e4f62c5d8e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 af300b59b29a8cfe4e5d7904211f74f0
SHA1 3fd3702665b6f994f1df523857585ad51012b4ac
SHA256 f62980c624afb1e96771f8078e36dfa1e3f6e3e1f8f28df5a32a2050705874bf
SHA512 16c9633f92e8b652e76c0a453f3a6ebf641f46344a78e817249c2a4ce7be806087b94e2ef8dbf0fa3103b5a424b0869a555dcc34f01e3714594f25ac814428f2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_520FA7AD0A5B7A5300910F5BBDCB6D0C

MD5 b7ebe3aaf61e0817e30b7b206ef0b225
SHA1 35275a8b0740490e263f4ccee91a7b1e7422df9c
SHA256 a99d29cc628c0cbf865de0a27d1b8387afdbd9cecee636e3be961c2293477073
SHA512 cd18cd12593324299b85e16564e11a0ce59a4c4ab573adc438955f859dc81ce0a03036ea20e668ef0f7b36a36c7a34cdc3d85160e67275a85cc0545ae1e6ef8a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_520FA7AD0A5B7A5300910F5BBDCB6D0C

MD5 0f7a4f82f4d2d776d2a4a74e2d15f5f1
SHA1 14fb8dcb6dd062f9db7715318d01fd0d754a0044
SHA256 cef8b0a64ab058812f4ef1b92d82fee58ec5dc58bf3e19443955b2a3136fef54
SHA512 e7d47ef13fb63abe139c56f5318356b256f1efa2ba2689666adaf62266926cd86d3d4a7da36c7d960f0326242df0edcf749c707f948b0472bdef4bed7598e7c7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_520FA7AD0A5B7A5300910F5BBDCB6D0C

MD5 edba3efc0cc4bb8225f492f4135f6faa
SHA1 ebfe2fbddfd11369114b8114b5c9c68936c97d25
SHA256 46970226e89d1b4fc960c13d65e0795550f79586721b842de72774e7e53438b9
SHA512 340fabc24af61403c451b37f3da8c11c312d284c170f1407cbdf5d74b0a231933ef66cc333c058e031e8209f06b23d8d827f9080a7b4128d785140927fed4bb0

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\05ZIV8W0\favicon[2].ico

MD5 f2a495d85735b9a0ac65deb19c129985
SHA1 f2e22853e5da3e1017d5e1e319eeefe4f622e8c8
SHA256 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
SHA512 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\02cy2i9\imagestore.dat

MD5 d8f8ddfb1e3eabf22ca767b6d5211d8e
SHA1 48fe8d616d05fa89eb47f63b1d0bec53c05c7e82
SHA256 accfaca864142d93ed8c904b50081f071d8c4ba6e21b8b6628e534bca8792716
SHA512 5633b2709c345ab353764bf55477de8385f0926ee162f1567b62d9a71f89c25e3222584085c268a403eb5bf3ec9264420b3f60e403504e77f99244cbb8731489

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\C8MU1IIK\accounts.google[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\R5LSQS3P.txt

MD5 ca978aef15dfc8b556e0d802d6727889
SHA1 cb3547a79564ddcc3896e459deb8d56f8f978fee
SHA256 9687d1654a77ffac271b11fddc7543b426bfa3ed64ce926c6f0c0f61743fe7bb
SHA512 746ab34d5f6bc1e7700a47494d4bcf52b0556e85e41996a75b335e91d533d2b2bca4a77961d1c6e1b9127478e378e0b15d2fb49f8ad2d4d43b7998b067cd86c9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_77B1CCFAF3D0516ED1D1368847DAC1ED

MD5 86d1e359c23ab2590f2cc9c20fa2c8df
SHA1 84b90228cc0e2ccf0bd536ff8bff60bfa9dbc0fa
SHA256 2212ada0e50bd5e38a2d8b8ad1b3ea20dcd90b2826c16d46bf648c0fb1126429
SHA512 12fbeabc2490530106e41430e8aa8dbb0bad6b298f3c69716f4292fdb3d55c97297f9ee1d251bfda647c767f2b647bdc846cd6707c18d96d6ad958f541a8b82b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_77B1CCFAF3D0516ED1D1368847DAC1ED

MD5 e7fe31bad79b481922a317c31fb28037
SHA1 17a9c0a0f76f74b07451e4721888e1940bbfdc56
SHA256 e5da0939b08b906e5661916c69cff303c3c51016ca208dce7d00f825b35ee984
SHA512 a03726291ff39c071a2e7e46d21e3b0d629dc6e8701caa315fa912f450a5929461d3754c19189cdb81c8d9912ba76b3c27799eea1ccc361fc843d295b7623c76

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\05ZIV8W0\4Kv5U5b1o3f[1].png

MD5 a81a5e7f71ae4153e6f888f1c92e5e11
SHA1 39c3945c30abff65b372a7d8c691178ae9d9eee0
SHA256 2bc7a47889c56ad49f1b8b97385d5a4d212e79bb8a9b30df0665a165f58b273e
SHA512 1df32349b33f6a6fcb1f8b6093abd737fa0638cdd6e3fd90a7e1852bd0e40bc2633cb4e13c4824fb948d1e012e5cb9eed0b038b121404865495d4e57e123db69

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\02cy2i9\imagestore.dat

MD5 e37a8f73a2e4a0623df08a6c37fb0463
SHA1 9bc463d9478df72050d472ea030657bbf9b0e1de
SHA256 8735b6e54b5aa4441069498ef0a415bcb5124ee3ac217a7dd603bf4fb8b30135
SHA512 d6ae87c0e49e88c9e6db8f63d1267a890ea88fff7205ffad6d20fa2b0c9b31fbf031fc50e9193bb4e34d7fa2dec4c9bfcab084e7c1e2043e73d5b5d6175ce419

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\05ZIV8W0\favicon[3].ico

MD5 f3418a443e7d841097c714d69ec4bcb8
SHA1 49263695f6b0cdd72f45cf1b775e660fdc36c606
SHA256 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
SHA512 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\02cy2i9\imagestore.dat

MD5 2a1041bd864d3c89878652531ba317f9
SHA1 c29ea96c7c4a4fc847d8eac888152749818b684d
SHA256 41d028874136c44ae3791b1534a4ef38b95d605a866354b23bc78acf3d96c132
SHA512 c6404b42da47f0b564d644f9952e2ab67e53134d9ae8d0de1f79f24eb14455d4fe4adc899035fda0033cfa10c9c8ff5a8c191bf78944e66871848a522a160e24

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HVBRC7A9\favicon[1].ico

MD5 b2ccd167c908a44e1dd69df79382286a
SHA1 d9349f1bdcf3c1556cd77ae1f0029475596342aa
SHA256 19b079c09197fba68d021fa3ba394ec91703909ffd237efa3eb9a2bca13148ec
SHA512 a95feb4454f74d54157e69d1491836655f2fee7991f0f258587e80014f11e2898d466a6d57a574f59f6e155872218829a1a3dc1ad5f078b486e594e08f5a6f8d

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\02cy2i9\imagestore.dat

MD5 2ff26de0189309d34c56144b5e1d2717
SHA1 b9257ec689042e554ce7c1ead05c108fc2edf309
SHA256 f45c2d1c6fa81458a1db39500567283eab0f29f967c7dd3069862d1cfe94d897
SHA512 0859c840927270096335dcb61862ae5b910ab7a1287d5b715ad2e9db5cf4b5e57ca35bc0a15095ff64561c8301058570eb4362494cc829da98862ff4a172dbb7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 907848ec16b36ad58ba55e0131b1be48
SHA1 09fbb9487bc62206534970c34a51df4ce35670c2
SHA256 438e9ab35662b2e710c16d8d234219105becb1abb84c605d78446d935b7dff7a
SHA512 428189f97c53bffc0540234353f8302b7d73b1b7d13892924ed9cf8da72443610acc1388af98f49b8a9e214da7035abe1469295bf7a989f047886151f9381057

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 64c7f04143904b3726d82c5ca99700bd
SHA1 278cae39efe34e30d77bc567aeb074a2cf7a9aa1
SHA256 49dab92dcb88ce3934a5d4b7e2459d98910cc9d5d683e2bd6bb9b2382010177e
SHA512 6f8780e7a541df7a0e65a9bf32a0cf800c58d1e89a71aa132cf25d12357441a69ddd253f4a043ef890c58e1716c844a06ac0eb9facc419a004712011beb031f1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 20e09f2fca0c28ccfb25b5d8f4775db3
SHA1 2604096cff8a220126205272b3f43bbd06701978
SHA256 3f994a2e14ff6d820e52ea81015a1c6c2119b68dcb19e491b9c82be99e7070d4
SHA512 395cc0c77181ff6f9698800a3f67e523857921673e8a3c3c7500539497088170b85f8e1ca8355145ce4186b75a2caac4a4ed9fcf280afd5cc8d255be03a54bd0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3ca25eb7425d2cba5fd2b31b0811224a
SHA1 b452c62d3cce61130312f0f42a8795949fce9bef
SHA256 407c3d4a9538bc1354f46590474b01833b4808c77b7dacf943b26befe1db008a
SHA512 7cd56cf6262931ec180a9d970de9dc7b6b14f6ac1e682ae13a486e53eb0f3f15d44e1dd227ddc50bec26007cd547afab6a240c3869a21e72f106f27f50be5fe6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ab3e227852516d16b4c0e02271c6a0b0
SHA1 1598bc6bab09c1e6b6ed263dc69722623ce9e3ce
SHA256 b408d9454b3d8becc233614d4d78b367e467f9769e6f49aae4db5dba70b0fdcc
SHA512 3abc17cd699c16bb52d9b62114f7db7476da555fe5722af5b05d91acc7413a601cfd969e1e7c5770c65e73eef2a083ff33ab0facd0e1de59c68970250e3e3eea

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b4dc38e548909769f926d5537974364f
SHA1 184a81a88a36d8a4fe153e3a52461147a4eb4e5c
SHA256 abdc384aedecf39356516a1bfa41ab534991d0b73e48b1a918a27f9b75f5628f
SHA512 f9696978c7cac0181656e59bb64d72f11a282352f896c3ddd153ad8af8a0704ed8e00c5c552acb58aa6026c0258815ddb681192822f6d08b8701cf1ccfaf11b5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a883450271945d2108578f9be1394615
SHA1 3b3dd3c87f88b32b6d46620c8e21b96fe3f62d9e
SHA256 bb201524284d2d75030c775854e15c75839d2f1009f5148e06d92f9722c041f6
SHA512 3bfc837542d1e66b7abed6d28422402b6daa3b38b0e91e56b82f9ca4cbe9c724d0146ecaec39c4d460073a5cb65e9671c1d7d856dd72a7a3a54c60a86c8edaaf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2ff44cbd97f2a878d221b4b05e0eb4dd
SHA1 1c36b4ea62f0b04ac7f22414b29448afb6cca93c
SHA256 13e340cdcd71cc2da47f17d8684e1b319698c334e8d6d85b892f0882b21442f4
SHA512 fbade233e4efcbc9c3e219e185538847c94e6ea6a5f9ce1c4d33e8f62034df1763884ca2cad10c4aa1c41a8a80807f3f4844ffe6dc1e452a981a1acbb2f6a299

memory/2060-823-0x0000000000860000-0x0000000000861000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 f47e890b4447a4ffaef3ea52bdcd0bd7
SHA1 9ee3172de76a6579b4392c1d8e2162ce1f6d12b0
SHA256 993cb26ddcb4f560d0192a962cd11edc0298dbc861b5944961acfc587a991565
SHA512 b827ea7d27d114112ea927bafd81f2c2b5b35c17ba1872091c1f0d8f5e46d245dcb45e436b9bcea42a7f8e8ebc5dcdaa56a2620ee51b36d189cbe028a85da9ab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

\??\pipe\crashpad_2696_WDKGUHRFRIHABXMC

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\b6376cfb-5cb0-49b8-8b17-1043b7f9f566.tmp

MD5 af7d0895afaee3ff6cc40a22e6eb1046
SHA1 f3bf9a052aff321790e59bd87a44f830f4e5c16e
SHA256 3022820ed54114e470a1eb85a62952ddd5efe4b00c98b787bd43dc84c48f450e
SHA512 074eec68fd06374607ba7ccd4a8ccfd874c56f7496956be16254f9ae26c2d20cc2404983928b6675a6a8fb11950711368fbcd0cff3e211b8645c28511dd64d3f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\775950e5-afe0-49d8-928c-e92daeea8cd7.tmp

MD5 ab80632a0d9c8656433827486c0d8035
SHA1 60ae1b0dfbdba8af43e3958c77e3d75ecbd9644d
SHA256 24d222fd9c23bb89a0cf156d9df3957559e3313ef4fdad512d02df50274030f3
SHA512 809d3e183c60b23f09c9246d84dc3b8465cc66365d78ce1a48ea264ece0509b4c195a3f600ead4636bea1d4ea501b2bd0cd037d8b90a86a242636196e717feac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 bc6142469cd7dadf107be9ad87ea4753
SHA1 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c
SHA256 b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557
SHA512 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_B88EBDD1C39B7C1DDC0A20A63167EC66

MD5 240ffb0f3485ec262bd4600a38247ae8
SHA1 ccffde5ab42428bed75a8d72284b2a9557f9296b
SHA256 895e307c1018519ad38b2b3a78d7f765f52c6a372db2d188ee0c8b2233ff1beb
SHA512 3af90699e1153dbd116f311271e705a62006f1c2baaf11ce28e383c9f4aba824cebcb551eaffef300b2f1d0e8766076d1f9db8df44a1ce22988924fc3c538610

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_B88EBDD1C39B7C1DDC0A20A63167EC66

MD5 5c64ef67dbfb7cc8d36cd79c5827388c
SHA1 7ae7c64050974c546e222e6b7b1c278d54c8a019
SHA256 04b6cdcf60a262859e8164a4ba9e52d0f32c60bfd7a9d095ccbecadb9f3710ba
SHA512 23cfcf6bcc432cf157752bdab9fbf965398cc2928db8f8bb59338acff81f11d0e8ed3e2904d87f33a2c23a78c604c8a3909e16162279e3cd3d9c694080009f43

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_8F986B155B6342EE1ACF678AFF6889B0

MD5 f7d914adf21074031d7af5a101547150
SHA1 8a46658ef7e9eddc3ff3891296347f8eb4a8b2f4
SHA256 a3073ad6d706ccb7851a9b38fd5a76ba409f26c76a0a62a1bf1636f461e91246
SHA512 bfd386577cd16ef70cb900fc2a3937debd698cec733b4e98e68d9a27628cd19dd0db3ec2edae667a7dd97d094c9643f565f9e84ed068cc2f7ca5f7eae608d9b7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_8F986B155B6342EE1ACF678AFF6889B0

MD5 a8821c0f41b5b80b5007b52d6321e5ce
SHA1 2db5c0a0a0c0bb23d6d1f11583828b6853d4cb25
SHA256 cb456799dedbb9ddfd0eddd7324ddab1d2007a7ae5765b4384ba80e17a7988a5
SHA512 b479ac397060b3c41a5abe85130c1b220a7d1786da9eee68e2b5bc0ac243b5441b79163e62b24524a24fd0e742916da3bd89bcae069e86ac3d4c170bfb39b27e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_997EF60E169E8C5940EF03DB77C957EF

MD5 efbb6be4fc09db77a672de677a20a7f2
SHA1 99b6c5d6149d616a11e5078eec5ca705c28bea7c
SHA256 7c51aa7281a111a5ea40339008b2b2a836c11d504dfce2467cebe17cf44346d8
SHA512 e32975a4d3678085112a72fae804a040e6f5a82ef7f614d2320bcb1d1833f79b40bcb3dc27130ff7927962b2f9de25b3136a5c090775d1633432a2d9052eacad

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_997EF60E169E8C5940EF03DB77C957EF

MD5 85382243c343250fefb4035f512d2666
SHA1 6c4a7c05e92bd187e9a1f2b06f6ec9edde0e9e58
SHA256 0481f176b802a055dd59b39771bedfc22ba4fb03bef0736f6b44ff016410d6ff
SHA512 d07009b25de58cbc0bd67910481f2d7c2a06b4bcb4632b4daef914a850d618194b0b059d6fd02e33162cd7dc163a9f08c9f7e24a716d69cadfb3ad423253f8fd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 b9c95c6c435eaba86655163108b01872
SHA1 78d33c90c2aa9bed80c8dd6c1bdfbfc3d838b5e1
SHA256 23a19165e511258b355fd80e5463bbb520b23229a02d0be5139a28f5ccbe48aa
SHA512 17940fd6aa7a9f89abf7de62de968f7261003714fd3d9cf0df54ee2b91d116cc5295e16799f13b2cb6d5b6f91d9705ffe9009663e3a318bdc8405b58ad037335

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 e8f29363c1cb4341d86fed44b28eb254
SHA1 1031203f0b7830ed5154e6511dcb8da94c8c88cb
SHA256 74fcc4600166e909a8f2519db1532fcdb95ac059055a74b5ed1341ac5fabbadd
SHA512 ab9f9b3121f7c0a016692d4e5dd576557dad80409c1dc4a087bb8d7b39a20a47b3d04c47a7dfd24cd3ae5911b0f61d1500903f8d645bae0713f6cfcb0049fd37

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\datareporting\glean\db\data.safe.bin

MD5 09d0aac98c0c5ad0ac9bbdcc7a1ab3a6
SHA1 ac56be1ca2460ebbe56518cc75e8b07ee2a91be7
SHA256 23b20b9afdc4f4b0abfed887ce212aef17e233f23c65bd0d5a5e951cccb64a1a
SHA512 10edef7fc2f2a5e71035c155c8f0622dfb673b1b7a635b4ad52d92664a43569a4fe7a0e50ae2ca9e7c16b06e009f60d6a846b04b00d9eb6997b7c8454d105119

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\datareporting\glean\pending_pings\f53a8b4a-1ccb-4669-a75c-14f320b2b0c6

MD5 d76b24b271977164eaea7a6bfd31b9e5
SHA1 95a518684d89ec886a770b6552f2e7bd21cd6630
SHA256 eda84db6887cff84ff62c144becde95de422f58c6bf94836884b08689e50d702
SHA512 d89634a8c9247a92e4f833e0be7c733d0d52f811a8ab352d9affc3979a1046a3ac1b25f36a8bcea25335f97d79a5a598fc2ddd6eb912490fbcc0ab479051ceaf

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\datareporting\glean\pending_pings\53b2563d-5c16-41f9-9ebc-5f3b3abff539

MD5 c645f9553c2a2b8b8e9f55f02dd19824
SHA1 504c842ab82e43fc20b40775a7d5734ced00f05f
SHA256 02017362c697af8ed26d05883dce2cb4ad199ab28f5d0ede31c9e02ba7925a09
SHA512 feba2b1282df2768b03e4d30617c07bdae8a6f8094b5579a833772e360fcc6caf8d5598aadb67dd4f5803a8b7a7336e79fa4935af5945496ab840386d6d4bad2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 830182a1d1f31138df0870f94d5658fd
SHA1 6ac5574e71672a8c5e13600d8b669e8d61674047
SHA256 89f2518b214c0fdfd7612ca69fed0244705ea6e71669ab8657b69e101a17d739
SHA512 1ad0e6566de996f732e09948d622d76f52ec6bcb3163c6f66912b8f9ccb25a8ec94b940b20a54df46d8204fa274d045bb8cf72f6abe5acbd9ba894870e4fdefa

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\prefs.js

MD5 845c05a35f79c4f854fade60a64faa31
SHA1 c0ea532f6f768ea5abaded3be12f5cf9b3355f9f
SHA256 7655aa92c678b351de0f98d521f898e0f4b84f44bec67e1e40fa228150ca6710
SHA512 b8eccac78197eb6027fc292c4ca6b0778f207dbd16e5a943c5e3f10f0b7cc3a084dd4884543e327022bd02c4d35e264f1b5a774cc0b9288f39b7d3cd5884feb1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\sessionstore-backups\recovery.jsonlz4

MD5 98f77445d14ed5d9a98c4c9ea69d617d
SHA1 b9bcc54fdb6dfa21737d68e9816be0fb7b3d12cd
SHA256 e06099772f1501c07067e630cc6456a9573cd17f54ca820c09949fe7eb781b43
SHA512 555e28c9b6cf2a23b7a334f2c2bb6bc00ad42f0adac1bd7e2ab95c8a3d5e1da9b1f83250859708861c36db3f1efb81af86238c9d11ecc5a0ba0f6d2278c362f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf768e7a.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\prefs-1.js

MD5 b25bf0cece121a2c315340e9fe975fad
SHA1 77a10338645b74f93b7f4d284103e25052475146
SHA256 dc36e0f9616fef782ae570fd84cf74fad9b43d1dc357b687c52756a52d3edeee
SHA512 c0cceb08633b80a1005b2e5cfa1cf274f0ad725367ce40b46c3313c28689493ed57f67f4f37cd703a2b512d5e2fe73ebd8cd535bd3a1a9dcfed370e0a7c9874b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x7a5o34y.default-release\cache2\entries\DFF427F3036CB4FD84301A0F4A7459DEC961B2C3

MD5 2ff8e8900a7e571c9335aebdd39e34e8
SHA1 48548a310068bef5642956d77687f423c1e335a2
SHA256 d2e473b2a49fd321604048ff2cd195f562f84445712d0f79a570a882b8c87f55
SHA512 4538cef27e2fef7c1f50d48f6fd40918f37a82e73c1c647a828bf570ee4d2a5ae44d16cc29da74d2667877b714f861aa56dfce0ae5f871814cb0771819cd53a5

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x7a5o34y.default-release\cache2\entries\B244729BC80B4AC34542A2CF7ABB28C54E8B5AC9

MD5 6900201d15b89412b51508b571b79b75
SHA1 4c4a775d76e1432429a0aed11936a1341aba0eb8
SHA256 0ced916f6d50a97a1bdf19c09dacfc4a95b252343cba7ab433352fd92ff802bc
SHA512 6b7e806c0918527e6c88ff1f71341fe61ce3c8b173722c1ad28c564cd5a7994b98a6c4840d7941ab472ab5614efc926fad9b2bd3afd8489b86fa47dbf9d1da5f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x7a5o34y.default-release\cache2\entries\5386253589D09F6437E215B7DD9D35AC8A9667C7

MD5 32141b10c79b4de1cbc50542e92a0867
SHA1 0404e52d8b70b10ac2b780cb90e2c12aa952bb56
SHA256 44f4124ac6ddad5b6bf8491b52e82e69d558be229f279a8de7e8a42abe2bfe20
SHA512 e26a5a52c5d6f76d8f2a5d6321e223b7ee731f6db100aa5753c475f56396a692723bfe2de3601a9c97ade66d19832b2496b7d1d459a84328b7558224f80ce1ec

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x7a5o34y.default-release\cache2\entries\70F9110B15BE4CA3789C4E686EFE371A84369C0A

MD5 ea0b9ee0fabc34fe6aa1e2387f9544f4
SHA1 fbfec32fd5c918ce290787b51abb38b16aca1b63
SHA256 7f043cf7146ae0566f92714c44287b58869468ef100813d5c7af3b4f52e682ad
SHA512 8de874815a2e3b214d211962708d50207ec2a72b570c8f4fd7c22a1cccdba2ec8eac0245936a12fd348fa5ac4c5adc1547811029648b7e76a1a307f6c9a66ae4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ad0775ef5438bfa71d274cc7a0aae8cf
SHA1 c30bd353a6d6055a82df362e5f747f014a0f2d54
SHA256 984df689e849150cbd5dab2af6b9964f1babf48e32530a7000d915d3bde600c2
SHA512 f29009ca73f2a6ad52fc41a64d5683de9c438137ac8d1790f5f1837f5259b54f57763937790dd943e6d370a54dab72083164623cc67a158e4310b29e3cf41700

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\storage\default\https+++www.youtube.com\cache\morgue\11\{c3b2c787-3b13-4de3-b098-2a3e2a2c6a0b}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\storage\default\https+++www.youtube.com\idb\460544143yCt7-%iCt7-%r0e9scp6o.sqlite

MD5 54b240c88529de726d21163c720f9c0e
SHA1 243ae7aa4fb04d51a3e917fbbdb1a00313bac182
SHA256 97699ed1c70ef4457c195ff54be613c66e8a5c5e7b6f37b253f09a61a9d7ee96
SHA512 9cb1736d6860c4334d336dff3c5f7bb345a46cf971fb30813ff0cd503d90405376b0b4f58f93473d6286997dd46ad2a4160cfe887275ef091359942068ac477f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x7a5o34y.default-release\cache2\entries\B3316860430DA0966649580110E85D2FFB7B5A61

MD5 a52787b4bb46ba00a51a82a3d2862745
SHA1 403540a6f0ab4ca7c24118c0d0d42885a09c9196
SHA256 461e9a551b6078f72b3ee48fbf90852816658f9096903e7a9e9e99534d869206
SHA512 7e8c55fe4009b8b74e562f3fe0c59310e65a137973536a52ced024bcee20a804bbfe2cd8e73b94965060149b10f5344195359d04d703b5d43cea322888cc4370

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2a5612e31bc6df0f7c2d701da4ef3e8c
SHA1 aa2180db0b7195699a79550c91d43a9abab6b4ff
SHA256 fc083893ca8307dc9921d5f20058b588429f1218b140da320d5b04733024b572
SHA512 5c0d772b18bf0e9e3fdd558333bd3a5a11db17125ce7cca85b9d889a5b17f40ab6e9d150c2181b482bfd4e56e5b67e5951ba45cde620978bd550466773cc3a70

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\sessionstore-backups\recovery.jsonlz4

MD5 1c5eb5225a71d406895382a43b06f1f8
SHA1 4d886bc981e9c11d354f921c5f0be11fa97d9ed5
SHA256 462df5d2718e37c59057ce8700e796a836637c0a0fe6dab3fdf2217e7773b752
SHA512 e428403492be4cabf58aea617dbd3ff959057f5b32d615f6b9434fa43775deb79efc786863df5c5d95de224cdad3cf4a61c3ef77e0dad4f2158e9e199bab8655

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\prefs-1.js

MD5 bc9175e1f745c63e0f87f06f2d5cc21d
SHA1 85619422468c18ba3b4e5874d0dde416450b9d4f
SHA256 465a695ebed78d9c10722bf0e9c079cdb2a334200e263b0d2aad1a20510e2524
SHA512 66e8353d087a5d533d2da68be0d85147aa0da8d4990fd1ef40d92d53cb937811c1cd68ce7ff23f9df6d7a56cefdf0f10a6242b81a359390d51924a026f44f615

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\sessionstore-backups\recovery.jsonlz4

MD5 de81391adb41611b44d0f2ecd344ee58
SHA1 f82bfa2b369d697374229245b112bac7df3a0414
SHA256 0c6c6cfdb76ced652794bbd1eed0ff70d06a431c133d2f9f0d78f36e30f5ed99
SHA512 2a89a64f52f04eaf9ede05f051133c208ec88a3cccefdaaa58d820942eebc477afc665dfb18c70d88451bfd6d6335490cc0cfd819716ca20f985a1f259a2fdbd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4c565b8dd7611b7899f02eccf2ac25c4
SHA1 08949d4e64e21b68fcf81cc28442d3ad91f96199
SHA256 d8955918b9494a49492c8b1160d47c8c969b0eb2488ea116544887f3285ea25a
SHA512 f07abc8ee90b9dfc52bfadb8d8a16a287aaf9ca30a4340eefa20f9232713f5890887b6b007cd3a117341d2818f509dc8e66caeba146c3fd68d695bfb8e0f1968

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\prefs-1.js

MD5 d89dce7866e07664ac2ce256272a1e61
SHA1 c508c219cd3b4b79cec3324a39227a4c46f11a41
SHA256 c05be4d59e87fc56d2647bc43610bc088afcbaaf583472da1176a591c03668d8
SHA512 3bf8bf8b5c8005a63a80dc3cb0d790c9402b6e76e22f3892a45f6fb7da11c1d0e7b01f88055daa509966d04cc26f1e1c72860f7c02f2558e67653a0b25505034

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\dda57177-b637-4761-92f4-94676b71971d.tmp

MD5 8752cab19be257fc882991ddc455f615
SHA1 f207eaa3ac4e09a2c5f7309553537db60f18f8a7
SHA256 45638d9f7a9de84917e77d181d717ad7503f48fbd634c7cba9e5fdc51760dab2
SHA512 f1843f6a51c2ec16ef115031175bed1647c164980ba931c0859cda8abd1710407bdb9d81bc5488c230b85c10d9e3c7a775514f92ff842e21dc0ea67575b91266

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 61fa89f8999fca3204c33b4acc95662f
SHA1 3cba836a0d3e6cc3346be6a1ba2940fea9e88df6
SHA256 6d6f1ed7a9a9dbaba376a37a2f6bbc52f41b4f9ec4df7e69bbefe2b5cd5dc50e
SHA512 0cabfd824dd7a1d48209f4c6b76533a77cfb32dda628149aafd332e2f0bfe578092a41af52d392d771fbf0cadb041706b3c8556f8e5c122876f048bbbc208eaf

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 821026d77d9b1c897e42e0fae9cdfff3
SHA1 814914e9e1d0af44ac38970068205cdf3dcc2a64
SHA256 a63ed296211a05127e81b889fa7cc04828c6dedb6490d04f7f45ae2e6a7a7864
SHA512 2533a807b875a4ef333934284f3492967849416f0b02318ce49e8b73315def5d11af1e3c72211d1fe262bc8bce41411ef2054c2d7febf1ee75f63efb0ea84a21

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 343989770ef4c331b7e9260c19408c25
SHA1 6dbfb2b9e93f1bde99e152ebfc57de5a38db5ce8
SHA256 e535fa22d62d3d26e29fdd14b5f6b320de05d4cd0b0e36cf427da3bb57aa4b3f
SHA512 5abbeed3a3d02f016c6a1a05192955f99a6a71587e76476d90a823babbb90566aac961c749f22c76e16576736b9a3fba7ebc03f4b8c4d1e91c541ba715bb9e7f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0a524bdcd67cb0ad4b7a6e564a42f3f1
SHA1 a1106c2bd135fd42c8fffed32af3bb78aa625ee0
SHA256 571a0906895e0269b9d49ec4816a5b59be46f806dc975674df294a11df83d5c9
SHA512 5f0e24463ac60bcd94d09fdd3b2da9b8d3df11361fa53093becd3ecc86a99b57557f6151d48e5ce77752740605f54dfaf18a0636ac8b6d293c907cd2682c7bf1

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7331958697f0395bce0e92e2a7222340
SHA1 00d93b44f70caab18b0407b15794ca213f3755d4
SHA256 b866136f9555edb939d4de3c1f6e09507259b1b56892ca5b047345dd7ba2c81d
SHA512 d269e26352f8b9c8877e2112ff2e2bc38034a2c8498361d300942d63276df8c3a4db1cc31298df481d6a60db037f425c07851865fdd7eb76f68dd5e552b61bfa

Analysis: behavioral2

Detonation Overview

Submitted

2024-02-17 04:53

Reported

2024-02-17 04:56

Platform

win10v2004-20231215-en

Max time kernel

151s

Max time network

156s

Command Line

"C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133526192892512796" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3073191680-435865314-2862784915-1000\{2F4BAA04-D5DB-4BAA-A355-3D4B5F98CEAC} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3073191680-435865314-2862784915-1000\{953A1044-A1D8-4F1E-9B57-79DD971904DA} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\system32\svchost.exe N/A
N/A N/A C:\Windows\system32\svchost.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1120 wrote to memory of 544 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1120 wrote to memory of 544 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 544 wrote to memory of 2968 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 544 wrote to memory of 2968 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1120 wrote to memory of 3052 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1120 wrote to memory of 3052 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 3428 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 3428 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1120 wrote to memory of 4460 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1120 wrote to memory of 4460 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4460 wrote to memory of 3028 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4460 wrote to memory of 3028 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1120 wrote to memory of 2040 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1120 wrote to memory of 2040 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2040 wrote to memory of 4812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2040 wrote to memory of 4812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4436 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 4436 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 2252 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 2252 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 2252 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 2252 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 2252 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3052 wrote to memory of 2252 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe

"C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ffcb7ea46f8,0x7ffcb7ea4708,0x7ffcb7ea4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.linkedin.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ffcb7ea46f8,0x7ffcb7ea4708,0x7ffcb7ea4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffcb7ea46f8,0x7ffcb7ea4708,0x7ffcb7ea4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffcb7ea46f8,0x7ffcb7ea4708,0x7ffcb7ea4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,11173814721946632570,3169293910258484764,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,11173814721946632570,3169293910258484764,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2836 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,11173814721946632570,3169293910258484764,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,11173814721946632570,3169293910258484764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,11173814721946632570,3169293910258484764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcb7ea46f8,0x7ffcb7ea4708,0x7ffcb7ea4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcb7ea46f8,0x7ffcb7ea4708,0x7ffcb7ea4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,11173814721946632570,3169293910258484764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2132 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,11173814721946632570,3169293910258484764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4732 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffca7249758,0x7ffca7249768,0x7ffca7249778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffca7249758,0x7ffca7249768,0x7ffca7249778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffca7249758,0x7ffca7249768,0x7ffca7249778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2212,14302798028941428137,1542969187560716282,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2220 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,11173814721946632570,3169293910258484764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5096 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,11173814721946632570,3169293910258484764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4976 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,11173814721946632570,3169293910258484764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,11173814721946632570,3169293910258484764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5296 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,11173814721946632570,3169293910258484764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2200,7322379964307389844,16349811180327336432,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 /prefetch:3

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2060,4309132797436721577,5623377144384296357,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 /prefetch:3

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2212,14302798028941428137,1542969187560716282,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 /prefetch:3

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffcb7ea46f8,0x7ffcb7ea4708,0x7ffcb7ea4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,11173814721946632570,3169293910258484764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5904 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,11173814721946632570,3169293910258484764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5776 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,11173814721946632570,3169293910258484764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1100.0.985893811\1509510567" -parentBuildID 20221007134813 -prefsHandle 1816 -prefMapHandle 1808 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1f493f6e-f477-46aa-9c59-05f04b1e0731} 1100 "\\.\pipe\gecko-crash-server-pipe.1100" 1904 2acff10b758 gpu

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1100.1.1520121795\65807881" -parentBuildID 20221007134813 -prefsHandle 2356 -prefMapHandle 2352 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8c09e6ad-e8b6-4b0e-a7b4-873447b60b47} 1100 "\\.\pipe\gecko-crash-server-pipe.1100" 2384 2acfddfa258 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1100.2.765242305\146084143" -childID 1 -isForBrowser -prefsHandle 2920 -prefMapHandle 3084 -prefsLen 21603 -prefMapSize 233444 -jsInitHandle 1140 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {af7ab5c3-87e6-406a-9361-c76e3efad6ab} 1100 "\\.\pipe\gecko-crash-server-pipe.1100" 3032 2ac8461af58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1100.3.336219110\633086160" -childID 2 -isForBrowser -prefsHandle 3516 -prefMapHandle 3512 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1140 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7182d969-5cf2-41fa-9a7d-356f9e4f47b7} 1100 "\\.\pipe\gecko-crash-server-pipe.1100" 3528 2acff606558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1100.6.550100309\2120247122" -childID 5 -isForBrowser -prefsHandle 4232 -prefMapHandle 4236 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1140 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b92acb0d-6640-49ca-a79d-b396858f7b0e} 1100 "\\.\pipe\gecko-crash-server-pipe.1100" 4316 2ac85d3b758 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1904 --field-trial-handle=2020,i,11129564189371376284,1863727904460369391,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3040 --field-trial-handle=1880,i,1845355805983674082,11078084868904595510,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1100.8.1011194865\35204140" -childID 7 -isForBrowser -prefsHandle 4284 -prefMapHandle 4660 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1140 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f740f1db-921a-4a47-b389-6fb1c710284b} 1100 "\\.\pipe\gecko-crash-server-pipe.1100" 4272 2acf405f858 tab

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5096 --field-trial-handle=1880,i,1845355805983674082,11078084868904595510,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4936 --field-trial-handle=1880,i,1845355805983674082,11078084868904595510,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4072 --field-trial-handle=1880,i,1845355805983674082,11078084868904595510,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3880 --field-trial-handle=1880,i,1845355805983674082,11078084868904595510,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3032 --field-trial-handle=1880,i,1845355805983674082,11078084868904595510,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1100.7.1530393564\302817999" -childID 6 -isForBrowser -prefsHandle 4512 -prefMapHandle 4516 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1140 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {dd124855-df33-4ef0-b5be-2dafbe4c0e66} 1100 "\\.\pipe\gecko-crash-server-pipe.1100" 4508 2ac85256b58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1964 --field-trial-handle=1884,i,13107055329548529531,12318602861068443071,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2244 --field-trial-handle=1880,i,1845355805983674082,11078084868904595510,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1700 --field-trial-handle=2020,i,11129564189371376284,1863727904460369391,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1792 --field-trial-handle=1884,i,13107055329548529531,12318602861068443071,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1100.5.1588027851\870766945" -childID 4 -isForBrowser -prefsHandle 4060 -prefMapHandle 4064 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1140 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {46b33c89-2ada-4fc2-b28c-00061098aa4d} 1100 "\\.\pipe\gecko-crash-server-pipe.1100" 4048 2ac85d3c358 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1100.4.1725110135\346677734" -childID 3 -isForBrowser -prefsHandle 3660 -prefMapHandle 3664 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1140 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {13ec0bfd-d6a3-40c3-b12d-cecb525ddfe9} 1100 "\\.\pipe\gecko-crash-server-pipe.1100" 3652 2acff6d3558 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1880,i,1845355805983674082,11078084868904595510,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1724 --field-trial-handle=1880,i,1845355805983674082,11078084868904595510,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5976 --field-trial-handle=1880,i,1845355805983674082,11078084868904595510,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5992 --field-trial-handle=1880,i,1845355805983674082,11078084868904595510,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5416 --field-trial-handle=1880,i,1845355805983674082,11078084868904595510,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1100.9.346402217\1153165156" -parentBuildID 20221007134813 -prefsHandle 6216 -prefMapHandle 6256 -prefsLen 27125 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c008563e-b559-4974-b152-de075bb1174d} 1100 "\\.\pipe\gecko-crash-server-pipe.1100" 6268 2ac88668e58 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1100.10.1209104600\172187963" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 6408 -prefMapHandle 6404 -prefsLen 27125 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e976f34a-be5e-482b-acf8-a0e20b3d5430} 1100 "\\.\pipe\gecko-crash-server-pipe.1100" 6416 2ac88669a58 utility

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3180 --field-trial-handle=1880,i,1845355805983674082,11078084868904595510,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5832 --field-trial-handle=1880,i,1845355805983674082,11078084868904595510,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1100.11.1160394778\903632541" -childID 8 -isForBrowser -prefsHandle 5268 -prefMapHandle 4024 -prefsLen 27125 -prefMapSize 233444 -jsInitHandle 1140 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e811a72f-e08a-4d74-b29f-28f32f1aa56c} 1100 "\\.\pipe\gecko-crash-server-pipe.1100" 6612 2ac8866bb58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1100.12.1208311509\538282810" -childID 9 -isForBrowser -prefsHandle 2988 -prefMapHandle 2992 -prefsLen 27125 -prefMapSize 233444 -jsInitHandle 1140 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ffa2e22f-f350-4db0-af82-ae90c882bed8} 1100 "\\.\pipe\gecko-crash-server-pipe.1100" 6724 2ac8866be58 tab

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k netsvcs -p -s UsoSvc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2136,11173814721946632570,3169293910258484764,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=1256 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2136,11173814721946632570,3169293910258484764,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=1904 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2136,11173814721946632570,3169293910258484764,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3480 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,11173814721946632570,3169293910258484764,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3400 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2528 --field-trial-handle=1880,i,1845355805983674082,11078084868904595510,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 180.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 www.linkedin.com udp
US 13.107.42.14:443 www.linkedin.com tcp
US 8.8.8.8:53 0.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
GB 142.250.179.238:443 www.youtube.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.221.35:443 www.facebook.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 35.221.240.157.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
GB 142.250.179.238:443 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.200.54:443 i.ytimg.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.160.144.191:443 tcp
US 34.149.100.209:443 tcp
GB 163.70.147.35:443 tcp
GB 142.250.179.238:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com udp
GB 163.70.147.35:443 udp
GB 172.217.169.10:443 tcp
US 34.107.243.93:443 tcp
US 52.10.159.154:443 tcp
US 8.8.8.8:53 10.169.217.172.in-addr.arpa udp
GB 142.250.179.238:443 www.youtube.com udp
GB 142.250.187.246:443 i.ytimg.com tcp
US 34.149.100.209:443 tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com udp
GB 142.250.200.54:443 i.ytimg.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 35.244.181.201:443 tcp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 209.134.221.88.in-addr.arpa udp
GB 172.217.169.10:443 udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1---sn-4g5e6nzl.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 rr4---sn-t0a7lnee.googlevideo.com udp
CA 74.125.172.41:443 rr4---sn-t0a7lnee.googlevideo.com tcp
CA 74.125.172.41:443 rr4---sn-t0a7lnee.googlevideo.com tcp
GB 163.70.147.23:443 tcp
GB 88.221.135.104:443 tcp
GB 163.70.147.23:443 udp
AU 20.211.142.183:443 tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.179.234:443 jnn-pa.googleapis.com tcp
GB 142.250.179.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
GB 142.250.179.234:443 jnn-pa.googleapis.com udp
GB 142.250.179.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
GB 216.58.204.67:443 tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.178.4:443 www.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 157.240.221.35:443 www.facebook.com udp
GB 163.70.147.23:443 udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 29.243.111.52.in-addr.arpa udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 ponf.linkedin.com udp
US 144.2.9.1:443 ponf.linkedin.com tcp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 1.9.2.144.in-addr.arpa udp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 platform.linkedin.com udp
GB 88.221.135.104:443 platform.linkedin.com tcp
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
US 8.8.8.8:53 127.144.250.142.in-addr.arpa udp
GB 163.70.147.23:443 tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 172.217.169.10:443 jnn-pa.googleapis.com udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 16.221.240.157.in-addr.arpa udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
N/A 127.0.0.1:60799 tcp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
N/A 127.0.0.1:61588 tcp
US 8.8.8.8:53 udp
GB 142.250.187.238:443 youtube.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 34.117.237.239:443 tcp
US 8.8.8.8:53 udp
GB 172.217.169.74:443 jnn-pa.googleapis.com tcp
GB 172.217.169.74:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 74.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
GB 142.250.187.246:443 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
GB 142.250.200.54:443 udp
US 8.8.8.8:53 udp
GB 142.250.178.4:443 tcp
US 8.8.8.8:53 udp
GB 142.250.178.4:443 udp
GB 142.250.178.4:443 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
CA 74.125.172.41:443 tcp
US 8.8.8.8:53 udp
CA 74.125.172.41:443 tcp
CA 74.125.172.41:443 tcp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
GB 88.221.135.104:443 tcp
GB 88.221.135.104:443 tcp
GB 163.70.147.23:443 tcp
GB 163.70.147.23:443 tcp
CA 74.125.172.41:443 tcp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 209.143.182.52.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.200.14:443 play.google.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 b810b01c5f47e2b44bbdd46d6b9571de
SHA1 8e3d866cf56193ca92a9b74d1c0e4520b5a74fdc
SHA256 d1100cf9e4db12cc60cce6e0e2e3d9697e762c219f6068eb55a1390777bf4b45
SHA512 6bbf900b2f7614dd17aa6d5febe3ad1100851e2309ba2cd5219c5aa5af7bf830eec2cc88071d37987aa7e3f527b8df5b2d85e8b21b18fcb071baaab1a2eadae2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 efc9c7501d0a6db520763baad1e05ce8
SHA1 60b5e190124b54ff7234bb2e36071d9c8db8545f
SHA256 7af7b56e2f0a84ae008785726f3404eb9001baa4b5531d0d618c6bdcb05a3a7a
SHA512 bda611ddba56513a30295ea5ca8bc59e552154f860d13fed97201cdb81814dd6d1bca7deca6f8f58c9ae585d91e450f4383a365f80560f4b8e59a4c8b53c327d

\??\pipe\LOCAL\crashpad_3052_VTSHYRAIZHJRZXMO

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f906a018e1763630766ab1f17d3b482c
SHA1 8755b9b9f538cd5d9b3ce5c6de143927ace192c3
SHA256 769074bc0ee19c85e4f0c3e7499fce27f7c8c9de4a5ab7b5dd338fd150f853b2
SHA512 95900aea4dd4b7f1a157039b8c112c164125f17c90e5482d812da466c57feeebb8d3c18f1bc1371112ae293ade843440c27a977ec2273b100fae302592c1ea49

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 8ae25b226e0662d256cdb32f2777f840
SHA1 39594f82a6dd98b6e4a341648cd56e9efc6aa16e
SHA256 935b4cba7114f9adb0c7ae6acbc8903ec672ae318ac63c5d5e5edf857b4db207
SHA512 e529649b71c7a7fccaabc2833af3cbfc9bb15b66cc5735fc95a2bd741c502bd11af05853946d045a49d823e3f6899523d050fe7d33c485af5abccc8e2ca02e8f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\83b62517-19f3-4fc0-8df4-28547fd282fc.tmp

MD5 5b4de85177499d23ac79f3ff93dcad16
SHA1 cd8c8b3d41ac70492fe3af8dcaff2646d2830350
SHA256 518156f1bb0225112e93d096f4518f6c491cc05b2dc041bd0feade5f1d787032
SHA512 645152bade4fc5cc4200798b29e21c1e4dc8e21e6caf33272de3b66a2e105f4e33e3f318fa741c33623ebafc77e5bf412251d3198549082661d72fe53f02b4a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 1627de95cb282803dc0b52b9ac547ada
SHA1 9fcf800a7e5c8741592b76727aca257e278db1b5
SHA256 1bbcd1c33f46e1599e758ebe67768de104e9037b137b8e099f931ae1cd31b962
SHA512 450300fa08f325704f76bd0df495c5968a3d54e913d8ab42d0f704ca43dbfe3ebfb7d3e022468645a2d70695dfe85c0a344ba10fc0026659ad16e90519ec3c32

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 ee0a7a06e5d4d4ca243a084f3915cb01
SHA1 764addcbd328b530f7f17ea997cc56bd1b6e5ce5
SHA256 d2da699c5551521e8cea5f9816513ebac7205c633cb461ad360d0ad2bee8a2fd
SHA512 06d69822af5e801be422c2f015c8e57cc7f490bde312d2dbda8bb0b7380e4c4267b90311ec7edfc164a16fb7b7d1fa564f755b20a24f68b42d4693fa2368b925

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4c8408c38371384358a198efe7db27a5
SHA1 33dfce4fd714c7ad8e433e91e105558154e49c39
SHA256 2ee7b7c2479cd03dd60195f1b5158f5ed2b5595ce9bdb59ede2ae75c28c0305e
SHA512 827d7875c388ff4b346a688138bedb5e6cdc5774187a347486a8ee31f2ad2f7adc9866101c781f18ad335c65fb941d90b94a60f42103352dbcd5875c0bf981b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 121510c1483c9de9fdb590c20526ec0a
SHA1 96443a812fe4d3c522cfdbc9c95155e11939f4e2
SHA256 cf5d26bc399d0200a32080741e12f77d784a3117e6d58e07106e913f257aa46c
SHA512 b367741da9ab4e9a621ad663762bd9c459676e0fb1412e60f7068834cbd5c83b050608e33d5320e1b191be1d809fef48831e0f42b3ecabd38b24ec222576fa81

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\datareporting\glean\pending_pings\4f5c561c-a414-45c7-81e1-466eb15c0498

MD5 f70337f96bd43ad07ee4a9c03c43bb75
SHA1 bc15c8aeb605fc53f9c0b37e0030d34b3f90aebb
SHA256 57ad74301e6dfa36e20018c6454e2f67f429bda5b418f5545f987f3c105151f3
SHA512 4e0441dd859d89da2b4ee5c7510e99c602ea136322a11d6b9ee225637f886cbf49fe26b984886b3da36dd2923dbf1f097bf62ca6ac5816fa9db66e1d5f2102ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\e84d56a1-ac13-4c35-9ceb-2857467a2c0b.tmp

MD5 09726d448852f96184d7aceaf728c380
SHA1 b87aa1e751368f56a22ed980a3e15480f471ea49
SHA256 cff479a333bd3ab5b4349c16fb7ce322c7c3b915aa971e082eebc23bfcbdf01f
SHA512 e7dec5238f92cf9f57e67b46cd94b01314a54b16daa8b26ea8cc31f34d2e8a1ef584d06a6397cff03383b3a46e9e6cf922964dcb0a1ef5d13c48119c2a250a19

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\3815280e-a8b9-48f3-887b-7eca33fd131c.tmp

MD5 c33d4dd05878a8d6420d1f46aa88361a
SHA1 fe0aeb3c895dfc0e5611ce5fc5542503284ab803
SHA256 22ca3592dac39768895eb8d49d277171139891531a5471658ccf5671848408a4
SHA512 bb07ea8bb84742658eca279c4934b9d857066d59093eac04859279af0c88e1b2ca6f005ae3b2424b94f8d2f411d5a523177fe311dc37ce5c22f0edcfa09f36b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 3ce67547e461368dd9a07206e3a5d9a1
SHA1 c7cf50441038780b94d42e129ab16fea0b74e862
SHA256 c704f5e770aa5b675c5b16418fc88a1eff18352e25c15600e034e1fe80de42a5
SHA512 05a924a68872c1ae3c5285911ede6b9b537b333ecc94a98782c7be0fc28d84d58c47dea737f381ee25fb4145aa9635933cc4033d98722d2f599d00b146bc9846

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 bc6142469cd7dadf107be9ad87ea4753
SHA1 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c
SHA256 b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557
SHA512 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\datareporting\glean\pending_pings\5a8e6bae-5364-4dea-8819-76ef08102139

MD5 104370be801daabba7d510dd4fc0c31b
SHA1 47b8289b1e504821624616e829883c52b054a430
SHA256 7501baa02027975a5acc3971bd2cf3d717118a4eca4e32c4353341a3fa873a88
SHA512 736be98e5de8d3d8b33f47c6a97ed3e49cb8b44d2a503fb6607e37a445e20d3a9858bf75a6e689f2acae040a0004a18078fc535b3cbde87e1f286477957e9984

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 65ad298c4e736d6c3358a58b4c5fc90b
SHA1 676fc1f3a19d1e47318beaa2538854ea367a2e8b
SHA256 5fee65ce656675f764dabe5f271872dc18174fb9a86de4fd7a8cafe9f6038d85
SHA512 d6efb17fd7e5fed72bf8452fb372c9fd4931933d3b444c7109d0109ce5d8b537a20fc68c3e7cf01d2389acf957deaa7def98b7c736bc0824413c707f32e5e041

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 723bd24214c4bb7937b7735d9859d937
SHA1 b834d4d5f234d5641c931290152df2bc04a0a631
SHA256 b3965b530db111974c0239292b2a8b28d335a4c5a10d8a8a6cc7bf60eed298c9
SHA512 b6fd12a082fe3c7cb4d875dff3c34dde0d7dbcd361b4ed1b1d8b7779bba00e848cb6111c3509f347db8e33d5482083c8e0f98522ea062de2c2ab726981b87a6e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x3x6afp6.default-release\cache2\entries\AEC077A8DA76492108766EEE7A6DF0E84FAD94E9

MD5 21bc26386da772f1e6e657948885a2dc
SHA1 57a2defac9eee24d6fa2e52ee86c8772e9539e3b
SHA256 47aa3e88cd653775b70c93f9624049cb1e6c1461c53e3dab91997edd7a6c3022
SHA512 288ea6f525eaaeb3a98e08dd6a4e7fc3e6c6114c7fbe86de95a19376d090e413d94abd614233b1f2021deb3374bda9f10e67284e068f7a4c354aea615a97da47

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 676ab7b3453d2a10b55ecfe50e28c823
SHA1 e8309ad1981deaabd30eacc1efc21628a70c175e
SHA256 b38a1d1da13d947ede6a8736fd31a6ee06e1c8396e5ca6ec1a42350a77475355
SHA512 a4c9595ac324e3e1360ebefa49d34ef708229a2dcafa322fb44ac3df55679af0a951e7effdeefb07ab799a06bd52484a3dff60d3ac891eaccbf84957cc981314

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 1e55b628284052596e8fffcf76156b93
SHA1 18621f39d204fd3d26fadcb02a09d0f0e1ae7add
SHA256 c3e4875b09c4f7025427a4f73b181b5f8dd1ec72bab2c1e333c9bc5d725edb55
SHA512 4b67d4dcf8243079d1e756793644d1d198ed56fa5fbb943093fdb131e114538976beece04ea26bf00afcc99f8fec98b7bd0f97d17640318518aa654a74432940

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 68cb2e6186bd7189419e5eaab325b222
SHA1 bfb6a52adf4512f060f17a2adcaae98e01429fd0
SHA256 d42da533f7ac030d72579756ae8e9db088223fa9c54b8c3fcef6eacce85469a0
SHA512 7eb4feff807edeea40a58f777b11b6523e3c79a130652ef5e12bc02391fcb07c539c85dd1cdd6dded759efee1b144a53973de7a272f826c1d9a25ec9c1852b3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c488dfd66c579742b95a8ad816b04eb1
SHA1 96169d2c58765337539a6725a01fe6a0484ddebe
SHA256 361049f017d78840bebc72527af6915bf2784766c38c1e357fd147c3fe93ad6d
SHA512 21a474a47a9d78ebd30775729e5d856e9f5774f8b61801c9e9f7d68e3f8e62e1af7fedd1a64cc05370e0de13c67ecf89dc4eb1da9ffe3db6b2971ef5352fb727

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

MD5 7a204d478c8dfe822bf86f9103bbd9b3
SHA1 7114b36ea1588d9372d730b2ee5dec7a3aee36d1
SHA256 d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb
SHA512 f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 16822515111d49e2e02363d6eb843650
SHA1 3374df54189019f0cef42b8d0a685d442ac34f63
SHA256 86b4f97b88227bb5150e4e48355d56658a8414365f85aecafd2c4f4f8940b305
SHA512 0478a2d05a205089e2205cb4d5dfd1c6ade3e459c41830796d6e7fe04e188d0ae32702464d35ef6632f64ce223fe1f896480b0af08a44ebea8642b74606ee7c4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\prefs-1.js

MD5 f20be087d9c33cd04f5cc66a191ad834
SHA1 90feec3d56b530df1a36cc493dee2db1e3063e6b
SHA256 3c7b44d727ef6154229a364e26b30359ab7811e0b7ac89aaa6cbdc4ea8e03b0c
SHA512 da35275fda2257c9f84c62475a60c626b3ed72c0c9173b47ae71cc28ba2fdd8f651583776600df5f090ae8e002decc48efdc18dc9fb011c75874648b358ce0f8

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 975a987be714584599ef921b688136b1
SHA1 6299b944d2425dac0c21778823ab275feaea405a
SHA256 ad68f6a2e411aa39e5c2a676803b78af24ffa88ad670d2e9ecc39d7c17ab724a
SHA512 9cef7311df2332a845c623b1de12dd7f484c11985c12e57d2c1dfb273f5bc9760979ea3f4aa216c2cf68516c82406ec078bfacdeaa6a22c29ba5db6ce26e47de

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\prefs.js

MD5 833a5d2f6d02b11deb76f1f2a0db2a67
SHA1 11e3205f5c14f3e9fa288a6212f7e7f1447cd587
SHA256 1b7094b945aeddf0d5b5ce1c5548abe05b551fd9f93bc9e3f0125cd5a7670d75
SHA512 dbd8e02e4efbb43ca8122c5032b83aacdfc092d5f197aaec65476c2f65e121f033b538b0c6c9fba81a4b12519fe82da36ccf03d75b834c545b6177cfd5748dff

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 c30edf01060774e763bc370c2696ad11
SHA1 7b871f4995456372078009ee632e2236565ed9a0
SHA256 960e9cdc76265be6f37091023a71a23a25581e2863e11cf3b45acfce25dc63b7
SHA512 bcc7467a4bc4330964b1c45fba5821c90b27f22629153e95d241a707645d4c23648eff88c8593852f257c9260668886f788ed918f20ea73b20499fa5400ce0f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4316_129964232\Icons Monochrome\16.png

MD5 a4fd4f5953721f7f3a5b4bfd58922efe
SHA1 f3abed41d764efbd26bacf84c42bd8098a14c5cb
SHA256 c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3
SHA512 7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\0\512.png

MD5 12a429f9782bcff446dc1089b68d44ee
SHA1 e41e5a1a4f2950a7f2da8be77ca26a66da7093b9
SHA256 e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37
SHA512 1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4316_2109654311\Shortcuts Menu Icons\Monochrome\1\512.png

MD5 7f57c509f12aaae2c269646db7fde6e8
SHA1 969d8c0e3d9140f843f36ccf2974b112ad7afc07
SHA256 1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f
SHA512 3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\prefs.js

MD5 9dc5c5d711be93a0ef9d2506d2e470b1
SHA1 2c61f552cae3ea21d224991f87ae775dfc4b58fe
SHA256 a24a25deac9185b60e04d6b507f6419d00d0aa11d930816b4cff600dfedf82c4
SHA512 645911e9bcd580960f707c1761b329e4ae422998259d5e87909a54d3c45ae5356aa20dcba6cebe14b9a00932b0eaffdd357e3313308507e6b5eb8977d4b0a18b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\prefs-1.js

MD5 62fb1c438aa74888b7a1df1be3d4ad5f
SHA1 384f8aa6144ce7855bafbd502c47507dcb3cc808
SHA256 28e8ac392a0d5dffb5f92cd8d20ab12100d9c4bef8d0255a747f254a1a3ad041
SHA512 334abcff568023a1b473470408236fe261be948d5d75c03ad26d5df325a7b678fd86ccc4359fdb296ff76b47a2525faba2ca3ce4e1d03f761e598387b86f81df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 a0f97fa4f8f1f38034fcf22d19366624
SHA1 92124665bb9d51254ff2ab9837a0bcb136eb9a59
SHA256 900d58ca9b02e87a6334d19bc30b0577e96927da3f1b57e5b1a825398f6a162f
SHA512 dc5ff31c0d06bd03f12c762c0ae9cddac85987048d44935bee58a05dd2333ca54dff6a98cd5825e0e74d54900be4124e8fd68a13fa5ced3f86765aff33d9d9ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 31ba758781c8c5681a7dfaf1666dcb84
SHA1 4220acf64e26c315ca5943af890e37759f98a00d
SHA256 7fcfbb3476d43ec33e99dd67dd207ecf8cb1e6d68a9d69fc6c8e68bcae57ec0e
SHA512 4a6f07154306022377ffa56e7b446f86b482f94b6883aab16c467c8ad8b586ecee2bafc70d5491133190b43858f6c680133416e22e02cb332501e9a0c510c6f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe58abcb.TMP

MD5 204311a440233f393891256033f3517b
SHA1 b58822ade3349506f5a759cd53a288d59345f9ea
SHA256 5126d61629e9bc884c9c2f1d25495db020ae467a5d26b896c44fe894fb53ac0a
SHA512 9265b0dc1e8136a338f9e30836dbaec28c95653183100ee1589d99b545514923887fda0365e3ee6a01730f9ab8553971883c139b09edb635b97799c6c306c516

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ef4c591d6809a7d870695d177894d2a6
SHA1 6d354927206c9da3537eaf9cca25066e28988226
SHA256 e5eae6d0b91ddd3406db38d0b01e1a4e878f529852e857735f929feb20ea8939
SHA512 bbdcbedfb45acde46503fcd71b4748f27c0c7cf9b3c61b9a4f592f942aab8ef840a2421f0b5827e0ac5605fce82b090af65fc423368af7cbab870bcf6070b770

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58b503.TMP

MD5 7cce9b58723d482dc481c0fd95c484aa
SHA1 13a537e4ac5d15cb8fac6945313eb3dc4ca6044d
SHA256 ea76f03326bb4bbf37014469a20ecd70491774cb95c36920584dacfb6ca8d220
SHA512 aa40e7d923fe8bfdc9b810975fd3e3d03ff8453b8bc47bee5483fff9bd61174c2eace28daaf886208bdd52ade84cc2e380b93c090fda110b9821c55853a7f899

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2db87257d957469c7bd9600c1fb82081
SHA1 c65d7b38f9294512144d17087a66cf84c6b0c4df
SHA256 73f0f3847d90a2aae1293bfe99bdc8e17e3cec20aafc01a15664354c3b94a1ca
SHA512 ccd0d0c7b3abc93d8f72e0f648a6f31ccd6d8b914fb851754d94fb5c9acd10d10122f39082d166142aca4e4d6c4b1f9c8791d636ca46c8b6564f657de3c822e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\storage\default\https+++www.youtube.com\cache\morgue\240\{1ebc87cb-c61e-4b7e-83b7-af35b53a75f0}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 9618294634481f2928662ef41251a776
SHA1 b2b452d2826787c202374233bf4785de822004d4
SHA256 e8c5225e992f5d921833ad3fa05d4af94487a4435b8aba3d7311971f18214893
SHA512 d065fe8c81b9d0cf776e5a04cc04e9b65233b9309a9450194f1197aefa0eb0887ffac6de307355a57d52e5546d98650eaee8b6f6b40139b86bb05cbbea0be046

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\storage\default\https+++www.youtube.com\idb\585645870yCt7-%iCt7-%ree5s9pco.sqlite

MD5 f6caf3e0c59f9f5558208c1db957a4df
SHA1 db81f6ebc3ad92b67b25fdd6a2ee4131e8a0240f
SHA256 52e9a1fbd00adbcc69cf0cebe4227036bae957fcd1867ad34478d26b6ab47720
SHA512 6eca5ee5a3bfb74e1783518199fbe012f307457cc131b28a3ac08b769493228e7bb16484991f66bb661969c07fa95734d23c0ef65a5541a7bf54abceab10ad9a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 2b9776807df1c30ef66c45ef60237487
SHA1 17e925fab39688d0d907687da86f566e283ee63b
SHA256 58a7c2031d7dbf5bda9614b64123996aa3bfcb5a783f901145baf087066c04a8
SHA512 e67162fb491ca513627e9fcb69a5db19a15129856ea3d01c2f0b5add061811bc5a0d4b6d8e53e4d7fe155b3bdf4a786cff697df5165368616589b411f8fafcf7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cf870ae447b098c7522627559867f83c
SHA1 8dc0c0e61492c351528261411d271d5141f46636
SHA256 73a7ba2ff0650492b1579ad147816bec90e9425e2d36e775c353ae99391e74c2
SHA512 8eb66434d03a8425d7bb591d0833e52c2c882d1627b4f510506e4c5655b7564ffdd069052ca9fcd6358b95192a9d3f87f07d224243e2e34d4e4ba8b25e462901

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0819cbc10c89a50800263f1be906ff80
SHA1 330514964cfc2025403a8c3ae9d30bb47af77c52
SHA256 4153be7e0e25ba6b4c8af931fe5f06e32e7ddace8c05b30b5abbac070c688cd1
SHA512 127a31d284e19853a17c8882ffce204e658fd7ec07c9c8959733c91773dd08f226f7e9942269a2577dffd2ec04ad0ef395f0c9c6418fc787e7c654c2daddc043

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

MD5 dc3b8c50e8c0eb3efdb4f61a11b07f95
SHA1 d0ff754f54871d9d06fda35d7ed84a396473cbe2
SHA256 fa158e2b238e5515c36f41e294701218c9b1c9908aba7382469b4a82820c9b35
SHA512 50c7bf882fe3e7e42078ca3c2b720ce87d450fcd4263f984e47a126d914cdb314ee6f1920ca22e196e9487df4d8a863a66c4590565b9d7f8ff7aba25e40c1b2d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f977643bb96fd4a42cdc772f8ad9b4d4
SHA1 cec43264fafce58cce53b185da517845b700d5d5
SHA256 60570d2c9b9d3220dd12877eafd32186c49aca1f07439c4eb570033c550999d9
SHA512 45a528358dbd2019f284a778801e6cb1e3139461a1b50210f758582a7aae435d5380f128d0d47bb41e72b0ddd34827cdef304fbba1fef4578c799679e721a5fc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

MD5 6113d9f8b5839ba1672a924487efc6b8
SHA1 936ee83885f93c86290d3e6785a7aa57bbc948d5
SHA256 06b5e5a492bf40fcbf52c71bd4181409df6d8766baf268919a18d8a1c60f09ba
SHA512 76ecc189cf732b835244687a435db5070ed839fa4fa5e784e50c0a4b4c5e0c5fbba931059cb17651723c3b9b8446f40a66225a2e5bd0ff907e1948820747d836

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 f643675b2acb55a7a153fbac59d9e90c
SHA1 52e81d5f50f26450811a28bd2899a243cf6578f7
SHA256 d16a87eb5b306ff106ed011a511916bc03b12d9ce868190918f9327eac6272f6
SHA512 04da51dd29beca3b0a237e746eacfed1f64bb9a2999b4eb17a719b8bcf7ceda41d20330ac02538eadf9d1a700390dc4a276ce616a9ffe4fd7a791a07bd348f6a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 e7509c0974f418f9abc9cfbe6680c85e
SHA1 1b05ca39e4e5007eb16292ac9153dd09e6e8b491
SHA256 5dfeecb28f2faf93c24e4755b3bdd2d1d32bac448f7ec94ea3eab9e934a425f4
SHA512 f16b7a2ef1e574328a918c42a6291ba3bb8fb146104de2f10471228d122ca27cec21e06fe3ed74192f6b72f01895c6c527f2706a9aa6c582b8d270f4a58d7d42

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 ff64c2d7a6ad14e89917e1e08fbc6295
SHA1 c280584d3368928bb1407fb1ffa96389e67b11f3
SHA256 000c02be433bac3ad7e3899140c76d22b940c36fc64e2f6fd55663302e9323d9
SHA512 02d743458ef7636a9b0dffa57f63e079575e6ed5d9f06a68cbcb91e7f6a5b04c23489a15abd6b8b1b434c612c125db2079507eb60903f8bd5c668e9b89a46abe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe590fc5.TMP

MD5 6a1e1af639cea8a2ea68d3d941c97b20
SHA1 64121876ecb1151be56cf78820deb84ec895106c
SHA256 b788ead2daacadec56833d5822e449b1d39fd911d8561659bc9f8b4efc1644ad
SHA512 71edd3be2386b40395e5aa42dad4adaa9f97e0fffd14c063c0831ec6d3326cb58af4c6c751aac7fc85ee50dbe0589f96841bd36d97420a11e7e6d3cd9abf25b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 48a1f77ccf0f523f5c2864f20fc9c4e6
SHA1 a97d896b97804750932a9e8444f7a65cfbb295a2
SHA256 0097fe392f2479647d8c9f3840c7ac49f8296b1908bf0e99722a86f223037ed8
SHA512 e89189bc54043bb14f6535b55ba9aec1f27cc36defeaa5274e5f22acc50854bd9b34073a41649a4cbd66abf456bca5b1a695354bc4de3569c9bba9a494e05098

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 8415a9e21c779cebb1a066a16b4027c8
SHA1 4f2f30c4bce5c001a799ca82b7d304f1b68c0f11
SHA256 a871f0e631e8174b0120f22444543816da3c3790524f5058ff9a1521f0da258e
SHA512 59a6b2cc829987ecf7130395a2f9fc2eed10fc99023f2474429b715ec3027ca06cd7df491cd371fa3ee85c7a6ddd72d14121ede3f43274fd1e3068d87b9b7e52

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

MD5 00e4719e921c916759eaaeb965fb9b6e
SHA1 f0e7c979c0a1e85ac78d9dd231502fb425b18cd0
SHA256 5026526565cff03c7fac8772152e339d2161d8b473c2be9f2bd85937a47aa6d8
SHA512 b67fdeaad9acbe718c8713b6c4ce3dc7c4d76726f94febc6539d245e47b8893c744c338d6c2b18c5cad99e9d0141d1ce514e53d67dbc8d1d825e5eb08c5a5781

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

MD5 769287d0597f2baa517207a337bf038f
SHA1 3db7e68e2009f19907d2287caebf99eec0b8287b
SHA256 5e930a1c171d4599bb6daaf71ac52b2b50eb0f15e1ac08c0ba651fb27dd06b0d
SHA512 f504f98bc5550d19e1fb186fe35c0c9d67411259ea37e87404d503af6c04b3a6724959499f2be17ef753fed53bf892f0c27f6dc11ded18a7d22eb6e3c28d7d3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 4fe1d4f29fc021aa7eb62ebce36f63bc
SHA1 5296b6f62eebbc8f04c08436dbfb3571431e96c6
SHA256 491e289dc289f80e181d9a1c050660219380840f43fd90308ef50097aaf368cc
SHA512 45b9ac48d98af3eaf3764635537541ccceed635696600bcc8f794456616bf54db65ebef6ccd9e5134f2f551a34926227f0163c46c135efc41c04c52edaccb719

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\storage\default\https+++www.youtube.com\cache\morgue\183\{97a754c9-23e3-4932-bd0b-2455bc6d78b7}.final

MD5 51bb0fe00991a2ae6707b3aefc583918
SHA1 21ec201ebf41ad57faaab02f7961ce5a746e6dbb
SHA256 97dc140355b2b45b54c3dab1ac66b951afae0bc742402cbc342be117f4424e0a
SHA512 41863cc0f1252366a5514dd62a06f4bba493029b8c7a35e19173b6d7f9114e7098fa35d284623b6641d28f7d7bee1ce99064987afc985dbf0354368f71f9a39b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\storage\default\https+++www.youtube.com\cache\morgue\48\{bd8fcfeb-a634-4be4-8598-565e57892a30}.final

MD5 5b0f165bbdb71faa1bb5b26c4f022e96
SHA1 704bbe81e0d8370e675246e1cbb347bf8599aa45
SHA256 b95a445bd9d295276e8423f1ad3fc50c740512a634f2115364217544bc87d44f
SHA512 6c521b2c55135ec98f79193bf9c62b73cfb1801cdeed03a9871878f677aacea46cae165a4290682768ca1c1192dff2e87b63c39228164d72d2c7abbe732f8d20

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\storage\default\https+++www.youtube.com\cache\morgue\107\{5cee71c2-fe6e-4a25-a3f0-93e81222306b}.final

MD5 45e25bb134343fe4a559478cd56f0971
SHA1 79f18ad0b7e3935c3231ced0edd8ea3c7997ca93
SHA256 dae4dd8e56ccc952312b3b238a1db294d4d7ad4f532c31cd1c2e5f9dee881678
SHA512 9b32b125c4183fe992630bc6ce9a511157959556fdce53f8264aba2aa8fb7b0e53b408b505da2cc96cdec771470927e74cba3bbd6eb71a5077e9f933cdc85292

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 142f917005a2132d23b1fa09fc1ce66d
SHA1 0bdef3fec45f6ea48d82d54987e0a8ae40b9dc31
SHA256 e61355a586071d3b37f25680e5854ce02ae505cc63ec4aaafd0bc4afbe7a7eb6
SHA512 e2fcecee279bb33aa728639805d510da05dd37487b3c02dd0f205695f72784da22f334c8db77f9f671a11449d21c8c0a933fa6545ea6e709ecd037a86e94d1de

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4

MD5 4a51f7369cc800610918366b4834ae58
SHA1 cf35b753fb85c699ffb1d85f3ea3ef73b085ec86
SHA256 2ab626630f412d5e50c77b0c8fb3de5e99c4a1e4b799ad9306db71f3b3396578
SHA512 cb83765b2e8f1b3f9061c4c743ed6279b3e4c19592ae4c7d7a844416d1ae84ce7b0ac46243a3e84030851be81e8b7642257c724cff29adeb9f7d98dda2c78413

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 27bba3f4d2a062cfa6c975ef57533c3e
SHA1 8629f94967c8702ccd470627a752947af1a9059c
SHA256 62ef15ba90ce7bdb4c3e855158fb430fa17c3319cb01fa9015a239ce02d10a30
SHA512 dff70f349bb569c213fad8291511fae23876d2c6452186f247e0e5c75ee37dfb1b842f4e19664f06a487f07f8182cdfc5a746c980052ac1611aa09b4b8d2a710

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\e1427f2a-f3f7-4666-8944-99f23b5fc45e.tmp

MD5 005d609d3f484c40923afbdf609b8917
SHA1 9b0be5eea3c8c05ec63c927bc88053d28b7a1983
SHA256 991c52fef26af971ae347c254013be7added4f5d9ed363280262b9933800069e
SHA512 f69ed6c9abd1ce103d474ee419e64c7ae4a7844f7cd23fb6c65eb5306be4cd1eb41880f1aa5eedb57ca6118ca3b3a4d5ba552af333a282bbc81b4940b87616e6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 97b7a2018651693834b419461676e51d
SHA1 5f7dea2f536a0b6d94386f609436a520ddce8069
SHA256 b6f2ef1b3940bba7ec450c2e4aa471e6a85512599c6ba020aa397e0a0764262e
SHA512 21498bbc75446d122fa01b05c7d8d227d8f92bd7b279767745846a46ad132b13d0b0f19fb66ebba47d712bed9bd09dd0219ec6130ff8e0a921e3f6a48899aec7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 1f3e0fff7c771d37f382b504617a00be
SHA1 0e8ae409d1d1dd7d8c4b14de2f45d6a398536285
SHA256 d0aec0812e98bab833e27974d192c7131ebc7f756137ca43f70a17081bdd11b2
SHA512 e06099bd1fe2a6707ce1f0f9eb539088faed69676475f629c391ec90906e6eca7e0c6cd89e70a811f061ed19174d037e1f2b00712f90a41a4a0c66075ff35cfa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 07540316dfd6ebc8d75bffca355bcacd
SHA1 6df23727abfbb2fa908571696fb4351ea035075c
SHA256 5a1d516b24aa01a1e78cdd2bf90d816eb28e07d4768fcf2e57eb9006a0339cb5
SHA512 f95f73180010d3a939d368260333b6078235366a4aa4f206f7f6ef89ce06c9107fa3744ac833956f1c2641000d1ff1c0b078f79248c36915259a63166e3e8808

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\76c9d243-6b54-4870-a1a3-5815723381d1\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 81ac05c6d01d84d913a56c11909cdc7d
SHA1 55f6bd5429c5a35ed53caae2cd50d856edcb7883
SHA256 b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5
SHA512 0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 3b9957bd8656ec15b5175946a3cd85e9
SHA1 a79f2c66b8899b68e2246ad67bac702c95bf7531
SHA256 1d24e1a4df0d0b44cc61d29e4b3881fa37e57bf9f1f8fadb56458e061faed522
SHA512 b66b1903acab5b6722ed12ca2a9b156ea7b0cd80d04285832b8c54816bd097ee6fe0ee2773d17206d083881763641439c8a4a164dd747fa370c0a050d7067b64

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 e54844af76d9cf803e45940beb97c8b5
SHA1 bac3e914a211c525052fd06fa1f415cd4ab96132
SHA256 2944a78be4aadaac85a72fb01e4012392a35a273b5c2977672d6b09087c3a802
SHA512 82b6c2beb73e9cfb2493fe7c482599f5a6042e6b3717a7edfa19ca88c26e393487fc76e4bc8a8b1fa1d2d8e91d2f6e170b22d4b532768e383cfe9f06a1d5dfb1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 a16b1e52221e0e86054a193915bbdb0d
SHA1 d67928d4356af10a9bb46a4589825d3da9946fb9
SHA256 dc114ae3cf3e3c7532c548c21d88c49bc8ba6c2ee19adc5a562484786911cd74
SHA512 6117202e9971cefb44a6b4946d16ccb279c8cb34cb374f7deaa0a1b545e03139c857d8df55fc8217f0f844fad03b1a1a889970ae32cf6851fb4a68050cfa3338

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a4627fa1665fe1eccaddbe7ed86295ef
SHA1 32a7784fdf23bda893fa6badfb8d6ff9b41751f1
SHA256 ffa3e943d5ba687bae65fcc6d021ad64404c6e06b1644164e7032507927f0a8e
SHA512 d4ce01fdeadc91f39d742d37d3764d960fd24c2e734b5123f600ae526b19a636288fe25ee2a1b774f961227720f206acecbdb3388d677960f63f4c5fee719ff4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 32e85bc2b38670c4511e4206bbb93d5d
SHA1 da7f7929e30e580cea0cb7281e36755d71508fa5
SHA256 2f849b419de5e551f278b4771b98e17fc06a3170db2d9498cb96bcf953f7ecce
SHA512 db59178ade8b5dbc87f1c9967d3ba2ba68bbb572e898d8c7b5f7a4645a6b9c12c2b017b0f4454bd770f35b60f0165d8b06854d67dec079093e5221ee53bd6ba9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old~RFe597f58.TMP

MD5 8d425c40903748e74b15ff0863a5ce5d
SHA1 71dc02ff6cb03eb80a07cf9ef065e8c735cc4d58
SHA256 2554b6500826c60700c16b7b0bd410fbaf4e3050ab7c94e2ca43ac414a73fe90
SHA512 fbd29add2abe210e08351ca550617077417616d7d1dda354c6542202caf363b0955b79af61ae2c35afc00300a36abdb2a653108d2422555a446c152a99e08643

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 709f7544bd3e74c424113e6853948595
SHA1 a8c1d9e6c8493091727f0e303e45ab92b773343a
SHA256 0f2a35c8b824d54b483d0b2ea10964bb7af8eb6b1c86d40efbac4c55e1123a2f
SHA512 c2ed4cbb5e48d04eeb63c94d7d88acec5af101c2da003a34379023d8454d810ae357d0b4265da7027af38889fe307ca597f815111295ed62520f39aabeb2020a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

MD5 591a01ddce334b8d61ced3bb63b5d8c8
SHA1 ce5c549c23259943be5ee336c0af3f3053fd42a5
SHA256 58c98e53137dfd7d229407b7d6fad8251651c34f35da1a063c02fd7d8c3c7147
SHA512 9c0a69424190703d235622807b93d4719f43dc4a981ed14dc30c98a75585859b8d2a87fd88ae60a559aa9ecbb665e9f9eed069a6b1fbb44274fb5fab9d854cf4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 41483df77e443a9b087f99ee3ab00c4e
SHA1 f43eb0f5f0e31c7bacceb39b3f52855ab82f08b6
SHA256 6efcfabf3c8f7dec8e9edcdd7a020962c1d6daf451a49c1faa56470b830a0bab
SHA512 4d2f9d5ef4563489f1e3717e8a7b6667908f60099d3498c941bab166bc4ffd449bf037ab41b922100023183cd7ff63b5683046dbf4fa0128f15635a0a9468f81

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 7378f426d93d2f806b536db7d5d1ef37
SHA1 3b7a025816a583f4d77e2d446666cec3d280143e
SHA256 d40eeb6f1bcee392df7288d7ebb484b3e8fc769fa52d13a41804d59573799087
SHA512 44fbb6d3b806dc28ad340c33163649a12fbae9bd70823ad39da45a36e3325efaea3e4d060702d0aa08f417592b7a512b967610e361b08101e7f981bb9cedea5d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

MD5 1ccfec0095eafbfadaed6121bba85a50
SHA1 42138a9ad0f9100933ae9771a0570b388886130f
SHA256 233c7744c658121611b9a44ee51a360c515567f912caa14a0c23d330ca1156d4
SHA512 e707689cf462b6f89cb6d91acdf69ad1de4e15698688cc2697affb9a2ba1b1f45d12835d9fd76203f4d17265b10b4e3ee490e9f86514ce648978115a035afc27

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

MD5 b997d9957e4ce6c3ba78d0cfe9b8bffd
SHA1 184a16222e8285fc21041c2439dbf85d761aa6df
SHA256 0a9945b0660fc366b539b19cf7a15a1eb58508b8119c780085d61a3c87d23a52
SHA512 c7118b5940d38f6839247a24308d09a6d49ed75b7147df1c7b6de218fbd62e4a8e864487493e45b5ffa9f1b6bde725cd62f1a511c72d81c95bf0f16a930af06c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

MD5 aed68a774225160a0a51030344056825
SHA1 df9b0337eb9e876259dc5257c8cab7dfce6f465b
SHA256 159df3e0188b9254f004cf0b03c1da0b39cd80a79fcc97f1cbfc48d42e7e68a0
SHA512 fd561ae0e5ce5f38ace5e7fe89cbbece24a25502ae8822e0db45d86145ec090d44c4532a27c41daae54b678a5edf203ace3c91871292057e0102bec88be9bc90

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d8719edb5f89668b4c7d4bea3874641f
SHA1 075dc70b838344df818350401e9c273ca3fc6c7c
SHA256 fa154522da42c2bac2ead68f0b6977a7e70b4b9a7bf68d014e7dd643f5f0be37
SHA512 54326e5e52ec68f3282cce36cc91e9f150a9f19e849e101a6cef10445fdfdf7bb4391899b6eaac35c97d309e69b192aab3927099949e14f139cfbf8ab37559e4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

MD5 9393cb007f99af1df8707c0b8b9412ca
SHA1 efc7d2187eddbb40474decf8e8858ce216e69bfe
SHA256 84ec06c2fe4c03753b927710ff41c91e20f0c8804242b426899e3733b3a1e4cb
SHA512 81214d032a966c35d8af0b38bca0ccdda4dcb55b6beec8e12f26d8734bf76b10c3cad93fbf3db28c50b089ab2fcb58c43862fc8499d12279d4bad28effff86b2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

MD5 40565ae77bdd56c5065c3040f299cbd3
SHA1 326505677956a0caa2d8c422b300e510a0c44099
SHA256 a366a1cec37da47e00204083349df8c8ab365b666391bad9298ffeb692539ad7
SHA512 630930aff08acd9b76e3267597fbcd35cc74f4faf0180d8b164896b8ea0fa487f92cd054f0ba3382dfcfafd8a29d7b202ba4c291c6be3f2900cc4f64963d62c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

MD5 70150a50fd007c48d1938ea918e8e17f
SHA1 ee7eb1ff3b8999955486ed0bbe8ab0169e28ffc9
SHA256 bae07d82d00a20de074c2063be1386b6c444a22a3333ded7f9acbdd9dc3a1b43
SHA512 44581160d47c7875984b1c9e50b48446510800e7b30d9b4e57be12c4bfc89011af0e95bb9b98d6e6ba003d9296cf3f299f00de7bd24bbe42706abed71b360515

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

MD5 f43e76bf636d1733b911ea045ae62a3b
SHA1 baff35b1faa7b20f7b4eb7082d6261ce778ccd68
SHA256 5f7abdaca5111070a217bc7a998ceebe7664805cb45af1febb9fe20af3efa85e
SHA512 60cb68bb110d7bb5581a187784e73de1f02c3117ee8c97790a077d6dc3cf1e4061cba1798ef01a6e228b8ac78544fae63d8a0b968e753a077c4d54a819444939

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

MD5 c83a63770fe6e277070cb0ba7d743d27
SHA1 359e094799a0db36b7484373d15b8a9f11b8e407
SHA256 9c2b45871726bed741d4af0c879629183fb876f2887092ebe4493856acbc6e5d
SHA512 b29e82a66eb309856fae964c230f3b3fd61abe0508643834b387eba460a75f2482138b01e7301180aebf921c2e281f3571017029fa5bd77190bcc71467a92fdd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

MD5 04cb67ef8aa6742bbd2742c2afd0569e
SHA1 b4927bfcb529bdb2e642f9e2d183f20d83331cd4
SHA256 35bf06b75e2b860ffb74ebc709574c84b7111537bbfe464a530905c347584296
SHA512 9f75b6f9890a8f0a062c90c561b12bdfa820a3015fe02c7719b99c4f0a4a03241bc370e503cc3e14ab8d3e3959f49ce205cd0b7ee2b6d1eb4a9d9ea44ceedce9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

MD5 475891545a230cf7df04f3b90b313526
SHA1 d617d5bde970cc849eb0aaa14a000e4d4bdcf570
SHA256 7a0922c0bafd564e2d00a11030437032380777b9307dd2d928440a649260d954
SHA512 3d270154ef237134261cac532d1f8bab4cf77493cdb3f4869a12c6f6bcf2ab3f1ab895cfd1f41644e0605007cdf2c4e449c53573999666f35c99aa2dcfaf857f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 c17748a35a24143f6b77e51412017e5b
SHA1 ab176da25613c500c1ce41912d51839ac570d3e0
SHA256 ed5d93c7cff886acfea8018a61ceed1d2ab2c6ae9f27828e74eee42490cc2c2f
SHA512 2fa7acbec253c61eac03977143fdce9903dd0db0354e2ecb2d2594e20e00d12d9d44b793a0f28433e8f96377758d40c4334f2168a37999f997576880c91524a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

MD5 86eac13ae042c5838d20274274d5d82d
SHA1 a1edc2336435162d57edd8e9a4a2b7ce2d693fdf
SHA256 2c700f68f9355697fcfb8a1be428158cc2937d2e0d01c0afbaed92cb2cb0c125
SHA512 313452f845e01faa3b45d9b37dd7db8bd1f2596684762d9affd50c1479c73592f06160f459c1fb11e4f7f38d185208b9c86c373f1abf34349daa3314382e337f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 4c44a4c4705e1e7ff214516345726b38
SHA1 c50da19ec6fbd99ee4c4f305e9ece188e0d19233
SHA256 7202e097880e3d2f06bd216cc9277332b95ff8b7d3a676d3ce89b869eebed990
SHA512 58c1de9c2d940b1d6195d96320c3b15030439ab71b1bf6a0d9e67c88213a3d1d29602a3079fbe4ce9cde6e6879020c05c237e1a7517c942b6c26f9da681da979

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 369a8d9a3c0d8d56b59b6041cc0daf42
SHA1 a56de5fc1e2e8a87bd8742507306005073fb517b
SHA256 62481fb6bc9cfd95606869c77fda101d054cfeb4c0c6ddd083d31adc41954ed7
SHA512 75e177e0ff1d91bd4b6a79034d00e75d12147e39c3f26314e5258f492505d1277e32d10c2539fa594f89c015e7d13de0a09ef34b984e6f63df391c79d2946483

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c0c4d8113b055ba5b92017408e6600fa
SHA1 d323feea013125722c966fe0d642c8f7c1047485
SHA256 8d45be538ffbeac40db9ee2ae6b361837aa96fb791ffe809a55782918aa1b1bf
SHA512 15b2bc92d0f20b033de04239a2fa950293ac3a9070d82da777878c0624b45dfe8a94bfc678672ec3bce692b7dfbc81cb32938043f2b688a43008470e6552edaa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 a5a4540cfea5cf0d6bccf3dc05872f80
SHA1 04a2c164bf5c0d799ae0a7189924e9275b71a465
SHA256 6f034ac9f22e9200d4d0014abd750d161423b3c9da99d8e246461d952ace990a
SHA512 c2493d8304b5fd31dba28cdb37114be63cdaf95ef6bfb9338ea167bec1ab6661ddaefdd3d8d7e4c4df005f0657125422404deb4b79b9981a21f739600a01b2b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 716c5eaa7c65e39a9f21000b865bd536
SHA1 cf75ac380729c5190d94607287edb2e6899f28da
SHA256 3370b8f00d16cecc06c344f467ab586ec7af8cef8ce7da7d53479284a2715fda
SHA512 0ebcc1de243674feedff6a0801f3ddd7a3134290e540179247b506d898a463fe7569f492d93ce43dae507cce675f9d2321ca2d86926381cb9f26620997d069e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e43aad0a28031a9b1aaaf7ff35ab2b70
SHA1 efe0cabf8e554bdc8f0c8df03f633fd161877621
SHA256 78e23e529f51de5fe26b001e780bd963eb17b5e46d0301dde58dea067c8a9096
SHA512 cd19ee6f1f43bcc365d2807210c9e1f81a32d16ec6e7ae5c44e0cde2a572023a5908ba51db8bc9301d2dfc22b4c7d315718be5e5f6000f606265a50c06c5ccc7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 95ba00f568bf9b3783730659ef0918cb
SHA1 7fbad8cb5a3b28829b9724f2838cd1aa524f26cd
SHA256 0f2a7fee9a1ad4bba365cafd2f629e6360128fb7296acf68dcc364239b270f2e
SHA512 c5d9c266ee39e22ab32d8791a6b29f234bed02b722b8e167043e10f252d12dc34071e1550aaa5cbee7772afb1639eef8fb3689135d6f7a143ced0ae04f77310a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 da75ec31def7c53acba0509b026521d5
SHA1 cd883c382e3f8611c85f3d8b0b4609a334f6beac
SHA256 35a675284d134fb434c1253262121714dd95b6e4e3aa0e6a26a6cddf25c2cfde
SHA512 014d87a7045fa6385e403085fe874a47c11699d5531837f14320f425baefde29c28e795be37ae5ec9f01268d850b1816febe7bff6c13dceed9c3cf4a0d7c0079

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 422299fc90be24457049db393e63e97a
SHA1 84d124467cad8aaf57f2d1c4e1e3723543fa7cf5
SHA256 805dfba1970aaebd6236fc3f176fe2c80ed841e0a5cd26b0c121e6ed717eed27
SHA512 d3fc54b117f750cc2d65e8e550223fefe93ce070c203051d4e6630393ac83c47aa37efbfa9f1719454a4d9b1a50d328821a578c84f9b0582c7db3505000a291d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ed5e0ca20c247db85ccd6da97ae95394
SHA1 6b2d158b3af895b8f92495bd46e062e1da06215c
SHA256 7372deb1effde7290aabc74415bf6f7b3e7a244292daa724898031c7c1e02159
SHA512 f24528c33a7da77b8d8f3770ad2167042094a006b11766fa93b23344742b9881d03bdc3f43445e59e2fcb0e976e212c32e4682b8c4f5425aa185e9851df1fd52

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 7160e5cc281fc32af05f93e5ead1bb4b
SHA1 a304c503c50c6ce3c1655dbbb68e23e5a64c7d79
SHA256 4682f9c5660cb2445856b4d206437a3d4bbb5871e9ce8fbd75f9180507d57a41
SHA512 43256443d51a987d02848108762ee8d1816fe7c2846d5c56efb6a744640117565713347f2be6bfdf93f193fa9aa72b0bb56ea31a53d59429f386bf94b869a7be

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 bcffca89d0799df0e64d9a76d3a7a6d5
SHA1 b2c4ef64f22fe4e3528f7bf73e0814a2715276f6
SHA256 e166c0e05fbd1b77bdadf195b608c43af387d9833e5d428d7d0d5e11d30295da
SHA512 11e8396b756e344c1f4bce6838b32eb862901a2694c2f3664bcfb7984712fe2717b33aef4f4931177ce27a71d66f4ee96a6e5a85373ed172ef2f59fbe0125283

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe59e5d2.TMP

MD5 f58eae1d8f68b5690165522e216349cc
SHA1 82546a399e0e8e612c282cdff61db5605c12c1e5
SHA256 deeee95a5dfc41f39e89398bd903b9d4f0098acb526e4bceb6b1a51f20b78539
SHA512 0a18b90fd2d78cfa0212b034f3a703b1b24848886c79ca8102abd5a45e160ec89ee74148a668ca145ceb44244b2882e40fd5e6bf324c2ad54a10b29126a9d16a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a63eb862-cdb1-4771-9e5e-82672e648b3a\index-dir\the-real-index~RFe59ed25.TMP

MD5 152c1907432238b1fbb6e133a1f7abfd
SHA1 e8b3be8c9814ee349125ae9d26818052a206ea0a
SHA256 df266cf23acfbae069c0fb8e7c92e121ca4bf37b35bcad266fe23824a115ef2b
SHA512 540b43f1ed74aebefeadadf45dc43e9e8e674ab5ef0720a59a8bcfdc6c5efbdde0d1558286f232ed3d24e4c613c96354b1487de6a1e5d77bdd66a51ec2232bb9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a63eb862-cdb1-4771-9e5e-82672e648b3a\index-dir\the-real-index

MD5 e3da3137a2f8e484740bb95a21157bff
SHA1 1e9f49dcf9ffcbd392d46173a4646123ce5d0963
SHA256 6e5704b4baf4059e07973740bc73159044d24f0fda69b1d7b7725b997a09649c
SHA512 2a00f45eeb6bae9ff8f74915b5436cdbe2e4ba91c0e33e870f1cdd083b2c6d6439f867a6f9fc28f9c23be7ba132476acab458bfcc0e5a8660beaacb38c2fdc3c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 f0afd25b99af72d0ef36ff252e1915b1
SHA1 261a2d411f490f203ac89b382b972aa1ab28b920
SHA256 3dc21115b95769155cc8af0561cf07e5f5f097969ba65567d58ca597dc33942d
SHA512 1fc2ee42577533f39bb516c0747ee7696e2dd9088b69874adc3060aee8f017a62b015e4f8933f331481545edd1544d5beaa006b6ae1d2ee66d104670d7184808

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 ff1597e9ceac9b25e6a629b330723980
SHA1 4f114b50da3f0b26531726a6830fdb8564e66014
SHA256 a928045ec760532bd07dc7fc0d79026b5675315175432e4b1bd1d205b9bcf8e1
SHA512 4fc8ba598378d2ee7dfc7f1cd298b86210c61c6cb3718f9658fae39dffdf7ed4bfad34a7a29bf24102103ead40beec3b8201cc0541b637d66cdfe7b85a0d0ffa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e91caf55afbf77f345511f6751246cf6
SHA1 15759fc5ec030651c27320ed8eb7ecf78a81d662
SHA256 2092f9d3b3d1e5c6e51a875836aae3f7168aac51fa46ebb071a35725f5669745
SHA512 45b9bc430a15c60f9e1f3aa33c77f63374368534b48872aca9e051e96c7444612cbf499e264ef7c44373d4defdc06186b5c2a2b7067f0693456aaa80232c90d6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 55219c43853b47c4f1a0e996f5c9bbe1
SHA1 6d583f576b0a19d25ca337ab45b3d5118d1b4432
SHA256 aa41979ab1c971929d9a2963718d10cf2792617106f0c35b0aa3b164db3d5ef8
SHA512 413171957ce391f32ded0baa3cafc2ad93671dee2c31748918a5d1cf40e74e519b16dce56b2c4203969566e16b147e4802bd511318d6e563285c2ab21b3723e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 65fcbeeaac981df3de4b50584654e2ca
SHA1 2584655e486ef6bc0c5cc2d6bc3ecbfeb3c1e01f
SHA256 e6557539dae0a48668629eac916490c569febe5c58e9ba988f14ce687187535d
SHA512 1bdf028cbd8543b095b772c67e6dfb56bb75ff9f430e4cf6800bab19e2cfea4add8602a61379db83229dd6459c4a9b26e7d8beea48aa5734852b264c0a039799

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 4ccd71c8ea5d8191db4708a95bfa27ed
SHA1 54201885ee9fb6bd81f2b8996dc9b037964ef085
SHA256 be21931d1d4b0019c5dc21b8a45f436836272be4f67ccf1aab64d9a93c6a044b
SHA512 1aafeea611f53643d4af2a7619b97dc1aabb597ba6f6afb9132bf712adb442fed84346f3c35d0b530bd4043c4c03c2362cc96647d791af30890a083a1c5a7676