Analysis Overview
SHA256
2bb36620acf15261962936d9d55b31e3afdc63061ff2259353deaebe3ee5fe89
Threat Level: Known bad
The file 2bb36620acf15261962936d9d55b31e3afdc63061ff2259353deaebe3ee5fe89 was found to be: Known bad.
Malicious Activity Summary
Detected google phishing page
Checks computer location settings
AutoIT Executable
Drops file in Windows directory
Unsigned PE
Enumerates physical storage devices
Modifies registry class
Checks processor information in registry
Suspicious use of FindShellTrayWindow
Uses Task Scheduler COM API
Modifies Internet Explorer settings
Suspicious use of SetWindowsHookEx
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Enumerates system info in registry
Suspicious behavior: MapViewOfSection
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Modifies data under HKEY_USERS
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-02-18 23:58
Signatures
AutoIT Executable
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral2
Detonation Overview
Submitted
2024-02-18 23:58
Reported
2024-02-19 00:03
Platform
win10-20240214-en
Max time kernel
299s
Max time network
285s
Command Line
Signatures
Detected google phishing page
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\2bb36620acf15261962936d9d55b31e3afdc63061ff2259353deaebe3ee5fe89.exe | N/A |
Drops file in Windows directory
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\system32\browser_broker.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133527743544307768" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus\CIPolicyState = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\facebook.com\Total = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\Total\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active\{CE0C36A8-CDBF-448D-B498-DA960DF94F56} = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VendorId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy\Extensions | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History\CacheLimit = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\facebook.com\NumberOfSubdomai = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = e513d368c662da01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.linkedin.com | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\facebook.com | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\google.com\NumberOfSubdoma = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore\OneTimeCleanup = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus\DynamicCodePolicy = 00000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\Next Rating Prompt = b02c1c42336ada01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$http://www.typepad.com/ | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\Certificates | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{AEBA21FA-782A-4A90-978D-B72164 = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VendorId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\TreeView = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\linkedin.com\NumberOfSubdomai = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionLow = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-SubSysId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Content | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DomStorageState\EdpCleanupState = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.linkedin.com | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\FileNames\ | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Revision = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DomStorageState | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\facebook.com\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\m.facebook.com\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 24ba7373c662da01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionHigh = "268435456" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = a201c068c662da01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\facebook.com\NumberOfSubdo = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\google.com\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1380226425-3283293370-545244236-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: MapViewOfSection
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\2bb36620acf15261962936d9d55b31e3afdc63061ff2259353deaebe3ee5fe89.exe
"C:\Users\Admin\AppData\Local\Temp\2bb36620acf15261962936d9d55b31e3afdc63061ff2259353deaebe3ee5fe89.exe"
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc8,0xcc,0xd0,0xa4,0xd4,0x7ffb35a09758,0x7ffb35a09768,0x7ffb35a09778
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc8,0xcc,0xd0,0xa4,0xd4,0x7ffb35a09758,0x7ffb35a09768,0x7ffb35a09778
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffb35a09758,0x7ffb35a09768,0x7ffb35a09778
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5188.0.1513977919\348596375" -parentBuildID 20221007134813 -prefsHandle 1716 -prefMapHandle 1704 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a3c441e4-a84f-462c-98eb-4d76d94d0a39} 5188 "\\.\pipe\gecko-crash-server-pipe.5188" 1816 1f4569d4858 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5188.1.601854311\1646888965" -parentBuildID 20221007134813 -prefsHandle 2208 -prefMapHandle 2204 -prefsLen 21608 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b11dbc5c-498e-436b-a69c-c60964e404f2} 5188 "\\.\pipe\gecko-crash-server-pipe.5188" 2220 1f4441e5458 socket
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2892 --field-trial-handle=1856,i,15491746337400375119,13746008253519205162,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1784 --field-trial-handle=1828,i,3892235195061975206,11998585888830429983,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1644 --field-trial-handle=1828,i,3892235195061975206,11998585888830429983,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1800 --field-trial-handle=1836,i,12393446959906212173,17438427607952280276,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1516 --field-trial-handle=1836,i,12393446959906212173,17438427607952280276,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3956 --field-trial-handle=1856,i,15491746337400375119,13746008253519205162,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3716 --field-trial-handle=1856,i,15491746337400375119,13746008253519205162,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2880 --field-trial-handle=1856,i,15491746337400375119,13746008253519205162,131072 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5188.2.327919486\1247832806" -childID 1 -isForBrowser -prefsHandle 2912 -prefMapHandle 2888 -prefsLen 21711 -prefMapSize 233444 -jsInitHandle 1088 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {95ad1bec-ed82-4c67-a060-e5cb575cc304} 5188 "\\.\pipe\gecko-crash-server-pipe.5188" 2924 1f45a4d3858 tab
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2044 --field-trial-handle=1856,i,15491746337400375119,13746008253519205162,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1800 --field-trial-handle=1856,i,15491746337400375119,13746008253519205162,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1528 --field-trial-handle=1856,i,15491746337400375119,13746008253519205162,131072 /prefetch:2
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5188.3.970803287\856471528" -childID 2 -isForBrowser -prefsHandle 3636 -prefMapHandle 3632 -prefsLen 26109 -prefMapSize 233444 -jsInitHandle 1088 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {91959dad-e781-4fb0-a4f2-cada2e573c47} 5188 "\\.\pipe\gecko-crash-server-pipe.5188" 3708 1f444160a58 tab
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4832 --field-trial-handle=1856,i,15491746337400375119,13746008253519205162,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4792 --field-trial-handle=1856,i,15491746337400375119,13746008253519205162,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4136 --field-trial-handle=1856,i,15491746337400375119,13746008253519205162,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5044 --field-trial-handle=1856,i,15491746337400375119,13746008253519205162,131072 /prefetch:8
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5188.4.893341439\229559680" -childID 3 -isForBrowser -prefsHandle 4788 -prefMapHandle 4780 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1088 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d9f9e287-ad2b-4dd8-bd3c-deae8570dd56} 5188 "\\.\pipe\gecko-crash-server-pipe.5188" 4704 1f45ce35f58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5188.6.1050837464\575954914" -childID 5 -isForBrowser -prefsHandle 5104 -prefMapHandle 5108 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1088 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c6e7929a-3a1e-471d-9043-cb115199e7a3} 5188 "\\.\pipe\gecko-crash-server-pipe.5188" 5092 1f45cedad58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5188.5.402041016\113741678" -childID 4 -isForBrowser -prefsHandle 4924 -prefMapHandle 4928 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1088 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {42fc6f10-5212-4894-948b-c2404d1d0cb5} 5188 "\\.\pipe\gecko-crash-server-pipe.5188" 4916 1f45ce84e58 tab
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4184 --field-trial-handle=1856,i,15491746337400375119,13746008253519205162,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5624 --field-trial-handle=1856,i,15491746337400375119,13746008253519205162,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5828 --field-trial-handle=1856,i,15491746337400375119,13746008253519205162,131072 /prefetch:8
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5188.7.262519137\1118192189" -childID 6 -isForBrowser -prefsHandle 5324 -prefMapHandle 5284 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1088 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c0f0c80e-7f93-405d-aacb-e733ed4d82d1} 5188 "\\.\pipe\gecko-crash-server-pipe.5188" 5156 1f45d476658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5188.8.1105401553\388749963" -childID 7 -isForBrowser -prefsHandle 5496 -prefMapHandle 5500 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1088 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {cdb8fb7a-7af5-46d1-9881-ae5f88a6625e} 5188 "\\.\pipe\gecko-crash-server-pipe.5188" 5488 1f45d475458 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5188.9.23042683\1827147497" -parentBuildID 20221007134813 -prefsHandle 5508 -prefMapHandle 5564 -prefsLen 26249 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6a2f7468-ab48-4fa4-a73f-e24b7620ace3} 5188 "\\.\pipe\gecko-crash-server-pipe.5188" 5720 1f45aaa7758 rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5188.10.1596013305\1022014677" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 5724 -prefMapHandle 5948 -prefsLen 26249 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {512e4971-9862-475c-9db6-5025941fe065} 5188 "\\.\pipe\gecko-crash-server-pipe.5188" 6040 1f45db6da58 utility
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3232 --field-trial-handle=1856,i,15491746337400375119,13746008253519205162,131072 /prefetch:8
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5188.11.1234182776\260897910" -childID 8 -isForBrowser -prefsHandle 6320 -prefMapHandle 6256 -prefsLen 26424 -prefMapSize 233444 -jsInitHandle 1088 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6ccf31be-e35f-49b3-aa5a-5d316665f0f4} 5188 "\\.\pipe\gecko-crash-server-pipe.5188" 6328 1f45d4d4658 tab
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1040 --field-trial-handle=1856,i,15491746337400375119,13746008253519205162,131072 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.linkedin.com | udp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 13.107.42.14:443 | www.linkedin.com | tcp |
| US | 13.107.42.14:443 | www.linkedin.com | tcp |
| US | 8.8.8.8:53 | 238.212.58.216.in-addr.arpa | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | static.licdn.com | udp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | m.facebook.com | udp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| GB | 163.70.147.35:443 | m.facebook.com | tcp |
| GB | 163.70.147.35:443 | m.facebook.com | tcp |
| US | 8.8.8.8:53 | 35.221.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.147.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | facebook.com | udp |
| GB | 163.70.147.35:443 | facebook.com | tcp |
| GB | 163.70.147.35:443 | facebook.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| US | 8.8.8.8:53 | fbcdn.net | udp |
| GB | 163.70.147.35:443 | fbcdn.net | tcp |
| GB | 163.70.147.35:443 | fbcdn.net | tcp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.147.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | fbsbx.com | udp |
| GB | 163.70.147.35:443 | fbsbx.com | tcp |
| GB | 163.70.147.35:443 | fbsbx.com | tcp |
| US | 8.8.8.8:53 | 96.134.221.88.in-addr.arpa | udp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | accounts.youtube.com | udp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | platform.linkedin.com | udp |
| US | 152.199.22.144:443 | platform.linkedin.com | tcp |
| US | 152.199.22.144:443 | platform.linkedin.com | tcp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | watson.telemetry.microsoft.com | udp |
| US | 20.42.73.29:443 | watson.telemetry.microsoft.com | tcp |
| US | 8.8.8.8:53 | 144.22.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.73.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | watson.telemetry.microsoft.com | udp |
| US | 20.42.73.29:443 | watson.telemetry.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 44.239.198.133:443 | shavar.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| US | 34.107.243.93:443 | push.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| GB | 157.240.221.35:443 | www.facebook.com | udp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | 133.198.239.44.in-addr.arpa | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.212.238:443 | www.youtube.com | udp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | udp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 172.217.169.42:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | accounts.youtube.com | udp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | scontent-lhr6-1.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | udp |
| N/A | 127.0.0.1:51061 | tcp | |
| GB | 172.217.169.42:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| GB | 216.58.212.238:443 | youtube-ui.l.google.com | tcp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 216.58.212.238:443 | youtube-ui.l.google.com | udp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 172.217.169.54:443 | i.ytimg.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 172.217.16.238:443 | youtube-ui.l.google.com | tcp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | rr5---sn-q4flrnlz.googlevideo.com | udp |
| GB | 172.217.16.238:443 | www3.l.google.com | udp |
| US | 74.125.3.138:443 | rr5---sn-q4flrnlz.googlevideo.com | tcp |
| US | 74.125.3.138:443 | rr5---sn-q4flrnlz.googlevideo.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 138.3.125.74.in-addr.arpa | udp |
| N/A | 127.0.0.1:51071 | tcp | |
| US | 74.125.3.138:443 | rr5---sn-q4flrnlz.googlevideo.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| US | 74.125.3.138:443 | rr5---sn-q4flrnlz.googlevideo.com | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 74.125.3.138:443 | rr5---sn-q4flrnlz.googlevideo.com | tcp |
| US | 74.125.3.138:443 | rr5---sn-q4flrnlz.googlevideo.com | tcp |
| US | 8.8.8.8:53 | scontent-lhr6-1.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent-lhr6-1.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.187.238:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.187.238:443 | youtube.com | udp |
| US | 8.8.8.8:53 | 161.19.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| GB | 142.250.187.238:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | 201.135.221.88.in-addr.arpa | udp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 34.160.144.191:443 | prod.content-signature-chains.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| GB | 88.221.134.155:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.134.221.88.in-addr.arpa | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 172.217.169.78:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 172.217.169.78:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r1---sn-4g5ednde.gvt1.com | udp |
| DE | 74.125.162.134:443 | r1---sn-4g5ednde.gvt1.com | tcp |
| US | 8.8.8.8:53 | r1.sn-4g5ednde.gvt1.com | udp |
| US | 8.8.8.8:53 | r1.sn-4g5ednde.gvt1.com | udp |
| DE | 74.125.162.134:443 | r1.sn-4g5ednde.gvt1.com | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.162.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 92.123.128.146:443 | www.bing.com | tcp |
| GB | 92.123.128.146:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 146.128.123.92.in-addr.arpa | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 216.58.212.238:443 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 216.58.204.78:443 | google.com | tcp |
| DE | 172.217.16.131:443 | beacons.gcp.gvt2.com | tcp |
| DE | 172.217.16.131:443 | beacons.gcp.gvt2.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | e2c41.gcp.gvt2.com | udp |
| GB | 35.214.42.68:443 | e2c41.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 78.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.16.217.172.in-addr.arpa | udp |
| GB | 216.58.212.238:443 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | 68.42.214.35.in-addr.arpa | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 209.143.182.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| GB | 172.217.169.35:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | 35.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| DE | 172.217.16.131:443 | beacons.gcp.gvt2.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 56.134.221.88.in-addr.arpa | udp |
| GB | 216.58.212.238:443 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
Files
memory/4840-0-0x0000022652520000-0x0000022652530000-memory.dmp
memory/4840-16-0x0000022652D00000-0x0000022652D10000-memory.dmp
memory/4840-35-0x00000226517E0000-0x00000226517E2000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
| MD5 | 1bfe591a4fe3d91b03cdf26eaacd8f89 |
| SHA1 | 719c37c320f518ac168c86723724891950911cea |
| SHA256 | 9cf94355051bf0f4a45724ca20d1cc02f76371b963ab7d1e38bd8997737b13d8 |
| SHA512 | 02f88da4b610678c31664609bcfa9d61db8d0b0617649981af948f670f41a6207b4ec19fecce7385a24e0c609cbbf3f2b79a8acaf09a03c2c432cc4dce75e9db |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
| MD5 | ab792caa051f8e9380d291508584430e |
| SHA1 | 1f2f01c78a5a441a3aa86e1b00dd2078bf9332a4 |
| SHA256 | 05b1206d935d65a523e247564ddc874b0a9e51a8c2b3e670ec604de5010c4c6c |
| SHA512 | ada4b61dad3071fe39c1c8b1065306092fbe9d90ea3ef3a571ad9b27bee3162c62cb176ce04c2f7554606a6f695cbca72e298bf8f9686446994c6e734eaf3492 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
| MD5 | 38214bd8ab8dff038f0d9aaf9d62593b |
| SHA1 | 61f4dae3ab96930be4293a54ce54fa455226e267 |
| SHA256 | 7549d68f8e6c11500a8754ab35bee32ca45cb91e136ccc86508608711af6d576 |
| SHA512 | 0db6a0a3cc694bf0bc3473f678c7320885c78c0da018ec0510adfe5ada9001bf0b261b97bb95369a73812e927a462c2eb1fd2f4f2c2aea8e2904b4a48c6d873f |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 9da3b5b4a894c15d1aa6d3d5da27ee05 |
| SHA1 | 0d16e87371ab9401b56eb65a272347758566941b |
| SHA256 | 5d3ca1af142868ad96cffad80f8828660ef8fc2de231848cf76bd714ca68e37a |
| SHA512 | 8caa5f7d48de98fe9858cea339f6e08f8ef099a268f5fe644f91e2cf815be613bc59f1b48bff1e7413ecd57d3dc3db57c8cdd1a9987f4b5fd720fd96320a0d37 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | f16d48057d5e88870db708dc5dc806d5 |
| SHA1 | 223cd0a7a25fb071ca181e28a2a893140b3b9a23 |
| SHA256 | 269909db7305f1c16fd4492294c3461db817d5d2a19c890f4e143378790d9e42 |
| SHA512 | cd76897a12f4f63e51f9be2fbcd0e2bfb7d6632358efe4077e3c859d82e23e59a98df21ea323adc1d00d6cfff274216c1655da480a33ee178cf3f58de4901807 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | a6fff7b27ecf5d3de7bdd2797288f0b5 |
| SHA1 | 29817824dc937c8edaaeba754cef6a8ab821601d |
| SHA256 | 43d53012e1652757690b78ef31566d92bc68f58b00a6275a36017a45ecdc4ce7 |
| SHA512 | 5dcd019fbd594abb2b7457541c8171202e4405e50d5e580b9cdf39dd117d5ad59205eb264d45f16e485c7537cfa713ef22f03a4ba27b1fe2d16d44805eafc943 |
memory/4852-133-0x0000022EF6020000-0x0000022EF6040000-memory.dmp
memory/4852-178-0x0000022EF58B0000-0x0000022EF58D0000-memory.dmp
memory/2980-214-0x000001CDD9D10000-0x000001CDD9D30000-memory.dmp
memory/2736-217-0x000001539CB40000-0x000001539CB60000-memory.dmp
memory/2736-222-0x000001549D200000-0x000001549D300000-memory.dmp
memory/2980-266-0x000001CDDA630000-0x000001CDDA632000-memory.dmp
memory/2980-279-0x000001CDDA650000-0x000001CDDA652000-memory.dmp
memory/4260-276-0x000001A9FC100000-0x000001A9FC200000-memory.dmp
memory/4260-295-0x000001A9FC2E0000-0x000001A9FC3E0000-memory.dmp
memory/2980-299-0x000001CDD9BA0000-0x000001CDD9BA2000-memory.dmp
memory/2736-320-0x000001549DC90000-0x000001549DC92000-memory.dmp
memory/4260-323-0x000001A9FC2E0000-0x000001A9FC3E0000-memory.dmp
memory/2980-315-0x000001CDD9B90000-0x000001CDD9B92000-memory.dmp
memory/2980-334-0x000001CDD9BC0000-0x000001CDD9BC2000-memory.dmp
memory/2980-347-0x000001CDDA6E0000-0x000001CDDA6E2000-memory.dmp
memory/2980-355-0x000001CDDE4C0000-0x000001CDDE4E0000-memory.dmp
memory/2736-374-0x000001549DF00000-0x000001549DF02000-memory.dmp
memory/2980-373-0x000001CDDED00000-0x000001CDDED20000-memory.dmp
memory/2980-371-0x000001CDDED30000-0x000001CDDED32000-memory.dmp
memory/2980-379-0x000001CDD9570000-0x000001CDD9572000-memory.dmp
memory/2736-383-0x000001549DF20000-0x000001549DF22000-memory.dmp
memory/2980-388-0x000001CDD9590000-0x000001CDD9592000-memory.dmp
memory/2736-390-0x000001539CD30000-0x000001539CD32000-memory.dmp
memory/2980-368-0x000001CDDED00000-0x000001CDDED20000-memory.dmp
memory/4840-434-0x0000022658D00000-0x0000022658D01000-memory.dmp
memory/4840-437-0x0000022658D10000-0x0000022658D11000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\YGW1X44U\9lb1g1kp916tat669q9r5g2kz[1].ico
| MD5 | 3d0e5c05903cec0bc8e3fe0cda552745 |
| SHA1 | 1b513503c65572f0787a14cc71018bd34f11b661 |
| SHA256 | 42a498dc5f62d81801f8e753fc9a50af5bc1aabda8ab8b2960dce48211d7c023 |
| SHA512 | 3d95663ac130116961f53cdca380ffc34e4814c52f801df59629ec999db79661b1d1f8b2e35d90f1a5f68ce22cc07e03f8069bd6e593c7614f7a8b0b0c09fa9e |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\FL3TPHEW\accounts.google[1].xml
| MD5 | 3ff4d575d1d04c3b54f67a6310f2fc95 |
| SHA1 | 1308937c1a46e6c331d5456bcd4b2182dc444040 |
| SHA256 | 021a5868b6c9e8beba07848ba30586c693f87ac02ee2ccaa0f26b7163c0c6b44 |
| SHA512 | 2b26501c4bf86ed66e941735c49ac445d683ad49ed94c5d87cc96228081ae2c8f4a8f44a2a5276b9f4b0962decfce6b9eeee38e42262ce8d865d5df0df7ec3d6 |
memory/2980-574-0x000001CDDCD00000-0x000001CDDCE00000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_77B1CCFAF3D0516ED1D1368847DAC1ED
| MD5 | a3cd08eb3bdead5bcffe5edd8b78a445 |
| SHA1 | 0690821870aabbb491ebbf25ae7707de62336f3e |
| SHA256 | e0d5059439d49458ddd35af23f868747e1091aa6f3c685d2a72d88d1558d2ce5 |
| SHA512 | df398a4dca12353bb87935f5861ede5cae5da3162e7690337e81c9aac6c6ba7394edf46bb4c87ba9f3bd1935a601c35cce1c25dd077e29303211e0b35b9b7ff7 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_77B1CCFAF3D0516ED1D1368847DAC1ED
| MD5 | fba0e15164ac2ab3ccce34e6f7c648c0 |
| SHA1 | c16f74550dc0c9c22e02d2652de32a9bc1ad78f1 |
| SHA256 | 3f88819bf4cfba2f257c24bc259f55a3f08073c62f6568e80ac175970d13d18d |
| SHA512 | 0fa22539e11e64e2572c0156f6b9f4c91e4d727a40ea11a70587de05c3ab840f0a2fa0b63e53d0cd7d6b8704ab5e3f4ae4206efb74b2c830d3ca3115a754e16d |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\O6O4Y4DM\4Kv5U5b1o3f[1].png
| MD5 | a81a5e7f71ae4153e6f888f1c92e5e11 |
| SHA1 | 39c3945c30abff65b372a7d8c691178ae9d9eee0 |
| SHA256 | 2bc7a47889c56ad49f1b8b97385d5a4d212e79bb8a9b30df0665a165f58b273e |
| SHA512 | 1df32349b33f6a6fcb1f8b6093abd737fa0638cdd6e3fd90a7e1852bd0e40bc2633cb4e13c4824fb948d1e012e5cb9eed0b038b121404865495d4e57e123db69 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\ImageStore\zuex3k9\imagestore.dat
| MD5 | 5dd9f5cb0eea195b0d39f94e8dafb118 |
| SHA1 | f11f1810bee57b44c47614127f7beff63798ff35 |
| SHA256 | 6578dab3986e0b5ec67a7e75bf77441403e4bb2c374088148f33d1f1fc455c9e |
| SHA512 | 40d86eb02f3e63ee9c58679e8e1cbbe800904ebaf59487d06d5c6f5ea8180c1deb005c52f158d248896f2731de3f1c673ccccbbcb3a5f7e681ea63b47957ae17 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_B88EBDD1C39B7C1DDC0A20A63167EC66
| MD5 | c28b317f409273fde133bd50a9fe4e4c |
| SHA1 | d1d3fd7223e8a9b52c42f12fbb3de1e0d39f0ff9 |
| SHA256 | e29eecb0814d74fe773f9856fd20323533b274197a1781de036caa14086f5235 |
| SHA512 | b53681b8d1be79a64dec020444a25b7bd2c3044951a5a17a7bb5b98ff1b31f3bb76d906cc4a0826a18c2c650a9184c509fcfe78008e944987299b1cf8b5aa885 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_B88EBDD1C39B7C1DDC0A20A63167EC66
| MD5 | 63a6a6a80c7f74463ee22e1742dfecb3 |
| SHA1 | 8cabe8d19b3f1dd0b1a5405abfe1cd9400ba3dbc |
| SHA256 | dd4722251c918eb4c5991a997de7e481652e3d469b3dbdc586c7bddbdad35692 |
| SHA512 | 862b31c27a2f18cb0879c0686570676d836eb83d98164aa1005f96f2e9d2ce95f164b3ab1b7721f1a4028f9d4104cbaa2a4bab8a4f5cfbe1a8565139235eea88 |
memory/2980-700-0x000001CDC8CF0000-0x000001CDC8D00000-memory.dmp
memory/2980-701-0x000001CDC8CF0000-0x000001CDC8D00000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 18dfe76c7ec186b321a47b435675ef86 |
| SHA1 | c9d19b44e28e882a95cb2ff8895892e52aafc316 |
| SHA256 | e6f7e7953e566e53a5a4d1fbe995a2794ae878ac404b42baa10c154270147e14 |
| SHA512 | 5964e01ddc7fdba3d57ea1af85063229d1a219ad3c5a80ec8f96d1cddf75c3d75b24761eaabd558d3b49b31e6464fa1409fa6fa0c5278d934adb5d71dcce3a14 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\KTLYRBGG\favicon[2].ico
| MD5 | f3418a443e7d841097c714d69ec4bcb8 |
| SHA1 | 49263695f6b0cdd72f45cf1b775e660fdc36c606 |
| SHA256 | 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770 |
| SHA512 | 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\A8PY1EDG\web-animations-next-lite.min[1].js
| MD5 | 44ca3d8fd5ff91ed90d1a2ab099ef91e |
| SHA1 | 79b76340ca0781fd98aa5b8fdca9496665810195 |
| SHA256 | c12e3ac9660ae5de2d775a8c52e22610fff7a651fa069cfa8f64675a7b0a6415 |
| SHA512 | a5ce9d846fb4c43a078d364974b22c18a504cdbf2da3d36c689d450a5dc7d0be156a29e11df301ff7e187b831e14a6e5b037aad22f00c03280ee1ad1e829dac8 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\A8PY1EDG\intersection-observer.min[1].js
| MD5 | 936a7c8159737df8dce532f9ea4d38b4 |
| SHA1 | 8834ea22eff1bdfd35d2ef3f76d0e552e75e83c5 |
| SHA256 | 3ea95af77e18116ed0e8b52bb2c0794d1259150671e02994ac2a8845bd1ad5b9 |
| SHA512 | 54471260a278d5e740782524392249427366c56b288c302c73d643a24c96d99a487507fbe1c47e050a52144713dfeb64cd37bc6359f443ce5f8feb1a2856a70a |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UYCEK1LL\webcomponents-ce-sd[1].js
| MD5 | c1d7b8b36bf9bd97dcb514a4212c8ea5 |
| SHA1 | e3957af856710e15404788a87c98fdbb85d3e52e |
| SHA256 | 2fed236a295c611b4be5b9bc8608978e148c893e0c51944486982583b210668a |
| SHA512 | 0d44065c534313572d90232eb3f88eb308590304c879e38a09d6f2891f92385dc7495aabd776433f7d493d004001b714c7f89855aa6f6bec61c77d50e3a4b8e6 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\BFYYPKFS\scheduler[1].js
| MD5 | dac3d45d4ce59d457459a8dbfcd30232 |
| SHA1 | 946dd6b08eb3cf2d063410f9ef2636d648ddb747 |
| SHA256 | 58ae013b8e95b7667124263f632b49a10acf7da2889547f2d9e4b279708a29f0 |
| SHA512 | 4f190ce27669725dac9cf944eafed150e16b5f9c1e16a0bbf715de67b9b5a44369c4835da36e37b2786aaf38103fdc1f7de3f60d0dc50163f2528d514ebe2243 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UYCEK1LL\www-i18n-constants[1].js
| MD5 | f3356b556175318cf67ab48f11f2421b |
| SHA1 | ace644324f1ce43e3968401ecf7f6c02ce78f8b7 |
| SHA256 | 263c24ac72cb26ab60b4b2911da2b45fef9b1fe69bbb7df59191bb4c1e9969cd |
| SHA512 | a2e5b90b1944a9d8096ae767d73db0ec5f12691cf1aebd870ad8e55902ceb81b27a3c099d924c17d3d51f7dbc4c3dd71d1b63eb9d3048e37f71b2f323681b0ad |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\BFYYPKFS\network[1].js
| MD5 | fdc9b5a35cd74fff3ea372b1a0027a72 |
| SHA1 | f1e0e8e7924716986e31bf52b3fca9fb0b781638 |
| SHA256 | 987eb7deb2211f6bcb391972114e1c5ee71799b5086f53f1125883f18dcf6cbf |
| SHA512 | f19535f91de11cab1ae3d6aced695a372f23d96941a58be0cb68f64c8ae901928158bcfc812f21a1f3d7e3ca1fe8892e24a4ad3f4f1a5afaba6a0555b145e7ce |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\JW7262ID\www-tampering[1].js
| MD5 | ce762a9d30d6c70bb0516e8cefc958bf |
| SHA1 | da6cac9c717daa3a39f82f3421782c99edd9329d |
| SHA256 | a9fc343d602527a427e57671d021524a9ff5af7b3df1a58900a3b01057bdd8c7 |
| SHA512 | 230753fbb26e90438dd43874d02fbbb1ad6db9a0fe76da978ea47a8ca06fc99dd5e475104abb5dd25ce222423d9bda7991fd0ee896386561cd6f9ac10f8932e2 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\BFYYPKFS\spf[1].js
| MD5 | eb4fbc0e01eb4a539a6bc202afd4c644 |
| SHA1 | 1798b96f94e4461c211a1e5118994f6e0dfd53be |
| SHA256 | acae96aa93e083c150d041e2f01185932e5aacd71e4b433cd165dd41aa97103a |
| SHA512 | b608780ed207a42dbe9deee88400a6d9462029a653cec42323490b7023f210e99fb38be5574a451f069eeb5a7f8125505989b331a2243c56d1f2c84a74a2b371 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UYCEK1LL\css2[1].css
| MD5 | 31aac18e149a751facc1eab7954dfb7b |
| SHA1 | 36d367dcc77416a166aecabb5f6fb5c6c29f3632 |
| SHA256 | 42706c41583de3f0028f16bad17197dde81807d148ba848ea3924aff4bb8b532 |
| SHA512 | df83002d751e6e73377b15966fa5ffacc7f6e2318821c691209fac9b6991d1113b385ca1fbf21e02455a5e5702d4247716c6d03d1938506e6ca740cdeffce351 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UYCEK1LL\www-main-desktop-home-page-skeleton[1].css
| MD5 | 9deae13c40798dfca19bd14ed7039d60 |
| SHA1 | 4ba302a1435b094031e4f2e1bce1b6198f0cf825 |
| SHA256 | cdac5527dc3c1a9f38c6b00086b2a10b9e7eaa1e062314e548c1fa602d17bbbd |
| SHA512 | 95b093d926535fa9454e3776a3e219b61502ce67aa2e659175ae879133dd35a6efa1bfdbe5b6d3e3dd8ba1f0663892b44fd6f21be17fefa9725a234dff3c5d0c |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\A8PY1EDG\www-onepick[1].css
| MD5 | 5306f13dfcf04955ed3e79ff5a92581e |
| SHA1 | 4a8927d91617923f9c9f6bcc1976bf43665cb553 |
| SHA256 | 6305c2a6825af37f17057fd4dcb3a70790cc90d0d8f51128430883829385f7cc |
| SHA512 | e91ecd1f7e14ff13035dd6e76dfa4fa58af69d98e007e2a0d52bff80d669d33beb5fafefe06254cbc6dd6713b4c7f79c824f641cb704142e031c68eccb3efed3 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\A8PY1EDG\rs=AGKMywFmFK9jjLIxwwWN4pEJoCiBPHkrmQ[1].css
| MD5 | 56a3605b84c1b5d7b2b2cc57c18f7c94 |
| SHA1 | b8e2ee057aaab5d5f51977967367065a9f285cfa |
| SHA256 | 08351ef7e3f449d092a80c0b75674248c1dda2fff9ab770c3c836d51ada5efdf |
| SHA512 | 334fd7ed973be08d2c98ee980c582e44a8bb76b65b2d12d8d2d7272bf813425b7b440cdd0d817f580fe356ab00557c1651cd8c58f5d28c5fb4fdf2407845f7ed |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\A8PY1EDG\www-main-desktop-watch-page-skeleton[1].css
| MD5 | 81b422570a4d648c0517811dfeb3273d |
| SHA1 | c150029bf8cebfc30e3698ae2631a6796a77ecf1 |
| SHA256 | 3c8b38d9b8a3301c106230e05beeedbcd28b12681f22fd9b09af9e52dc08635d |
| SHA512 | 1d4966a88d7cf6be31b8f53547a12db92cabb4c05176abe995c75c8889765ec68b7210c3be75f60954ceb2938412fbdeb94d4d25ddc927f3a89eca76a84a9ebc |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\F2DDCD2B5F37625B82E81F4976CEE400_FFB46CECE484AA2EE6ADD02001DDCE14
| MD5 | 4b11f7dc446e3661eb9b58bba44ca5e6 |
| SHA1 | 3d53554a3ca71b98e24591094c22bd85535d13a3 |
| SHA256 | 5d0115a1d1b3f14794d198b2c6c4934c90720f98f8d73ac304aeffc347738441 |
| SHA512 | 003ed225f6bc32859fa8babbdef39a8903b8e0692ebaf4db40cf60001d7ad4975cc07c90662a8923750d16ab5dc004a97d42f58982f9728dd46cc24e04e3e3a5 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\F2DDCD2B5F37625B82E81F4976CEE400_FFB46CECE484AA2EE6ADD02001DDCE14
| MD5 | 3fb5a3a7dd5ad073bac16311d267246c |
| SHA1 | b1354728afc36c4c84404544f4406790574dbcdd |
| SHA256 | f3eaa19f39ab18741b73c46da34cbd2975358af71c1fab51f8f09e4ed87394ee |
| SHA512 | bab61707823f8a5a4b011a20a232db340087eae0a49c6ca2206ea2fd141c5016d0cc14b69cfc2be60a77f8f6b88e2e4a9fa5baadff67f6c6696a1618e27820d0 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\A8PY1EDG\desktop_polymer[1].js
| MD5 | 69998e173b8c146479488bd8d7fbfab3 |
| SHA1 | d343051522769f5c16586f6a67e045d830433597 |
| SHA256 | cc3eeb6e34a2db5a5b28937da61f6eb2bb56b0dd2eb1e26d0edf2f97450c41f2 |
| SHA512 | 9c37ef552bec6e3d0133ad1a38ca422f2bc35aa0361215ad73d6244b8087761859f7f02202f2e119aa260dff60941caa48a3a818693952e2290408b1342cd979 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 54235279447d7181e3acba0161a78dfc |
| SHA1 | ef99dc31acbbb31719b7a1a477ba07c7c64c2789 |
| SHA256 | f2a290b53fd46249bc2fff927444f42298f5fe3969d8734871abba8c6bc2015f |
| SHA512 | b21a5d6be7eee58d9b1a1b82ed24109a3ffc2df7b0683e8fdcafa472d6c4c5d7f752c73c7a680aef78ec86d983dc8be42794e09df345f6896b57b088098ba784 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 16b7586b9eba5296ea04b791fc3d675e |
| SHA1 | 8890767dd7eb4d1beab829324ba8b9599051f0b0 |
| SHA256 | 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680 |
| SHA512 | 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771 |
\??\pipe\crashpad_6084_IDQUEZYFGZBSMQSI
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | bc6142469cd7dadf107be9ad87ea4753 |
| SHA1 | 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c |
| SHA256 | b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557 |
| SHA512 | 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 6698d4a8413f6bd114674230565a5135 |
| SHA1 | dd9146674b6c79dc297d81c60918e6acda10022b |
| SHA256 | 74cdd3bf837e16d42cdc52cbeec129ec60cdddcb6b8cd62f0bfdcd6c2e0d6d79 |
| SHA512 | 22e21adbd7a43de8321321114fdfcf3dd163af2f73d45ce69e2f3a9a9149a6737aec82973c75b933e133a9590f5e4ba3155c13a702f98af64f644f8410058371 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 265db1c9337422f9af69ef2b4e1c7205 |
| SHA1 | 3e38976bb5cf035c75c9bc185f72a80e70f41c2e |
| SHA256 | 7ca5a3ccc077698ca62ac8157676814b3d8e93586364d0318987e37b4f8590bc |
| SHA512 | 3cc9b76d8d4b6edb4c41677be3483ac37785f3bbfea4489f3855433ebf84ea25fc48efee9b74cab268dc9cb7fb4789a81c94e75c7bf723721de28aef53d8b529 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | d0beb2cbe4ced73b2b277356b108e9d8 |
| SHA1 | 9805e01fcf15678972d23f9ae4940b187681434a |
| SHA256 | f23cf3454452e4b87881229a640601ae7a26eb38edf6e0f6dea994fee8161775 |
| SHA512 | daa2bf04e7527ea45a55161b2ef31760dd04d4191899705ff47fd3089a03c25e53c302b0371d7df3825dc056ccf7ebad307f6690d92dd6015dcf82f37defcdf3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 3a3890da33f7fa4a1152caa15c6948b8 |
| SHA1 | 85d24c448e0ac3bb0e88d916a97e01621f9d02c6 |
| SHA256 | 2503a009d4aadd31fad09d9a4130134f92b9dbdb1f6eee270e2b4f0c8ad594da |
| SHA512 | c594cf1ac37d70feda59f188373dd636cb49eae27b1841f7f2a965b2683b402bdc8b80f6d35e110412be71da9cc71951612eaec81eda17243bae7be1c2b2fc50 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\datareporting\glean\db\data.safe.bin
| MD5 | cb13668bc52f3380fe4ca6a4917ae3cb |
| SHA1 | 46a744550948f2c658afb3806a3aa18a5065d35e |
| SHA256 | eca56250008f7539718aa66044297270d511dd93f19cc5c2581b3b4ed472744d |
| SHA512 | 909736477e5970d8ff83f68bdba129247c6bcc5fdd121142b5512b156739bbfbad4be4e812fb18fcf170711645a5477cab8461be377a76a21995c431424737ce |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\datareporting\glean\pending_pings\4be41026-4779-4dbe-ac42-e74ac79b15e8
| MD5 | 504bddfefbf422235d77f189afd16ce5 |
| SHA1 | 6a2987d27826a2e0e43ee8951434f3cc5933f6f2 |
| SHA256 | 45b48efcf94543179171d2860be800000897388d71d5de74a1f091a038ef614f |
| SHA512 | 035fa192700aeee8d8acc13ef1dfc2dabb27c322ca33fa37270ba5c552e17d25e78b0862b0f014976e9be8b93d88a882ced40221e6b8d2f60f21845484247ced |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\datareporting\glean\pending_pings\ef11c2b3-b7b3-4fd6-8415-702169c3c663
| MD5 | 85dec3d800bcc1e82e59126a14206349 |
| SHA1 | 248c295f3cc10fbec8dfeb9b29741bb898047729 |
| SHA256 | c751325064661514f8638aefaccb8ad29e70060a0d230b664531474b1c67063c |
| SHA512 | 7046b5b3b8e08eea2b7b83eaf3495b11e05675b5decf9223964928ac92799af76bceca1c0092e83c9d918881b426fe1594ca9072c4670b7dbf5f4cbe988f0470 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\prefs.js
| MD5 | 3fd2dc4e673323600df7eaa7eb729d34 |
| SHA1 | 5908279001280a1f39d1913d5efac3ba0c64ad0b |
| SHA256 | bf6a3943769ae9da485745023f171506648f824ff25e92c1be54ff86f5239fa6 |
| SHA512 | bc49e072feab7a5418d3c9ef6a6765a9b76c075f05344f271b52997de9a36c88d87bcd7baf2144a6cf355adf148b6488c8de6fd38ae542f9e84559ec9efe3b6a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\171b3484-f324-4faa-89cb-1a5c632357c5.tmp
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 8f30e71c0a800c0057f8bdcc749d4ebb |
| SHA1 | 341d92906bfbd2c4643ae00a68b79078ee9863f1 |
| SHA256 | ba81a9feaec8d496c9245200fc3b7b2b82ac64e44b8ac2d00fb90311fd6a4087 |
| SHA512 | 1549c65d4a1f64ffcb7aa04c5a515579cca47b3b6330b58c3b9f01b16f0a624a390d056345325f43ec46f6d9952792338969f2d26d6092ea465ac3d82d76483e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\cache2\entries\F96A1A8368D3C3DD1FA81D170326E6C1C65D342F
| MD5 | 61752a9e81f74f1ce1167c481cd33396 |
| SHA1 | 9695435d0aaf401433a53ce599762efbb6f7879b |
| SHA256 | 932803303c59773a3cb937faef102bb534437f1f1e3420006a741dcb462af065 |
| SHA512 | 07d99316e6c77121d2f6515fb0d04eb8abec1f1ea6c903b37e68a4bf1d85da4bee18e800e4c5802ad891603007b18487736bd77d8d228140d0a40d6992f5cf57 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\cache2\entries\2BB62A5F508187291BB477E79601AC81B652604E
| MD5 | 92abe6d4608cd5b7bd45f44d1e08979f |
| SHA1 | 4784448d6858cd09207ed336f0e0c838cfce5dfc |
| SHA256 | 3b33923d5f49b663a4da11d4c065884fcb5d71f5c2ed16e7ed848fca9dc20ac3 |
| SHA512 | 39d6cfce6c23990586e7b84d41421d1e72e11c495650b4ef6e0675942e848206a54341ab839438cfd3c64445ef49f9b6336b422e6ed07f5f7dd05fcbd8bc409b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\storage\default\https+++www.youtube.com\cache\morgue\246\{827a035b-9481-4fcc-8245-6100c6c54ef6}.final
| MD5 | 2a252393b98be6348c4ba18003cc3471 |
| SHA1 | 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598 |
| SHA256 | 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee |
| SHA512 | 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\storage\default\https+++www.youtube.com\idb\382115963yCt7-%iCt7-%r5e8sdpbo.sqlite
| MD5 | c21434258cfa9be1bbd88aa85724e121 |
| SHA1 | 739357f4cdf828684feb5b966176e4b50bbfe9bd |
| SHA256 | 81b6f5455eea7e445f585f98ab7180a869b068e2debbe7e0e33e45e10c291e4e |
| SHA512 | bfbbeae8da5d53e568b13d29149779dd33ec9da75d03f4f6fba043fee9191c0e1c7bc4d73009cfb676740a383f554046489c8423895dcafee88376e8fe92b1d3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\prefs-1.js
| MD5 | 3db8d9bd5ad85f66e0c64eae41c7efdf |
| SHA1 | 77ace364d7e9cbb7f692dd6e7f574848f4afe57a |
| SHA256 | 2c1e3878ff8b79d1f6b4fb6633b6a8d25e0d2852c59df6978a66b3d788907476 |
| SHA512 | 84df0206676d86a98d9458a4894eaa21eddbbd6d5270c42d652a70eb9b5f64dd6ff49822e2ce502111ace16837bcbbaafab8faa812efdf3c9890f5c802d7ac8d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f1bda3faba570de593c8911b689d88aa |
| SHA1 | 882dce61e1b4b3716bcde9d865acee9c1fa0b26a |
| SHA256 | 5da319975d66d519cf09de6a4ed700832cdf34fea4e4c39486d89c7296a61f94 |
| SHA512 | dc9c56e34de6e9293b73b52f97c6d13f9f6c4bd2ede1cb034d4e5a57c20e28204dac1a00d565bb30c6583e6c74733af3ec181be114814495cccfefa7f4ddb3da |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 2aab12f26de2f0d75c7dedb71fb22c81 |
| SHA1 | 058cb2a96b4f8978e6fddb92b591d7a50e17edc8 |
| SHA256 | a3aab5accb01c4653be375d3377c148c7362e21bb590e53252d87cf62d304d01 |
| SHA512 | 3637d95701b4d56de0e98d4b25cacc5c3e15822d99c8ffee672213e129d9776c4249c6cccc4835f2ed2aad34fecc44bc9b0d39203f83ea19ca6a59572e7df38f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57fadb.TMP
| MD5 | b2fdf9df2a2adb28266e6d39890a8f1a |
| SHA1 | eb070bd0af526b43f4f97938bc1a36ac559ab066 |
| SHA256 | 8427042a72c462c6ea9ffc9d471407f81c213c991175fa87e819a37c01a85d40 |
| SHA512 | ce6dd487a36d10507a6102c3cd64fd8d7d354a34856ba0d9b7c04fd6199bf9864fa2e6a26a5e9023f69345824717fb178ed9d7f3207a674bc55c5dcd0394e202 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3cf41fbcc8fbcd5f376244289992cb1d |
| SHA1 | abbec435c841889caec579b7e37a12cd9241ad96 |
| SHA256 | 2e89e313245e4d26509a42e4d84647b49f83bbce56fe339128c1441a16463d80 |
| SHA512 | 3f6de42f091aa7944b521566b5ed8d2b299d33a33a6f3915af7bac9b50075d2414f6016ab6618b06a053732318a568f9dc81b04a70a095b1548f3d23104534eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir6004_1301053045\Shortcuts Menu Icons\Monochrome\0\512.png
| MD5 | 12a429f9782bcff446dc1089b68d44ee |
| SHA1 | e41e5a1a4f2950a7f2da8be77ca26a66da7093b9 |
| SHA256 | e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37 |
| SHA512 | 1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png
| MD5 | 7f57c509f12aaae2c269646db7fde6e8 |
| SHA1 | 969d8c0e3d9140f843f36ccf2974b112ad7afc07 |
| SHA256 | 1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f |
| SHA512 | 3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | dfd95fbf39cd82b9b4bd0db4807bea77 |
| SHA1 | 33a5e3daa87bdda98f57f32a7c9a1008fda98626 |
| SHA256 | 4bd8498a1000ba014f72490ea9ef2f19d3e530c506614b3becfb71d584a30e2d |
| SHA512 | 2ca47be19d4817bfe130e80caf007f0ad30cc9e3ded89a4808a3738970e47be481bedd7bc63c0af201725917d42041f8475d8583c909b7ccef3867cbddeddf6e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | bc72a881688c49f262e5e42db1ac60d6 |
| SHA1 | c3b35b050ba8769a372c5450f9c10ebbeab29d65 |
| SHA256 | d1ad26076d303682b9f53205a8cf380c1256f7f031fcdfa682177deaf906b616 |
| SHA512 | dbe5a461d27f5449d5a8282d713969f09f410e573799aca2ac61fe3308abdfc79f9e4f37d04c96b0645821725a630aeb236afa9432229297a88859da774771d5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\JVDIEK69\edgecompatviewlist[1].xml
| MD5 | d4fc49dc14f63895d997fa4940f24378 |
| SHA1 | 3efb1437a7c5e46034147cbbc8db017c69d02c31 |
| SHA256 | 853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1 |
| SHA512 | cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\cache2\entries\70F9110B15BE4CA3789C4E686EFE371A84369C0A
| MD5 | 367fd8035fc810610be74cb36fd987fb |
| SHA1 | da1f6b156571db583804de89386065a77a7dc2ae |
| SHA256 | afb12cb3da167c605d3a98143b9508c201a11c72a7133bd2b7e0d8e6ae9b74f7 |
| SHA512 | 6a972743b5eefa7ae9ba63ee47b332091626b17503792ac061efec5a93bfc7dd8a5f8b5e0d94b257d8707baae811020b01553b347d6ba7c329aa6ce2650233f4 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\cache2\entries\DFF427F3036CB4FD84301A0F4A7459DEC961B2C3
| MD5 | 2892db5d246e35f1b65862a3525833f6 |
| SHA1 | 47939fe073b0dba88010a6356c58459d7e036a82 |
| SHA256 | 75cbd5975625a0ac3256c7fdd79cad73569e88d18bfa92e30e97bcc46e160023 |
| SHA512 | 6ea4176dd3f09900b58dd131f2d0d942e9687a5cb1321cb57dcaa168b1cf81be8b6e5bee985a27a18325f41576a223c0d3e7c2e95b552fcd72e8c50d5b0a674f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\cache2\entries\B244729BC80B4AC34542A2CF7ABB28C54E8B5AC9
| MD5 | e851350bdc55ce4792355a38db94c4c7 |
| SHA1 | 788d2541663dbc63bff0410a400f867a0adb1944 |
| SHA256 | 82f5ae76d6e263e8ebb32bf6c7e87d071292d256f89233caa2dd54afdfbc4a1f |
| SHA512 | df6adf63183db024b5ac05f80bf9afe43d515526d532e9489a0888fc33bbb5a58bcfca9e7da84ef1bca507912472ba8198fdb7c4c15542706fcce8e0763aeb42 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\cache2\entries\5386253589D09F6437E215B7DD9D35AC8A9667C7
| MD5 | 650ad200fe0be2e0ad7f145aaee7178c |
| SHA1 | 39c212fd354f3c17872062b85d43af2f14439fa1 |
| SHA256 | 106c138e423b0c8d415485336f28a7312cd737226a27704887228100a249bee0 |
| SHA512 | 4ce18fc797e4a1daaa5ec80bb42a8ec1bd69c70396c39a94ab9e4f889c2709982a4410898136c323507fd5d7d967a546f7dea689765602434be265d49582b106 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | ac4aabc0a7f16898ad85743f1029cd98 |
| SHA1 | c116f3524c90af40517f7d0edea13082bb4b12ad |
| SHA256 | 5b1baf8c20ffb09bbc2cc6db1c7a00f709cd9d2b299cfa4e1ff86d05f1ec3032 |
| SHA512 | 5ce91c080156f97d7a98ce59a7423e626b39a36eccbf73a6f14e0857286f1da97ba69818e8e530136ea9cad789d29afc3181438f2e889c28590537e705266d73 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 69a582b2e86479d110cddf9f44b0e6de |
| SHA1 | 8e4820f3ddc4a075c1e48c51d4114e8d7fbd004f |
| SHA256 | c9a3b449d253d8f2825ab521e1c1c1074b7470149eb302eaef5e14fa28e0a0db |
| SHA512 | 77cc16f7dda7ad2fefa728aaf951de5388dfc2214656c2a949db9d318fa7d03132378e593e40027ac5550b9511519f57b9bfe45e47e37ef748326f6b0c9b702e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 0e0a6a4f2a063cc07ddfe5da85fff4a5 |
| SHA1 | 4930f657d3abfb65657826630b9ae8004ca18007 |
| SHA256 | 6412cf2851ccc7d34555505a94230a563f11a498b87107854b973eee6545fb1b |
| SHA512 | 8648b4084560918b217469d0b44aa101566e3c9109e9d85e53a0415b8750aa028ae12a55e54f31b706028169eedc98b6cd9ee96a11573ae0167093d94642c2c5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\prefs-1.js
| MD5 | 7e5ba6b0c57874f5ff59552570f36e0b |
| SHA1 | f455384d1dad50691bc085516bad06c5124a0683 |
| SHA256 | bd41c8e508c0810767849c14b034c0d21365fddb6ccf4dcac4f9dcee81a57b5b |
| SHA512 | 05be8ac323b3b27363d43bdbcfac87b025830ba1296034bf8fd02cebf5303a97849469a2536fa466a4eedc503c8f6c0302b9317707f4ea095f422b0e124435eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 269cc12b5f572fb54ac7041d43c738c0 |
| SHA1 | f098d61ac08f312870bc3d5679d1f3326990fad3 |
| SHA256 | 9d6aab65757fa8b549a865b4a46441d8c62fe8300656d12c3dc354769cfa177b |
| SHA512 | b996cdbadd720cab338b76ce34d67284d58882abcc07b5cbd3d9245aa9e5b517910e8b334d4e5ca98a2bdb5f85146e512a3e4383843dcecba2c7a29975ad6df4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5850ea.TMP
| MD5 | 7d254d66e2c38d384618eed48b7fed7a |
| SHA1 | 18c59a6ddeb647c1d52e30c006dd0d9543bd41d8 |
| SHA256 | 782631dff5a288b99869665f10286a236ccfb4395a4c28096a4e43f35d675c68 |
| SHA512 | f29e774260ef6bd43f53a7865c78d214b00cb364100590fb7d36b3e60a0f80e09049be56ac38dea5b5583424cb001b126da2c8d3eb2721437e42b35f817f172f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c4307433dffbb961f79bad1e5202f948 |
| SHA1 | da512fa66e150cbc59a8f0d8915ef37b098701ba |
| SHA256 | 0cad1fae8748ec399d8a29bb366f6174d7b71c8158f9fc92053443513b677987 |
| SHA512 | cc9e0f7fbbdea9930a4835bb64ae320ccc4c4d1779f40996c27f192dd6b485c7402b35aba4dfc3c65615d38b21992b3129c190b4e9345274f3ad6a79ea64114b |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\0QLZFZI0\suggestions[1].en-US
| MD5 | 5a34cb996293fde2cb7a4ac89587393a |
| SHA1 | 3c96c993500690d1a77873cd62bc639b3a10653f |
| SHA256 | c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad |
| SHA512 | e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\prefs-1.js
| MD5 | eb768dc5036542429f62c23e5be66a47 |
| SHA1 | ff78fa75098fc280e3eae9d1fe88e3256f3eb6ad |
| SHA256 | ceeb008fe8030533fd03c649ce9e4f7205716f2329fdfc0a995090dffc379325 |
| SHA512 | e2114dd9c6d80fc3e5dbba0acb4d32b7a4ff8dfe8cd1ddb8a3d8223f137c8105f369a5c74cad9b7b27f9e8944409d81ab12f7292e577da0bd8902d875e7dff15 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | bea7560a646b4bb01aa04c31ff99b767 |
| SHA1 | fa0845d99b2cb49cba91a7565ce971c161cf3644 |
| SHA256 | 3998b49a97e43b109d343424f6a9fc23b4fecd4fa3d0f4725cb87b4a8af05e81 |
| SHA512 | 7c02d0d2156b9aa39f12fa009c0275ea59cc1e56cf7261e9be98067290bb7e2d50a3567d624a69f629633b00c8c332afef6a66f307a000411371b1ef2cd3094d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | b057d5a967cac5d60c5b995c993f1013 |
| SHA1 | 3cb5a0fa1f84de1c0c40bad1c10b67cbfd974504 |
| SHA256 | 2d4edb7152c82496be7a0fd0918eb4d04b3aca1264257c2a0360e44253e0546c |
| SHA512 | ecad53c581543d9143203f14dcee78dbb713e55b1746e5a0037b351838e6cd419afd86f4e1ea12059174c264e02ad1d6267074699fd39341739958cd722e3b3f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 87d1691c2b96ae9cb56a10ba99ada4eb |
| SHA1 | 01c8e3a90f9d50afb11b720f900f3dd772c64990 |
| SHA256 | 17cf6a95cf6d038d9a13204093d80712ccc573933d5f4c3054c0aab0739a5e6e |
| SHA512 | b13a9685d47e3cb56d90fc5b9b9764e2845a5f82915c638c1e080bf8b9ae3f59c33f79387fe9ad9a8c324044f3376ff0302243ff35527068a75e288f02bb77b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 7bdd81d56d85b9ac7e4cf6dd9998637a |
| SHA1 | dbf225148c9c4a780a3de715a484e635150feba7 |
| SHA256 | 7bf18d1a7a0964d93f39bb16c5f85f342406b9693376333a2c919019e606befb |
| SHA512 | 6a13f82711d077bf07db95424fe66e6f2a06b4c27ab5f6efa9aa1bfea244a0d8ce5d17467788d1504dd86dc02cd86e056ca81c0ed53ae8de1585da9b5b01b61d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 270a7f292590278493cd0514c7cea971 |
| SHA1 | a5ab9a8713386d52025685e3d99a95313610c26a |
| SHA256 | c40fd087a9da3ae160d8fa198a2b6094576977afc140342afdb8aa890510a8d2 |
| SHA512 | 8e7a7f69ad913ed6f26770700d4b7a4e3bf359b826a399a5f590df8292223b2603c715645da7d1f3ec8b965a7be474b14e1318f66b5a4bf01d6ca5c28632796a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | ba6ee139b0b55562b6752690dc9b8393 |
| SHA1 | 84855ac2bdc0cc9f702b2663e470fabd399cbc78 |
| SHA256 | 91dc0a5252e4679c88f023d0ce30cc9c52873600d3b554e2451504fe1a9b3d84 |
| SHA512 | d267dfe57345b37d19414ade9d369cf2f041ccbbfca55233914a8a6a769a92413ed86f1bdc32c087e27f9870fb2705e63755f4f6c318572e7003404779c46a46 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | c1deb737202c31583862b9257f98c38b |
| SHA1 | 4405ad027db07fac5fdf3b7e57b2eb6e50d463ce |
| SHA256 | 56b213bb6c56bad015ba3c233a3248d5ae24be4f11f92366691887c3eb3c705b |
| SHA512 | 908606e17052473a3d2e000695c9c9e7fefc4a87697f89c71acc911b4ea6b81eef6ff58ff36d0b9730d01316e5a1db05e52fa9fee1530430105648ad9ea38df8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\cache2\entries\F210D48319A1879FD1C5213FA010C613B99BA085
| MD5 | 903d666db0d1d2430f5a3f365e3860f3 |
| SHA1 | 20729aa648ee1865c108284310dc8213acb7a116 |
| SHA256 | 876a8c6202cd666291b3b4be93be6d2e17d89c7545a003dc5227ae7455ee41b9 |
| SHA512 | 0d5387c6a39a8f2174f35d10d600885657ae1029d559b96fee707b3b7f176583bdd9a9394862cb16df369ff0d69a38dcb6ded0ac74feb4ddc22032455201b21d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\cache2\entries\C01425A73E10884AEF7072E5F96EAC6DE8E38E78
| MD5 | d6d905e73f23f94944381763e8afe2a9 |
| SHA1 | d53a5263330a4c0c6adfb355f6a61aaaff077add |
| SHA256 | 313f5327e7014b35409fc9eb0834e0e93173b7f49aa4dfb3f76fc20db7ae43ce |
| SHA512 | ef513fa0d541acfbe5ec7c95c5c15f741521875486955edbeaed41d53ae80c7f9d4bfeb7920837f85f6fbd85f1b72693ca33fcfe7f294ed160b36a6b9185a9a5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\cache2\entries\A858259C15269B8488E8006F0D0609FF19960C81
| MD5 | a952f1aceab2c821c452739cdb020dbb |
| SHA1 | 8ed089bb903f9cc035e2e23cb04588152257be91 |
| SHA256 | 2767285f9511902a84614509e43f8b55765ce5c5cef5f4dbd4960e795c562307 |
| SHA512 | d6f21b5959d493ae1fb4f1e4066e52afe7b688dc9c818f4d4b02ec7face3c6c0b8c38411cc236f1b09e1a2432d64a88f5543978af137b7ebc3215d9b67e773f7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\cache2\entries\E76FD7CD12C9FF691C8EBCE71B3F71D1A3DE1AAE
| MD5 | 3de2760527faf33f7c64feee320985dd |
| SHA1 | 5da2d494a48b5d2ebd6ea325818d2602799ce4d7 |
| SHA256 | c5dc84212947e0d6a3e15f5d83198a65a9c0dac8d0cb2fe01489cd39e9115be1 |
| SHA512 | b1e4d1880c67425dd03f2f2d9bd752da631ac7163e6a4f32b6948c42230914fb3b66400ccdead1fb323fbfcfe81c445427a5d0f5b968b30bb9bdc9e4b3825ab0 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\cache2\entries\03658C4EDAC1F91F015B90400D1BEBB97C097333
| MD5 | 5b664daeb59b7e0c67881f07d992628d |
| SHA1 | 755c0738c81f68a8d9fe7277fe20e2a35ed4bc36 |
| SHA256 | 074e890b19759f4a579e90de137236184bb5ed6a9b21029718be0fc25dfcc4d0 |
| SHA512 | 4ae49cfe535f816587ab8f1cd8e3efc83ce779cc6046560d1d01c258599f4ddb3451d9d4e89b43195ec8ab77364fb667760ca76c247277953f7146a35bfdc4ea |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\cache2\entries\BF82884BFDEB030A321F706507399E7727CD350D
| MD5 | 8d0c3dc5e9da2d8b35179d83ef9c36a4 |
| SHA1 | e596cdc9567b4d1dc9704a47596a69ba33986748 |
| SHA256 | e56fd8112006bbbf4e970f3489a4b4ac850671be73453d13b1fc3fb076442127 |
| SHA512 | 3d5edaf0f90aac5dbc67f383e3aedb422a63c16431b15610bda815af421061a250c18c940ffbb1d0f463c093d7f938bd66b0256a7437d25c48f161c25efcc606 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\cache2\entries\683CA43433CEFCC5CC18B5213DE25553D89C3D65
| MD5 | b1dd16a663ed968dde63f295e96a4e9c |
| SHA1 | 1ab2a4e610c0db2f64b0e681b17071a2b4058aef |
| SHA256 | 27eaab85acfd0e9f436655bb31791ce825b1838c7613b87b8955a937648acb2a |
| SHA512 | b64ce754b0fec196cffcc20606366bad498607698f2682256e4e9cee5b51a664527143506bc300a78008239ff9fe7c0b38eb6c970080b5d09b7b057ad740c1ca |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\cache2\entries\212943DB0F1CBD6F3B5EA0D484B83361DD1A20DF
| MD5 | 24648ee4c08057facf8a8e89f14c10e6 |
| SHA1 | f76e318947712349f8c17573b87c7dd797627f79 |
| SHA256 | 043d70b360ce522009dddcfa188675434f0dcd1edcfac538a1cfdd14b19a950f |
| SHA512 | 4b7fc35a84f6bf235e100879a208335941c20d06fe9041fd4e4c27ab2a9f5b27e6fe43e38b0b93e37262856ce3cbdea470571b1e3ba17c6e748763c1d959234d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\cache2\entries\599ED0EF31CAD4FEF69926D3A322C3A0364B4B00
| MD5 | 943fddc6071c83a000c8622d98957cd8 |
| SHA1 | 78b3401a0119c1d5083e68bb9247acc1df3ee97e |
| SHA256 | e3ee0b77a1752a951e462026dc951e8a95bf1d29a7885ef46a977d0229757090 |
| SHA512 | 4f72998f653ddd0fd169166e441df083ea54ed17b5afc983bc945d5d0e5fc8b23a830511e8cc44511dabe12ee1e4bf16b498dddb427883224b348ffb78b70226 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\xulstore.json
| MD5 | 1995825c748914809df775643764920f |
| SHA1 | 55c55d77bb712d2d831996344f0a1b3e0b7ff98a |
| SHA256 | 87835b1bd7d0934f997ef51c977349809551d47e32c3c9224899359ae0fce776 |
| SHA512 | c311970610d836550a07feb47bd0774fd728130d0660cbada2d2d68f2fcfbe84e85404d7f5b8ab0f71a6c947561dcffa95df2782a712f4dcb7230ea8ba01c34c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\targeting.snapshot.json
| MD5 | 28ddbd676426a1ab9eb68519d8aec88a |
| SHA1 | c8038cd88f6e8b85a17c770cc7cec258007b0948 |
| SHA256 | d3b609c13ba3e0e793cdbc4b0bcf791283e590c92778cc5dde50a7a94d862d77 |
| SHA512 | 0fed61c69369e8ccb0071a5eb9e616dae2f009a21723cc29ab4526d3a0801955edbdf510c87d2f4716c9551e9b18575692aacfe7f26d2110136ba698f6ba6a02 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\broadcast-listeners.json
| MD5 | 72c95709e1a3b27919e13d28bbe8e8a2 |
| SHA1 | 00892decbee63d627057730bfc0c6a4f13099ee4 |
| SHA256 | 9cf589357fceea2f37cd1a925e5d33fd517a44d22a16c357f7fb5d4d187034aa |
| SHA512 | 613ca9dd2d12afe31fb2c4a8d9337eeecfb58dabaeaaba11404b9a736a4073dfd9b473ba27c1183d3cc91d5a9233a83dce5a135a81f755d978cea9e198209182 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\cache2\entries\037778A55E1B7E9BED3390289866D09402D6C913
| MD5 | 814e6b96869051001ed4b091f254a04c |
| SHA1 | 3c2899c1b1572c3e7abca02278db2ed9c4270845 |
| SHA256 | 7ba5c2fdff0cdc9e89872d614e8f586afc975753f6a54455d6efa8680f7e3c45 |
| SHA512 | 3775ea2c6467fc7ef2e07fb1f868133e4bb274facb64eafcb700f9d228ab47f1bdc905a10e5823ff3a05b01bec0a6acb5f58a218831ca5a56bdfab305c1c0ff9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\cache2\entries\6D89348819C8881868053197CA0754F36784BF5F
| MD5 | d3c0f31ef7d83fa5009405f80dc69aef |
| SHA1 | 932fda82d67b069327b96ee4166ef9d1ba067f85 |
| SHA256 | 600149f056e3849f7fbc3ce2fd6f4eca6e0c483d0f39c475a6f6c2de8fc6b77a |
| SHA512 | b30fbad1c25f130e5c7880cf643538767f7e34db087d932a1824315c51495622cbb3346675ac7df2dfbb4257a471bfd094ed1ae9a2387b57999e3473efcdd06a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\cache2\entries\4832D199584363B876D3E7D57CA02A9B0F4D91CD
| MD5 | 77a0a5a337104d24e7206472f40aa65a |
| SHA1 | df09c0459eeb4a141e3cab695b554ed13c440e90 |
| SHA256 | 261831e9eae5d21145078cb8fd66c3429deb7d2032c841e3a05a14f39c705b03 |
| SHA512 | e1d46df0157a620015db3926c7535f7841831cce66427aac024f32c66eca0ec22bdaf780aec4956811ed19c77285cbb924f4ab5bbdc0444e83f74e7b2c77d28c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r2ik7u9z.default-release\prefs-1.js
| MD5 | 55c066db479169a181e1bf0f1c1b8486 |
| SHA1 | 1de0caa38871c94f1ee160a2fcaf061a6443186c |
| SHA256 | b5a86f9bf23c2c643c9f7766a55535e3987eaf2e2fe823e8f4c717ec108bf2b9 |
| SHA512 | 669455d9fbe5463a5373c19988ebdb4d3d27402a0d1951bafa645598edd287bb20e8585cc0d0dbd13e24d99270f5ba4750acde963479efa11f8172364b20307f |
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-18 23:58
Reported
2024-02-19 00:03
Platform
win7-20231215-en
Max time kernel
55s
Max time network
273s
Command Line
Signatures
Detected google phishing page
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff5600000000000000dc04000065020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{A57025B1-CEB9-11EE-A5E0-76D8C56D161B} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\DOMStorage\facebook.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{A572AE21-CEB9-11EE-A5E0-76D8C56D161B} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000566b58630fb3a044b91770fce5e9b2d6000000000200000000001066000000010000200000007d8800c2d84d80737532b8b5e8028fe088e6c9209114052250fd63af19d209c6000000000e8000000002000020000000de9f481292969c718da3b6524d9dec94594d60b27f1154fadd61aa23ed01b08190000000090588772ad7ac97741fed93a17c77bef39f9dc871509fb809978b9361e15655b85927af1efac71779e5a7e0de68cd25203969eb828a1245f00d284f807974a8229f6a54d2619a2baaeaee7b4129fd5e6e0af0ebc1ebedf263308be583b786a890aa12ea5d075c97bd363d14a1032273acd9a0ae3387dd7832f13444aa1f1f658fb8fec21b172f49f327647d40bc2e2c40000000ae41dbf7680273467584f694ad158d080af261ca5d829284f43eb8042b4eb077d9eb5904ebd3edb1ee46d077b2326c34aff6f70497a0ac4d8e19623dd6c2a2a7 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 60dafe7ac662da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff5600000000000000dc04000065020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\2bb36620acf15261962936d9d55b31e3afdc63061ff2259353deaebe3ee5fe89.exe
"C:\Users\Admin\AppData\Local\Temp\2bb36620acf15261962936d9d55b31e3afdc63061ff2259353deaebe3ee5fe89.exe"
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://www.linkedin.com/login
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/video
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3068 CREDAT:275457 /prefetch:2
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2088 CREDAT:275457 /prefetch:2
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2676 CREDAT:275457 /prefetch:2
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2736 CREDAT:275457 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6649758,0x7fef6649768,0x7fef6649778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6649758,0x7fef6649768,0x7fef6649778
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6649758,0x7fef6649768,0x7fef6649778
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1092 --field-trial-handle=1296,i,3853030306121485436,18428870500930889884,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1092 --field-trial-handle=1296,i,3853030306121485436,18428870500930889884,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1528 --field-trial-handle=1296,i,3853030306121485436,18428870500930889884,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2260 --field-trial-handle=1296,i,3853030306121485436,18428870500930889884,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2248 --field-trial-handle=1296,i,3853030306121485436,18428870500930889884,131072 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2028.0.1345809967\1253160382" -parentBuildID 20221007134813 -prefsHandle 1208 -prefMapHandle 1176 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7cfe742f-d674-47ad-8f05-50022ac28185} 2028 "\\.\pipe\gecko-crash-server-pipe.2028" 1320 101f0e58 gpu
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1060 --field-trial-handle=1152,i,10806776370388237050,15954102552075268869,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1092 --field-trial-handle=1308,i,10957605691271056521,11618009765529613903,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1452 --field-trial-handle=1152,i,10806776370388237050,15954102552075268869,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2772 --field-trial-handle=1296,i,3853030306121485436,18428870500930889884,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1460 --field-trial-handle=1308,i,10957605691271056521,11618009765529613903,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2888 --field-trial-handle=1296,i,3853030306121485436,18428870500930889884,131072 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2028.1.1132608334\1654776143" -parentBuildID 20221007134813 -prefsHandle 1488 -prefMapHandle 1484 -prefsLen 21610 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e9979f73-ec07-4f86-b406-e332bb66cda5} 2028 "\\.\pipe\gecko-crash-server-pipe.2028" 1500 d71958 socket
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3484 --field-trial-handle=1296,i,3853030306121485436,18428870500930889884,131072 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2028.2.465628455\1517922926" -childID 1 -isForBrowser -prefsHandle 2208 -prefMapHandle 2204 -prefsLen 21648 -prefMapSize 233444 -jsInitHandle 832 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2a6ead1b-38ca-48f1-99d3-0eeb722ca007} 2028 "\\.\pipe\gecko-crash-server-pipe.2028" 2220 19493a58 tab
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1408 --field-trial-handle=1296,i,3853030306121485436,18428870500930889884,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3224 --field-trial-handle=1296,i,3853030306121485436,18428870500930889884,131072 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2028.3.345725568\247765121" -childID 2 -isForBrowser -prefsHandle 2288 -prefMapHandle 2304 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 832 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b1f1e8f6-bb76-47a5-a737-2c8f80664a4a} 2028 "\\.\pipe\gecko-crash-server-pipe.2028" 1804 1c254958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2028.4.1048227004\1525326565" -childID 3 -isForBrowser -prefsHandle 3444 -prefMapHandle 3448 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 832 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {07a3baec-2b60-4541-bd23-c791d63c0126} 2028 "\\.\pipe\gecko-crash-server-pipe.2028" 3260 1b9f0c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2028.6.404685785\1866456756" -childID 5 -isForBrowser -prefsHandle 3860 -prefMapHandle 3864 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 832 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {081ba187-5c55-45fa-95ad-e9f6910ba7f6} 2028 "\\.\pipe\gecko-crash-server-pipe.2028" 3848 1ef69a58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2028.5.1022549029\907444177" -childID 4 -isForBrowser -prefsHandle 3712 -prefMapHandle 3716 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 832 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {272a5604-f0a9-4ee4-9246-4e13c3a484fc} 2028 "\\.\pipe\gecko-crash-server-pipe.2028" 3700 1d9e3858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2028.8.690600558\687449258" -childID 7 -isForBrowser -prefsHandle 4300 -prefMapHandle 4304 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 832 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {65bf0e5b-9d3f-4eaf-943b-56b2d3e7df4e} 2028 "\\.\pipe\gecko-crash-server-pipe.2028" 4288 20de2d58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2028.7.1248469190\186685172" -childID 6 -isForBrowser -prefsHandle 3864 -prefMapHandle 3860 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 832 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {90a557de-bbd2-4a74-8fe0-6df8fa80ff00} 2028 "\\.\pipe\gecko-crash-server-pipe.2028" 4192 1ebbb558 tab
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4244 --field-trial-handle=1296,i,3853030306121485436,18428870500930889884,131072 /prefetch:8
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2028.9.1610394655\1868577874" -parentBuildID 20221007134813 -prefsHandle 4632 -prefMapHandle 4628 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3d836815-347a-4c61-92ec-002b3c1329e5} 2028 "\\.\pipe\gecko-crash-server-pipe.2028" 4640 22aeec58 rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2028.10.424047116\1852346633" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 4744 -prefMapHandle 4740 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d3967f26-5ce8-4a82-a138-74f586a5f0c2} 2028 "\\.\pipe\gecko-crash-server-pipe.2028" 4756 22bedb58 utility
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4344 --field-trial-handle=1296,i,3853030306121485436,18428870500930889884,131072 /prefetch:8
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2028.11.1277872769\1993481111" -childID 8 -isForBrowser -prefsHandle 4964 -prefMapHandle 5040 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 832 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c0dd57d1-ad9c-4d1c-a2b3-8e154a2a70c1} 2028 "\\.\pipe\gecko-crash-server-pipe.2028" 4980 21ef8758 tab
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4228 --field-trial-handle=1296,i,3853030306121485436,18428870500930889884,131072 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.linkedin.com | udp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 13.107.42.14:443 | www.linkedin.com | tcp |
| US | 13.107.42.14:443 | www.linkedin.com | tcp |
| US | 8.8.8.8:53 | static.licdn.com | udp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| FR | 152.199.21.118:443 | static.licdn.com | tcp |
| US | 8.8.8.8:53 | m.facebook.com | udp |
| GB | 163.70.147.35:443 | m.facebook.com | tcp |
| GB | 163.70.147.35:443 | m.facebook.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | facebook.com | udp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.35:443 | facebook.com | tcp |
| GB | 163.70.147.35:443 | facebook.com | tcp |
| US | 8.8.8.8:53 | accounts.youtube.com | udp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| US | 8.8.8.8:53 | fbcdn.net | udp |
| GB | 163.70.147.35:443 | fbcdn.net | tcp |
| GB | 163.70.147.35:443 | fbcdn.net | tcp |
| US | 8.8.8.8:53 | fbsbx.com | udp |
| US | 8.8.8.8:53 | platform.linkedin.com | udp |
| GB | 163.70.147.35:443 | fbsbx.com | tcp |
| GB | 163.70.147.35:443 | fbsbx.com | tcp |
| US | 152.199.22.144:443 | platform.linkedin.com | tcp |
| US | 152.199.22.144:443 | platform.linkedin.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | udp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | udp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 52.24.144.241:443 | shavar.prod.mozaws.net | tcp |
| US | 34.160.144.191:443 | prod.content-signature-chains.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| GB | 157.240.221.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | scontent-lhr6-1.xx.fbcdn.net | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | udp |
| GB | 172.217.169.42:443 | content-autofill.googleapis.com | tcp |
| GB | 172.217.169.42:443 | content-autofill.googleapis.com | tcp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 172.217.169.42:443 | content-autofill.googleapis.com | udp |
| GB | 216.58.212.238:443 | youtube-ui.l.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 172.217.169.54:443 | i.ytimg.com | udp |
| GB | 172.217.169.42:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | accounts.youtube.com | udp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.16.238:443 | accounts.youtube.com | tcp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| GB | 172.217.16.238:443 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | scontent-lhr6-1.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent-lhr6-1.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent-lhr6-1.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent-lhr6-1.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| N/A | 127.0.0.1:50177 | tcp | |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 142.250.187.238:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.187.238:443 | youtube.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| GB | 142.250.187.238:443 | youtube.com | tcp |
| N/A | 127.0.0.1:50283 | tcp | |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 35.244.181.201:443 | prod.balrog.prod.cloudops.mozgcp.net | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| GB | 88.221.134.155:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 172.217.169.78:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 172.217.169.78:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r1---sn-4g5ednde.gvt1.com | udp |
| US | 8.8.8.8:53 | r1.sn-4g5ednde.gvt1.com | udp |
| DE | 74.125.162.134:443 | r1.sn-4g5ednde.gvt1.com | tcp |
| US | 8.8.8.8:53 | r1.sn-4g5ednde.gvt1.com | udp |
| DE | 74.125.162.134:443 | r1.sn-4g5ednde.gvt1.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| GB | 216.58.212.238:443 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 216.58.212.238:443 | www.youtube.com | udp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 157.240.221.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 216.58.212.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| DE | 216.58.206.35:443 | beacons.gvt2.com | tcp |
| DE | 216.58.206.35:443 | beacons.gvt2.com | udp |
Files
memory/1944-0-0x00000000009E0000-0x00000000009E1000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A572AE21-CEB9-11EE-A5E0-76D8C56D161B}.dat
| MD5 | 46150dffb19ab4c2b9b0bff2fb18d7ff |
| SHA1 | d122cecf5bc0cef67ae0fc531a0de3bc55eb73dd |
| SHA256 | 9ad3c4802608caf99de27010cb79610bdf07540ee63f7827c55fcc9ba6bf2ad1 |
| SHA512 | 5ef89720cfdbab9202c7cea381eab09cc07b44f890cd1936cb0220b6e82747aac2c23f4ed2f69216f5b36a7ce0699f72ac68b3e73c8ab209bafd20816bb96740 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A5728711-CEB9-11EE-A5E0-76D8C56D161B}.dat
| MD5 | bb19898624aa573d96fc3ade72972216 |
| SHA1 | 5f64a1af93ae629e2337cd5fb32b53fc817f3f66 |
| SHA256 | 020dafa3ead537715657e909794a22c6474dad33753893bd972e4dc397f8db5f |
| SHA512 | 270ee302fb04191e2684a9ad8548751f8d84c6f10f836fa65058b3f9c060c3e4feaa21fca19c2cfc8eca27aeb110e45aa8e286f12a52c3b8ebd9e4e28e567af9 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A572AE21-CEB9-11EE-A5E0-76D8C56D161B}.dat
| MD5 | c8071ae55a57f07aa4307724f5910fa5 |
| SHA1 | 151ceb4e066e14efb7ded888530e47c11c65df78 |
| SHA256 | 6bda22d877ed5aa84a218168b90bdde15cf8a34cc06d4a7dc1e7be176b4ad17c |
| SHA512 | faf200eb82ec2db329528e19b9f86abb32154fb242b603746b89dac5b49fd3b05d8bbe88be362f8a5d60570c814724e2c5d65b71a5cfb73e1283d98a5a79e667 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A572AE21-CEB9-11EE-A5E0-76D8C56D161B}.dat
| MD5 | 750f76a5c66711bf6801f42cb3fcaaad |
| SHA1 | ccd29bca5fb93f8135644dd972de28953461f9c1 |
| SHA256 | 5290473da7531396ee81012c1590227290c2f08fe4e0db6ee112cb9992090edf |
| SHA512 | dc577241e7585527c0962a6b12041c7a4bf9fdc74beaeed1f65abe9cabc9ef79a31fb8db693781f69d667ea235b1667c25e93f1f4f08bfa142f9064cd714c77f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3b529d58202c61c9697a1d10a3da5489 |
| SHA1 | 5ee503e12a24ca44b6595d6b46b50a503e930246 |
| SHA256 | a24e74d74c864bbc8438ab9096d2c40208ac0666bdec813db1ad958b875b1179 |
| SHA512 | 2460af6612e571f2eab35e4535cdfee9f308b840d377519eb3dcaa2c0da0766fd173551f6219211d8240915f96c0e3b4b270dbb33909f75d450d11e8de4a3522 |
C:\Users\Admin\AppData\Local\Temp\Cab227E.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\Local\Temp\Tar2280.tmp
| MD5 | 9c0c641c06238516f27941aa1166d427 |
| SHA1 | 64cd549fb8cf014fcd9312aa7a5b023847b6c977 |
| SHA256 | 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f |
| SHA512 | 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | 73d33ca445e7699df2c05fa3cabdf118 |
| SHA1 | 7c62bf16df73590ff5832d1674d9028cdffea927 |
| SHA256 | 807d5bd847913f41b20bcf74f3f37cae09cf6b6917d0b8482ec43927df7d2714 |
| SHA512 | 872ef2afc30bce4eef20e8ecf9cb7849ff93449e47455afae51e8b0de773b7dca45636bfe5dc646c98c10ed694e68a0a03c700bbc2c4d9996870337e4561d39d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 9da3b5b4a894c15d1aa6d3d5da27ee05 |
| SHA1 | 0d16e87371ab9401b56eb65a272347758566941b |
| SHA256 | 5d3ca1af142868ad96cffad80f8828660ef8fc2de231848cf76bd714ca68e37a |
| SHA512 | 8caa5f7d48de98fe9858cea339f6e08f8ef099a268f5fe644f91e2cf815be613bc59f1b48bff1e7413ecd57d3dc3db57c8cdd1a9987f4b5fd720fd96320a0d37 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | b05c9ac0ba204011302558516f589d27 |
| SHA1 | c0f01ce30a1178c0bdf4bf3f0d4bc649584d26d9 |
| SHA256 | d6469c65270605718119a1b1af1c880bbd0ca879451676e5b27257a180355409 |
| SHA512 | a32a6912dcb4f77cbdea59b47dd2c747385bbb533da1e857192ab96ffd74878829e43c92caf4866642a689a81bbc00248c1788aa9b7c37118f0772ea41a5e72d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0c8fff26d0d1e7f597c8fbee2936f31b |
| SHA1 | 49078d0ca39136334be60550487025bd1a996905 |
| SHA256 | e0bc97a428fc22b511883a467d2f222db38cb6ece0bd6483b53ab001925f9688 |
| SHA512 | 0feb39d436cc402ac40fd0a496e3dbf6a7cb52a1ef04ca5d4e13c9862d87c0874d9b766ae5ed39803a25808f84e11cc4c3fd725f4a2ebb6a2d0d32c9ece544bf |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6IJYZ6B5\favicon[1].ico
| MD5 | f2a495d85735b9a0ac65deb19c129985 |
| SHA1 | f2e22853e5da3e1017d5e1e319eeefe4f622e8c8 |
| SHA256 | 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d |
| SHA512 | 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\b5orqwt\imagestore.dat
| MD5 | 8d580e7eab069fddd896195696ceef3d |
| SHA1 | f2db56fa68c727367711f5841baed3a553eaf477 |
| SHA256 | 3ab081e043b553e9a9ffff4d0213f0fafa81a6c2cc4f5c4ef4ea302c59486cd1 |
| SHA512 | e931635b065f462be89fdb6444751183ca96e06c7d35bd83dd5bb239d04a05eeda84198e363c5c7c6f52ec78b7f510d1502e55b2647e37d320095fc50e52e915 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 439979f4451895c290515f431441d5ec |
| SHA1 | 7bce483c0e0afd41b6bf7233392fa648ccd25a23 |
| SHA256 | ca182c4a0afe1f1107e813aee16d0a94f06b03b7ef2c397eeee95447beafe76f |
| SHA512 | 4cc5cace25a377b749c60f45040eb3e89cad91be2cf66eb0571e65f5454db6d596917b4e624a15718070439fb7edd200ec17f4c9912bd559a6410439debb6142 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b8cc945cd4f37a464b8d964055aa5086 |
| SHA1 | 85f711a4d2afdc654d4a7c7a9695369389e4a439 |
| SHA256 | a41c3693a2969c1646f2eab736d8a406e2904150ba8be3f8844fd98263c9b7f3 |
| SHA512 | b2b76b9e120f46b8a6677ea10203ce9cb3ae714f112cea2c9f656e05858923a6a130a5ca9ffb7fec6fe6c720d91214016fc829455a0bdbc0726a44eeeb99b7be |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | eda42de90770a5032e6dc1df1a080bc0 |
| SHA1 | c699a26dc7840bb34c27ad503eba4e62de3f3635 |
| SHA256 | c7cdc0bcb80924eae40a62b3216ea1cf4ee7634ca271ca4f04dcb9ace1af42de |
| SHA512 | 19c1deeea2780f08a8e7818b6cf6c4fc907ac028b80bb10779dbdd80bc1dad21aeb9c0dbc6ce3b2a9fa9e1a3e2b2ecebf5bd0d7ebe6979314289463f3732a0a3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7bd29ab73e8129d3b353fcc071bb9223 |
| SHA1 | 3386284d96c743df07c21fb5bfe96e7366ffbc8c |
| SHA256 | 4735fdc7cadad96637003a56e389d86d525aa4006ccc9f765a9add26562c9a88 |
| SHA512 | 3a62e081ef573b8491fb4330bd3f3fa6a2fc0d7a59cb7874fc7985288f2b3ae7f6dabe3970ecf3b934a307f2a336d25c1b99bc4b0899197de8fd9d9f5a832803 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_520FA7AD0A5B7A5300910F5BBDCB6D0C
| MD5 | c971af0cbdd67ffceb6fd9b91e8ab56f |
| SHA1 | 9e1274b21bbfa36198eb044de18ccdc6ee41689a |
| SHA256 | eafd3e9236996329431dcdbc18b2eadbcc05ffe59f1cc7af725fc7f6ae0dd03f |
| SHA512 | 4870016818ada22228cb491c83d9e2a35482305b97eda82009aa3a9dafa208caee1416e03c7240cd438d9ad64c554d4250a7482a4d1d83d7266da72ff6383fbc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_520FA7AD0A5B7A5300910F5BBDCB6D0C
| MD5 | 0d475a764f404e231206bdbc20392613 |
| SHA1 | 08adab374d681c8a2e385dc1aab1f8814a646d0c |
| SHA256 | dbac3ed47e9109bf3dfc043aa2051749ec60abfd9491abda7dc840785121907d |
| SHA512 | 49b63bf4ca2f0e5fa337d1b1cc257690bb14388c19476893ac4e490e3eca9ab1588fbfd1842ffdc550c72decb593950643017813070c0fe7a7f685e2254a9775 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6IJYZ6B5\3m4lyvbs6efg8pyhv7kupo6dh[1].ico
| MD5 | 3d0e5c05903cec0bc8e3fe0cda552745 |
| SHA1 | 1b513503c65572f0787a14cc71018bd34f11b661 |
| SHA256 | 42a498dc5f62d81801f8e753fc9a50af5bc1aabda8ab8b2960dce48211d7c023 |
| SHA512 | 3d95663ac130116961f53cdca380ffc34e4814c52f801df59629ec999db79661b1d1f8b2e35d90f1a5f68ce22cc07e03f8069bd6e593c7614f7a8b0b0c09fa9e |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\b5orqwt\imagestore.dat
| MD5 | 21a1e6f27dca753659dff35274c0621d |
| SHA1 | 5918a7d158d5952edf4bfb700a4cf27aeaf7767e |
| SHA256 | 5e07f9df413ac3ed892b268ceed53fe61198c141fcd02a6ab476771a61b0a1a2 |
| SHA512 | ee4fc415f0393752ea5aaab89c460114ca5e06839ca909e353eee99b7b480672c3e76fc2a5c12e25bc4c0eb964c7e83d54f7964bd99cacdd058508d053b3f102 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1L4XA931\accounts.google[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\7Q9AAUO1.txt
| MD5 | dff5af1d616d00cc956407b125df486b |
| SHA1 | feafcbc74beb1cfe3fbf58168420f5a8f20ae056 |
| SHA256 | 3abb56f24b06bbbac7c32c64fa3bf9b8b8731097ced441cbbb32c30d4c195c23 |
| SHA512 | 4f390b51cd61dbf84b2ebba845e1b05e790cecae7eb5233b1b7e5d3b173c6abb282213fd0d1d68732d840ed2bff859e3ecba70c8c6cb97528667b20b54967187 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LFTKP12M\favicon[1].ico
| MD5 | f3418a443e7d841097c714d69ec4bcb8 |
| SHA1 | 49263695f6b0cdd72f45cf1b775e660fdc36c606 |
| SHA256 | 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770 |
| SHA512 | 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\b5orqwt\imagestore.dat
| MD5 | e7d3220989f91cec07635dd633c06235 |
| SHA1 | 189c6f67f0dce611571e536271cbbfd359c54392 |
| SHA256 | 00af310d387bea48adcfddc16a817c2692f95bacc6c85973f62be5e6199c4a6c |
| SHA512 | e6be4e641484e558f1513a140235e2008700369719f2288e83a94d563944277b4d7e827947096ed42dfdef96eea7e105c94d92706125f45c0ae11a256f9e84b9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_77B1CCFAF3D0516ED1D1368847DAC1ED
| MD5 | a3cd08eb3bdead5bcffe5edd8b78a445 |
| SHA1 | 0690821870aabbb491ebbf25ae7707de62336f3e |
| SHA256 | e0d5059439d49458ddd35af23f868747e1091aa6f3c685d2a72d88d1558d2ce5 |
| SHA512 | df398a4dca12353bb87935f5861ede5cae5da3162e7690337e81c9aac6c6ba7394edf46bb4c87ba9f3bd1935a601c35cce1c25dd077e29303211e0b35b9b7ff7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_77B1CCFAF3D0516ED1D1368847DAC1ED
| MD5 | d72ed71545979ab8149afca0bdd6585e |
| SHA1 | 0b1c1b422bff51156ca128696ddcb81dc18c9765 |
| SHA256 | 06d0fc18232ce76cab0498bb89838f50d773dca55435f9ae2d4861031cb9406c |
| SHA512 | 2e5ac7380cd6c6b9dd55d6706e7208f47976d417eb722889673ab57c7b57fd3cd80d04d9b3defab5fea4aa53573f0fae683f8c45439e7513fea247d6d506b3f1 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LFTKP12M\4Kv5U5b1o3f[1].png
| MD5 | a81a5e7f71ae4153e6f888f1c92e5e11 |
| SHA1 | 39c3945c30abff65b372a7d8c691178ae9d9eee0 |
| SHA256 | 2bc7a47889c56ad49f1b8b97385d5a4d212e79bb8a9b30df0665a165f58b273e |
| SHA512 | 1df32349b33f6a6fcb1f8b6093abd737fa0638cdd6e3fd90a7e1852bd0e40bc2633cb4e13c4824fb948d1e012e5cb9eed0b038b121404865495d4e57e123db69 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\b5orqwt\imagestore.dat
| MD5 | b4e089b5ae5073f7969206360ed2ea61 |
| SHA1 | 43751ddcaffecdd3021f031cc34e14dcc483b4dc |
| SHA256 | ee0e2a04dcb1c69e97ee0c549181ecb2e0fd28b2ca16cbedf0516e6793f10080 |
| SHA512 | b978fd8e49b58678990fccc02ec08dc6627c5dce773d5b295346bff597dffe1141f1fac9fae125e5633b75b5e76f548801420eecc0e70dc24c8b1d6f76b81c51 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b1f314cc6d7a65de14c083b687dc525f |
| SHA1 | a8fefd7825a6e2a89d14382f8f43fa25c0bbd53d |
| SHA256 | 99c92ec55a8e15015e759373fbf7e1d6d5b511514b81ef0f49c64188de713de1 |
| SHA512 | 8ce2195309a3b36f4c2ddb111ee1dc216d0908170e701f8d843d202421d473678472891af0ece29c796a7992db054157daeed4deefe89b62d40db1912e03231b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d252b67722bf41891102abacabc2c835 |
| SHA1 | 387d92710fe1c5dfb386aa7f8daf57df9ae8f361 |
| SHA256 | 59afba9b213a409694bdb0e2e44661c260df703433007ca6831d98bc6922bd85 |
| SHA512 | a4015da8e3199de8746093872a80f21c699fd4c17d3f4f4e9f56622ab3e03fb437ccebbcd75ef1db824831a6908264a262b277524b2e4d16f5b77f87d5a455bf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c0938f72cce9af1fdeea495c69038ffb |
| SHA1 | 3e326816b0dcedc61123600779ccbb7c289505c1 |
| SHA256 | 2bc77efa6649b6d6a11cc91480e6796c6fe33e9443fdf798e9aec9feb19a5ad7 |
| SHA512 | 0056b035cc810406e8981dd5f024fd0006c75e26aafde2d8bd46021b290f314e4716e941da875d36aa64289964b9db3d5b3094eb700b9beae872970f6112537d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3718e98115e228089d5ff36935270a19 |
| SHA1 | 828be85e2639f5e402439f3158e9115ce8ff7bd1 |
| SHA256 | 825b0e43528bad264b5c7fd5af65974f7909728ba0a4065c0be8816d448fc19f |
| SHA512 | 9944e3f26350369e15fde6e1f5727c1ef33b59338e6799a0e2f2eb71dfa27270bfa6a6bbb9cf30e4da2e45b919ac4674e233c8be96778abf6b16a8e363b17228 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 21e363568c7cf2ff0ad9e7775a8b83be |
| SHA1 | 7b44fd7cba208d7cb6ab07a4f6bf3cee7fdfa3db |
| SHA256 | bc09804c468c3603f2f65cb3000881a70057582be195bfc59462b5e04c3b7600 |
| SHA512 | da16814496dccce91a3756c76b3e1ff15b306d0ad3ebae0da36e8266572c009fa67659eb2113bbf474d7e2ac4f6eded38cd3c3ae253805e183b5261443bf22df |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 33bb33d7dac23390c903b2b01e73aa3d |
| SHA1 | 167dce27f3f8816711fdb044baea8f4bb6396944 |
| SHA256 | 4986aa3b97e41138440a8cc7ec0457cc1aa1c47e29efb8221e1eda34d136e578 |
| SHA512 | de564a57d50594503a7f2db5a251f5778a5350ee9a554c31e974cd78a704f6abbb13b24c752af53846db43b6b72ed792ae161ca74c8ead7c56ea783cc8a3c19c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5c6633fe42f3353deb76096417ffcd9b |
| SHA1 | ee341b9a4bc0244b79223846f4de986f2e032a0b |
| SHA256 | 323653a63e6066e9247b6b1b4a4dd388839d13466b75a66237b7f531205371cf |
| SHA512 | 0731447d3b995d7698e830777bdce864979eb3f4bf3bcfb1b0f474ef2d6a10af73f120b87ca081601a34970d6c460e0c53294fced55efe8a1baec792b2b6a7fd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ac08b1bc03d7eb0331432cfcfda157ff |
| SHA1 | 9c90800d574b0f28b0906a925a78e1a4aeb67f52 |
| SHA256 | 8595330af043db23f37c7ecb0dede7c9be5829e478f5fb9b99870bbb55625fd6 |
| SHA512 | e4347216430f965f78786c7bd167dbfeb1b809786af17be716b1aba4044b0117f3232436c2410a2ce41586014309cf193c2215e5930bed6236d71afc53aada7a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 64ce4e5369e88939a3c5046a9a0e19f8 |
| SHA1 | 8e994aa01ccd592766c0dd42f991913310477a53 |
| SHA256 | c2ff6b68356e669ded8b5e478b510384fb52ce3f311d0982a2bfd90a8d9c3a1a |
| SHA512 | 5ae65ec426ddd08808258186712ef73b6a5b949edff8c98f8dc0eb9f24a782699167e3112fb7c02ff9b8b1b9da909c30af7ce30f87e0b483bd57f3eb8482d26e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fed410cb9fbc6b08e91f9fec1dac5cbd |
| SHA1 | 9bf2a7e318f1b5f76e94ae32bf5804c2107cca27 |
| SHA256 | 60d8f5663a613701a0f41d780b995b8f7473deaab936e2f1b32bb2d36ca488d5 |
| SHA512 | 3eae60816628307bd4a322dd1f5e003b2543f717e249f53ebbd2e73a0713cb115300b5ca0c0342146a84920282ba7b016b87d1c6831693378205ef952134e17a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2c7c2e850ff3ef70ab8222b9ac4d65d3 |
| SHA1 | 945b238ac1abe3f610555e1b019db31c62fb798d |
| SHA256 | 4bf7c8a3ba943412f74f683f66c93a81e2f204f19478680c12f20913e2673022 |
| SHA512 | ad5ca7788b01e08c1f4d67b885a40a0661b4ab5bf72f3ddef853cec5777778e8672abdf832bf525a078dac87c94efdb27fa052f857a3af1ceb0998a9346b3c39 |
memory/1944-901-0x00000000009E0000-0x00000000009E1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 6664877f87a0f00a2ddeff4f3c4fb482 |
| SHA1 | 2b63c85ab24903e01fc46deef1329e2ca07fafd1 |
| SHA256 | c802fef97b5b8677af9c4e7c55ee296543878fd972aa3c5a0455f088adab73ff |
| SHA512 | 3ee4cfb19cd3c1739237e6fd744903ca0788f749719f924af2db0d19cbb036989d34e534387f90232dee3a22955e4d1de1d784a12e0aeeeb17902aabb60dbed0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | f732dbed9289177d15e236d0f8f2ddd3 |
| SHA1 | 53f822af51b014bc3d4b575865d9c3ef0e4debde |
| SHA256 | 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93 |
| SHA512 | b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 16b7586b9eba5296ea04b791fc3d675e |
| SHA1 | 8890767dd7eb4d1beab829324ba8b9599051f0b0 |
| SHA256 | 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680 |
| SHA512 | 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771 |
\??\pipe\crashpad_1628_CAQKLMBFVQZOITHV
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp
| MD5 | 18e723571b00fb1694a3bad6c78e4054 |
| SHA1 | afcc0ef32d46fe59e0483f9a3c891d3034d12f32 |
| SHA256 | 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa |
| SHA512 | 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | bc6142469cd7dadf107be9ad87ea4753 |
| SHA1 | 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c |
| SHA256 | b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557 |
| SHA512 | 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 8549c255650427d618ef18b14dfd2b56 |
| SHA1 | 8272585186777b344db3960df62b00f570d247f6 |
| SHA256 | 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13 |
| SHA512 | e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\91ab3ae0-2bdb-4e4c-b1bf-9bc78fe9169d.tmp
| MD5 | 5ecfd9853e8408e97e1a4987c95fd90a |
| SHA1 | 912a01c737d605be631e3177f393bd2e47529293 |
| SHA256 | e3308430cbf3f06d8d8a8d53639ca6ed3d099b8c8cb6aa67ab50c77c8617ba54 |
| SHA512 | 1c9a7e4f04eff5324ce206db1fa20a6df9481ccb4d320fe9d163278f31ec85affaf1734d6dbdc2d3f6f20006c0bac5c5500e3531eb0475290ec40dd33e61ba22 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\aafa54a0-7bbc-480a-8819-41fa968dd718.tmp
| MD5 | fdb4d7d4d665eb08b83b5b7e60802e78 |
| SHA1 | 6d0e071903007de277b51023e7eaf4ccf8199f04 |
| SHA256 | a05cd551561e7dc868e52a977751a49f60861b065211535d75c287eb5fd71bb1 |
| SHA512 | 802180ba983c86b9d99b4b79f9d19d6be3f86e857311995a92e49075b92f87208eb0103353386ad2d0134bc8420f813a825079cd6ef04c71f0d3e1b56014815d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
| MD5 | 1a1250af265e91009d758b5191c4abd3 |
| SHA1 | 3db0731f8581aa58ea4b0aa0ae5881b94fcb3ad2 |
| SHA256 | cf6ffc34998a823b5e737d496960f24ab4f03b7e3ae2db2f08d589a8781d6732 |
| SHA512 | 9c0f3c31ffe4927db483f6a14038fa5931b84ab4646055f2719c094dc6ec900623aae40dfb5e625055d5cf30ef36eaccd33985d175c51ce10d63f658113f8a67 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
| MD5 | 41723617c7cc6a9b945a2784edfbb614 |
| SHA1 | e21fddf97de22ab5b4d60ccc2d71f932a6a9008b |
| SHA256 | 0cfff88bd1a5aecca3e3e9a8e2f41178e0523dcb1e89298ea4a98da9bedff507 |
| SHA512 | b1497b7f77d7609d4be2b11e0884e71ef53c8011c3715f2583bee40f34ed3a8f21498301cb0a083922d3ebd9d01c23178ac26de81a71cd78400ed3d801e3cd5f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_B88EBDD1C39B7C1DDC0A20A63167EC66
| MD5 | c28b317f409273fde133bd50a9fe4e4c |
| SHA1 | d1d3fd7223e8a9b52c42f12fbb3de1e0d39f0ff9 |
| SHA256 | e29eecb0814d74fe773f9856fd20323533b274197a1781de036caa14086f5235 |
| SHA512 | b53681b8d1be79a64dec020444a25b7bd2c3044951a5a17a7bb5b98ff1b31f3bb76d906cc4a0826a18c2c650a9184c509fcfe78008e944987299b1cf8b5aa885 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_8F986B155B6342EE1ACF678AFF6889B0
| MD5 | 0c775cdab0b027ad439761a5ddefdcc6 |
| SHA1 | 99d26fdde922ccdab7dd6a01b8f35930d574f274 |
| SHA256 | fc1dc11221e57a97c4544568eeb3d4fdeceb386c8a945bd7e33bab0c375f291c |
| SHA512 | a595bb229d1ea6d58494ad30283310b0e6da964f22404e1c9bfc89c22b79196600808cba0ac4a6988c05734a71ceaf1c6726109165dc55c1021626a445e9551f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_8F986B155B6342EE1ACF678AFF6889B0
| MD5 | 77356cd789adcef59151613cfe8ef4e2 |
| SHA1 | b30096fb7678b89057bded4064544be04ceeae22 |
| SHA256 | 29bf0bf3058bf9a3f71a7c942adb95aa9ab0d8e1fd0b16cafba28cee910a6ec6 |
| SHA512 | 4bab02f9ec779f4104a2c18a8730746db63ad1ce231911f8f2adbc1b305cc1813e395f67a8ceadf25eff01a228ca280bbc06a1d611298cb34266e14acaccc678 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_B88EBDD1C39B7C1DDC0A20A63167EC66
| MD5 | 6a47e9f4403f2705c49cfd40103890df |
| SHA1 | e071dc95bae2c759f0a3f76f96bcd8ab7d836ee8 |
| SHA256 | 24b2725f8a5dc139f681d67d9ed908f0ba74b91e09e968064544509819d1f49e |
| SHA512 | 0343ae0d01d1c755f0e79c12f23e4ca2222ca830749a5bc99b7638d29dada8e8db1f0f4695c3947539b0d90b3a96874b2a8ba9dea5c07a6953529fc340bd4804 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_213A1FC67444E3E9CBD41E0A7B4B61D5
| MD5 | 9f6aa8a0886bbdfd18f5cedbcb7772da |
| SHA1 | 01ead72648a0ca4bc8f363946ebfe7a5bff7a146 |
| SHA256 | 97df3fa25e4027a19d0a211dbdf44b72c96188aba7e4f9f60b5b5bc4ef05cdfa |
| SHA512 | 73c795e1021b4947972686068a778d9560231bbb104396a1ba829f4a2240aea296f540ee2f56143f56cd30e969f7d5743cde7ad60ddaa663d427c5c6c54d7162 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_213A1FC67444E3E9CBD41E0A7B4B61D5
| MD5 | ecfc569be6c12782df8306b2884ae95f |
| SHA1 | 79f64a2c638ce3cfcbfb8a24e1653b7bd657daf1 |
| SHA256 | 05d5af8386384f0fc536914a47eadb1bd93549be2948e8426b4b126cbb457d2f |
| SHA512 | 7d420da08a8de143b996ba116698ead7874ddcbcfe17039c8cb939e5eef2974f33430cc695123596703abb2370a34004024cfeb32e1253a55c6cc5191225ab46 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 5a250e3d0a5e3e5ccbf2f2724cf8a75f |
| SHA1 | c93ab9558806d8564396f0cbc3a5f072267d2eb2 |
| SHA256 | 625c97d5e3bdbe72813933ec83f1971a23935f2fb517f660421c283abb63fe65 |
| SHA512 | d1cc727459642b8525e9ec195bf15dc92daf4b4734e61d218fd3cf2253b2f2de9489d80ca025096acf4b1bdb131b0321ec51017ccdf5fa65a1d34a6b0a4915f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\datareporting\glean\pending_pings\f88c6e76-61da-44f2-8e8c-38f51bb1afac
| MD5 | af4ba88585d14426860e2dc8a1b3756a |
| SHA1 | b653bee388d82d7c80a41113c6cfbd3a1cf605ce |
| SHA256 | 00989a8a93c62eb4fba7bfaae56609c6e2e657134a0ad6cc02bc3ce62fe065cf |
| SHA512 | 1bbad8da1df9efce6f871a608dde558e8ba12664912722accfbd360bfa3df921723abb1a2f6f653e228f186a8df17d2badce578f902e737f31a5827c6ccdec14 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\datareporting\glean\pending_pings\c1f85592-b266-4b54-acdb-504e69e5f0bf
| MD5 | 61779a438ce947bc400a01899daa175f |
| SHA1 | 8cec59d70a9a9013efcc882db81a8714c79089f0 |
| SHA256 | 6f09cd68e70bfa3ba2ca90fbb22e55f862670140231a5a97c3d4ab435a917c36 |
| SHA512 | 41b93501acc7e6510c8ebc5753ab37db06843bf408bf6188e844f4d5130a2543fcc9ce2285f35e284545628dfa673256e6b3965268675278312ef7b05c2c5dfd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\prefs.js
| MD5 | eb96ddd69a8192392789856ac020be11 |
| SHA1 | 7f9248f4918da400e77a0c40bd00c7710f92b704 |
| SHA256 | 64dcc946a58ab521c26c20b246a8bac4276a99d3d9edcf82a75e29a90c2a739c |
| SHA512 | 84c1a7aeedbd7e9d6ec2cef641dcc39f4f991188d64a10dca060d796d5d30226db0655e178bfd630527d62baead4402e19631d9a73a876052586aea012baa69a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\prefs.js
| MD5 | 61e83be2f70fc7656ed422cf4b048514 |
| SHA1 | 659f095baaf1ecc3a9de731110c5879ecf750a92 |
| SHA256 | f4620a2892b7070c98daf47256330fe499584c8b97b0b5d3f90cdf63fb78948e |
| SHA512 | e8645aae8419118edb61224c85fd218f383e4c6dc942e5f82d73fe4b46d6d218445c07023215e426706ddf006606bf04142e04f4c72de019a6c2404dd2a38abd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 07ff38ed48a1b6a2923483a54d2013e3 |
| SHA1 | 970af19e675d41b9a6cdbf2eef6776e053e35359 |
| SHA256 | 87016d13b60d3a2bb49272ec7fb7f2c38b7a5b2aad912dd0e049a00c6dc17069 |
| SHA512 | 52f3dc0ada915d7b36264a38832be619f7a78fff3863bcb2f3fb9715733025fd7f95e5fc8f7dd6e5fddf2e6e3cc04e321d331f0db071d7852fe3d3aff8213fde |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf769e13.TMP
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\storage\default\https+++www.youtube.com\cache\morgue\20\{8c6d51c8-f56f-4acb-8255-6171453ecf14}.final
| MD5 | 2a252393b98be6348c4ba18003cc3471 |
| SHA1 | 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598 |
| SHA256 | 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee |
| SHA512 | 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 8411a078075eae0b7d2d0dfb5703d0b0 |
| SHA1 | d501b214fbfe04833586795eb4e5161f65292b0b |
| SHA256 | 543b457b9829facafa977e2c7e0c06357d158a198296dfc6c889ecc7a3de9008 |
| SHA512 | 24f95dc27024d97ba8fb9af94ecd2ec48d808efc1fc5eb02f633380ffcf23f169ada68e7f8d5108d7852becc701bbc31055506df2c17c48811abe5e7351fd31b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\storage\default\https+++www.youtube.com\idb\3639349060yCt7-%iCt7-%r9e9s6peo.sqlite
| MD5 | e04f4438f5a1ceba5182098c296831ad |
| SHA1 | 650cbe44480c2937eba4ad9c6d6a6626cbbc7f9e |
| SHA256 | 0cbdd44bff56c8fd3f10235c62d4faebf6b05146a045e5767ec2fa3583fb042c |
| SHA512 | fc4cb1e6f6fdb8e81e93c8aafb87b10cdb197dda4df0766276e765ec79ffea734336920c775f004e66edd12516d2ca0e1bfeaa0d9e63cec190b22c2f960b6448 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\cache2\entries\B244729BC80B4AC34542A2CF7ABB28C54E8B5AC9
| MD5 | 016d1a84a8ffb3dab9a10288cbbc0c78 |
| SHA1 | 9c8ae59e073e74d9c23b7ff6b06606f167079fc7 |
| SHA256 | d1a7a82772269f5d1bebbcf5a8fd9a4a03881401fb3b02dfdeb9060a7d8d86b0 |
| SHA512 | d0efd9f801ddb5ac89718ca634ce6fb91a725fd5c249dc35f750ef1b6910ef68f6d0abd3c276bf2094586d846a17c6548a20554427d1a49cc333638e3c08d010 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\cache2\entries\5386253589D09F6437E215B7DD9D35AC8A9667C7
| MD5 | aa36dbc0a24cae74f4cba17301a13a53 |
| SHA1 | 278cdd47abc4e64b171083aca18a755b297ad795 |
| SHA256 | db50bffb6588e5af84599456b69ac97e59099a2006ee8b9578494349b2d4181b |
| SHA512 | 48dba1197180bca6a6f99105a8b3a9495f3a476cf314e2644d8816377fae96a917f1d9e6377cb6e82b1ba94f3c0f04de469bb908782930c3c7b49af12a13f99b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\cache2\entries\70F9110B15BE4CA3789C4E686EFE371A84369C0A
| MD5 | 7bf3cc1ac81fe881c2dbc695f12dd259 |
| SHA1 | e99c8e845eb3338dff17449b9f62ba2d9fde3834 |
| SHA256 | d548d631addd72703a943d72ddf3b3c2d39d0e0ea3097a5d8dc4057c78c9c04f |
| SHA512 | a3bcb3d058fda0a293030eb4f6c8c812a7976ab1b2d21713e9c73f23bef1a9291c4dcf47cbc8b9db8d5fa7f8407534ac649e40c71dfa421f3ee938dd4ac1a4f7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\cache2\entries\DFF427F3036CB4FD84301A0F4A7459DEC961B2C3
| MD5 | a5bea9a9e17ca12a1f8e2f503a5a712a |
| SHA1 | 8a3d01a25b216e399e7389cb6a6dc55b0ead87d1 |
| SHA256 | a8d6805abc59b3a7f11187708abe38321e6b70de5040ee2d64d8ac3fb669123f |
| SHA512 | dfc4947b1c49f2caf6095597e8395b41fd05b0d9d9869987a3634700e6f01f0947d3008b2ae6bb0c9b2ac913609551545773f9512319da5efb6cdd153ecf2a98 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 8327f4f7cdc9df1d19361a262933ff2a |
| SHA1 | 21a7dca12644a6e502c875ed71cc87ddd016ce0a |
| SHA256 | 96561e28c79f2f08a93417562013b601ac38de519b607293cc04687c76fe932d |
| SHA512 | 8e764e0a833f310d006da390b22cd1564af5c403e8e51bffe0eaee682721c1ae2bf3402b30405c4329971b0ff06f7ce7f4573019c1b2c696157f4d9cd844745b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a45b0c50aa1318cd484350d75ad592fe |
| SHA1 | 9c5ee25823204c5b0f1ed81e77168adfa0a132b1 |
| SHA256 | fb2e1788053addced266aae2eecac5e70fe5c0dbff3a9c1208347d2a09ab6a65 |
| SHA512 | cd1268d20af857f6f878a22b151e076cd19f54306589c30b514f142c7d6bbb3ef2332fa247bc3fb49c6217d968f91b798028308e784f4b410899fc729410e2e1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\prefs-1.js
| MD5 | 4443b6607668703dff04b2feef4507fc |
| SHA1 | a41f22e43dea4340e435584e96a2d2e2d3f61dbd |
| SHA256 | 8480fdaab7e6614fc36497049b0f862728d46bf530606a09a2cd546b16f18bd8 |
| SHA512 | a5d1cfb2635842312bcf18a8de0426672ca414599d048a641bc807346628b2152b9b4d7014479ab5b9ca1d14224b8129dc0c6d9f4c61ea78692fd9e4287c89cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 124d3a966ee7aa9e4b5232bb736aff97 |
| SHA1 | 4ab29814e445b693df1e3f8aef31942b00ba772d |
| SHA256 | 81bfc60a553935a5ad278b4849e468e08003e95c6e940a49f33da294342a8cd3 |
| SHA512 | 1c5df0926f3b54820e84bd6bae0362caa38ae1116c6b03268082d7725ff36724fdc595b470daa83dae6b717866889e185cb1853973c41e656c4492c48103e80d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 64b1ee4fe44a0fc40b610ce2fb316edf |
| SHA1 | bce080f6b95e5cb0afaeb1585889a8066c236339 |
| SHA256 | 9f70270caaa253a834dd47af6e0ad100aabca2f686f8489e74aa9bfe716250bc |
| SHA512 | 7692cf6fdb2078b7c5d7501afe1707d2c2c3b182eeea6afc93194deeb72f25742c9fa8d234d6474bb3d5aa648ab1daba4478bb56f03d62db25753aa0028d9728 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 13d4ded799291ad266b77aed64fedd5e |
| SHA1 | 81a906b5872188ae26e3dcd1046b8c666ce8278d |
| SHA256 | be54091e82308d5f6d6350ac8c052cde7462a43f5899c5ef960905d838c9e6d7 |
| SHA512 | b18da2027cc44a56e5d8bf3ebb5f38cdb5310b738a1f1bac2d63bc0d0dea153b8cbc01403f1762bffb8a979f30f1054f7dd480cfb707a7918d48477920066b6e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 6c9e0b33be47b0ff9e542d8e0efa67b5 |
| SHA1 | 9764b4355f0b4f1f5f4a1ff1a04aa561e7c972a9 |
| SHA256 | bd2ae2398d369df7b4a6f8a44fbcbaf77b82bbd6e920d86fddec11e877d34f18 |
| SHA512 | c5921660fafbf720646a1f13169aed2d077e8319fcb947101a5d01c89d03c28a6844679c871c4de58057ff5e980c94460fb940ad9f6f66e5b83a680d95f5f7db |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e126fd45308a93267ac6092335f36f03 |
| SHA1 | 8bc32f52983ab85e5ac718eab1103d66f67b80a5 |
| SHA256 | 1cfbd7e3ba0086993952e403e53007eaa26c475f047ad9c47407ce9cd6f7499e |
| SHA512 | 9cecd8ad1fb0226bdcf7865af8b7fd9d6d39f95f87fb2d1eabea5c04bfe04012cae688e01be693a1bdbd7945b9e855485f1415b452bcd622391435a7b91dcc43 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | dbe0d6a52b5ff9425af325d53ca7fdf3 |
| SHA1 | 6594003908f44d88d9611b61d5122dcc2372b4bb |
| SHA256 | e6b9fddeaad459d1d111e0787082cb8149578414db51cbfb6023609ffc04e289 |
| SHA512 | fc24592fa1be32ddcd02b4325922d69c5bbfccce704e27b555a8d31f0ffb56a2cdd23c227dc3fccc24c02054b8d7d87b2fb3224cd025aecd67abb3ece4d3873b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3116eb42ad80c1d1f6899ea8d0f6401a |
| SHA1 | fb58e2be1e8c252fd0962860d1e9ce6d6dbfda74 |
| SHA256 | e04896b2adfe98c4da4a104fefd82165675ef2d372c8b7ed125eccd6d4839f5c |
| SHA512 | a4f1c644f26885838b66c62420a02e40c9a9fa04446809a2c264e9d44fccc3965dec9c6a318c17d264824aa51a281a95c409fa2ed88cefec26329b6c4fb1e86b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\402e944b-764b-4b86-b9b8-2a4f8a036cd2.tmp
| MD5 | fa47aff9938e8ea174096f2b071095c6 |
| SHA1 | 5d3d1e76d181458255ff668b23a38dedb2968b86 |
| SHA256 | e13ddf5883436c28d3fde092c74917ab9cf197afdf44c90913393eba232bb36c |
| SHA512 | b9f8f2196fb7e673dbb838d0f232a4dbd62f907f1a2115e9684efe59d166502e456dd4c975107efaeb0aa5f65677f512a223ac46cc21f4f7a4c7244fa3b9891b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4e9fcf6b770134e216879e5a5574fee6 |
| SHA1 | 6352f32cd2d8680f341824939c1f1078cf02a222 |
| SHA256 | 70ee53e922c9e501fcdb30324c7f4faa1dd5c188e83f6e81d02d30718c211498 |
| SHA512 | af6e43077657fde5bc0260e95343d50c0a67aa3e36cb4162195fd9e2f44d4ebbe82e4c4be571ae50703abd7682603feac85f9bf55ecab4354fedc77bfb535c09 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 99c76a2be7db3a334e3de678c0a35adf |
| SHA1 | be50f1c9a1e9d342a1e471d8d9a3356863a9bfec |
| SHA256 | 5c56a748c151be0d513fdb0dff7ef039034fd1b5800accc5f547537eb401603e |
| SHA512 | 0bc61c0f222ddd1ea2c16a5f84ce5f8c212c592789e4674a6fc0c3728985d285caefc613b49e0e2ee5dad7554cd2ba0900b12a840c0464fe2a8beb898000127c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | 638ffa33dca046c16d121e6575a814ad |
| SHA1 | 0f423b941425e3de9f5111bc0265190bc98cb2c5 |
| SHA256 | 4a43baee6a2e9d3f86199f52fd61883d80c2e2a4926e784eb1bdd1fa555afd7a |
| SHA512 | 5cbdc7b11dbfd910ce25bafb0b06528306826e9c83ad533380e8ffdd577e5644dd7b0fa4552471d1c1330bc5d8893856d028aa17d6a6c7540672989157e48bc3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\prefs-1.js
| MD5 | 74099acffb0f552b590cf14f82c1f75a |
| SHA1 | 6936ba759fe4bb4fa0ac87d291a2bcd10d00214b |
| SHA256 | 9cac4cda783b97fc8b699212b81c2d53c72fef0dcb7133898e532aea8c60a6b8 |
| SHA512 | 038c7b638e7094d65384091e2261f3d0631ac96da6478e0e991a96f25cc0c0805fb11b52df738e16d9e7bb0bd18cc2ed7f3435a0c142731a9715636bbb03c679 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1b387eb191aa38e2a28e1b2b16e4a91a |
| SHA1 | 7ec9003d3225e9b10357d44d0fd7f198ebe0df9c |
| SHA256 | 1de54696b8f418ac8ecbed80728a3b80d85b836e180cb1318c3bcc8861b535cf |
| SHA512 | c3547fd1df6173ea59c5511ad3006911bea1b0054bbba4442be8523dfe16259c3b55fe33033aff346fefde4a9f293d99f5873affc13efe9800243c0265dee8e4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f4c8c200adc66669ebc70ef929b5fb23 |
| SHA1 | ddf805ff46dc9da131f48e283f1ee3bb049ed7ae |
| SHA256 | b6cd926d3eeedf1ed889dad0f5b885e5a1dbb102e6cb683e277a185a7ccb5836 |
| SHA512 | 7c24b9d883ab3e8ce48cbc6c3d61697ba526a0f9a39f4d1cdf8236023af70017126cf70bac47a628ba522c6e9f72f17f2ce61cdd8bdcba8358591c3b791831ad |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b9b3b8d98e0bbe9f8d8a9cc4604c1e3a |
| SHA1 | c855a0b8f8939d2e33448368dd351503901ad3e5 |
| SHA256 | 9e5daef42109c22dd681975e49690f1c525aaa7401c16e133b6a7ebd33b24c0b |
| SHA512 | 31b6839cbf5567c1f53e8e2d5ec95d199012b8d685302046b3a23f4f94f49363f0db775719afbb70de29b3d74053b78fe0f0b6634afcbfb4eb68bbe7f73f154b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | 3b1ed5fdcad3b761edf318bad653146f |
| SHA1 | b790d239f600c35e6f9d936890103ce335bd075f |
| SHA256 | ee5be749adaca72caffece75558e1372e09e1d69115fb7eb3052da64c782ff6c |
| SHA512 | deb247122ee0a56daa9d1473c016ec8929907bd00d1189eaad519bb2b7afd64dae7f3410884ae69246747c67970b6bdbc6f2a1b91a3956347ef785df843f7a5b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jfsqt8yb.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | bfb66ecf7ae463495c1ea200710c02e3 |
| SHA1 | 05fcf96e99e0d006229b560fd06987693666518c |
| SHA256 | 442f2a7a1dc433d315357526bd07a1ffd6ca70d375f86aa85b9a985b9fdfa481 |
| SHA512 | c56b03e88c5d8b50a016793b6fa07c74fd531a2feaa7802512b6087c33616bf7014273ee16b12640e8f29aa64b73a87a4e6008269d61a0a73fadac128777aee7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 79770d0bb32ccd2500b240353d2ef968 |
| SHA1 | d78bac928b7d0ac83896f6e896c0b02fa8c1f14c |
| SHA256 | 8202d62193fbe7da46ef42b754f93902deeb2e99f342b76e595a39453a1f39d8 |
| SHA512 | 15d45be89a73508f2eacf2a8873d589e5d8fd7dc58baceced18e65a19959053e43851eee3a310888871a6b74a30075b009da106d3ea08043de001b9789ce1f67 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5420258f565a6bc14d39287be7e17df2 |
| SHA1 | c863c71135e70eec692626f57c8472bab76c9321 |
| SHA256 | 5617a8e4d043b3f727e4a6ed2182686464f2bc4f41bd54f42cca6179e490dd7c |
| SHA512 | e764bf9ae5cf720165ab6ab3435fe82f502f8037dc458b7aa37562ab3c61c426e53daf8f227db72c6bbbe32264f6e5d00fed90de98b1affb5c7548187cf99d22 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d744b6e5ec96ae148bfacb1058677a05 |
| SHA1 | 6ae6a53e01d16a6f6a0c3247afd65e7cafc2a12b |
| SHA256 | 94562dc09f087ccb481b5213957eeadae535b0524106e4bef159dc8490bb2a9e |
| SHA512 | a8340f048fab37b2b5f05fc8157db2a275a66ddae447b9030ad6e8928774f92d37105543f89278f3dc1e54ddc42eefdc4c32c978a8fffcbb5435abb69bc5cd0e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4a92752aa96e26599c44f42f2788904f |
| SHA1 | b1c9b1de98600bb5953e599b1836e47f6ba10694 |
| SHA256 | c017921917a586c41dba3bf7f29c1bd574b128246b843e23bf789d5984972410 |
| SHA512 | d257fb59110bcf46954e5f9ff7c2edc5f7d93ab7da7bbc5cbdfba6d3502e9182ce8e5a7e1d46fd16e377e57d131a15d6dea14cfa42d34543d49404899fe06341 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 820a0c9630460d86879b14526bd85113 |
| SHA1 | d46d333fd3cfe9bfd4a067942d98938faf7d53fe |
| SHA256 | f022aa18963522947f2cced83f12e1dcaa03911bb6333bfa34dc49e87ae4cab5 |
| SHA512 | 0950e11e8ab0f2f4052c0f35347802aff6b1e05a2491416feb8a206f6d798c8069b8693fef6755b8d5edddebb4f906d741277b8d1ea17a7d3dcd8e615edaef5a |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 117832628ca29ac20db6a78b590609e5 |
| SHA1 | a3c594cb92e5c18d30628b80dd6c552c8e76b234 |
| SHA256 | 171f317b0290ff884dc2501868c8a406395cd236902f79ba91c49c44a4a7e4ce |
| SHA512 | ce900f51e2a2d5cfb2a9798486dd72e241d93ce78257e8d1ea49018777498fa05242cad2a8facc2c353644764c63f5ba56a0c8d469c76b975488f69ba78a1808 |