Malware Analysis Report

2024-11-16 15:45

Sample ID 240218-dhb1mada5w
Target 8712e900c0180a0fda31669c6652f94a.bin
SHA256 b0ff9f72fdc589064f2fc9e2b458e6a3f2709dde2dee898ff917d8045d020161
Tags
google phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

b0ff9f72fdc589064f2fc9e2b458e6a3f2709dde2dee898ff917d8045d020161

Threat Level: Known bad

The file 8712e900c0180a0fda31669c6652f94a.bin was found to be: Known bad.

Malicious Activity Summary

google phishing

Detected google phishing page

Checks computer location settings

AutoIT Executable

Enumerates physical storage devices

Unsigned PE

Modifies registry class

Uses Task Scheduler COM API

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Enumerates system info in registry

Checks processor information in registry

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-18 03:00

Signatures

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-18 03:00

Reported

2024-02-18 03:02

Platform

win7-20231215-en

Max time kernel

35s

Max time network

153s

Command Line

"C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe"

Signatures

Detected google phishing page

phishing google

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000580e1c8c6faee54b80ab28599b83677c00000000020000000000106600000001000020000000eb6229e9f1b89ffadae872924cdc7b709808b21166c9d3d1eddc15ca7f3aabcc000000000e8000000002000020000000f9ccde095f149e3ccbeb46716c5bd59805531e0e20b256ea8071b2151a7bb0fc90000000db1432a1cab2b72675ea29a03a87cb0f58639e6a35414f44b0bd27f3b746211d8a3c6220dbfea5f0d61e220f8dc6a688c8029e947d5aa76821546c281059dd96f00d2481199a2877f25b1702f8c740f9679d013597a3260cc0418f60b5711a296945c76f495893484d9f004b751d912fc2b759bea5b43ef62a80d38bc789c3567b6fbbf83c3bfd1662a8da7895d46fe440000000799693b6aa1627bafe4d1e72cc5fc1b8d622b9e5b9ab149233d438f1c68afe1f80a7705fb4897aacced34f437065f8feb53bf5e02021a5dc5412541379c6d99d C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 906e98aa1662da01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\DOMStorage C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{D42D4461-CE09-11EE-9CF7-CE253106968E} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{D4320721-CE09-11EE-9CF7-CE253106968E} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\DOMStorage\facebook.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{D4322E31-CE09-11EE-9CF7-CE253106968E} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000580e1c8c6faee54b80ab28599b83677c0000000002000000000010660000000100002000000049eb5b6ed3a6b734151c8b4293783c1df75f48d4d3317fe22a08b7fbcf96bcd2000000000e800000000200002000000082d8ff16a7611fd5ef9147b5b0ea440759a5f4d7dadf246ee84ec1b64dae8b4920000000c3e4def3e7f1f9a65893555d4a87edd4ccca02662b34c91f6710ec4c32e8a06c40000000e3f6841cf076f35b9472aff2c2f5d767baa309249a3b308dcb256f4954eaaede6d629d10ba78f2a07e88cef89d6a8d7a9c01648901b2b02b7b756026afa41038 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\DOMStorage\facebook.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2852 wrote to memory of 2096 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2852 wrote to memory of 2096 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2852 wrote to memory of 2096 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2852 wrote to memory of 2096 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2852 wrote to memory of 2440 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2852 wrote to memory of 2440 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2852 wrote to memory of 2440 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2852 wrote to memory of 2440 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2852 wrote to memory of 2720 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2852 wrote to memory of 2720 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2852 wrote to memory of 2720 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2852 wrote to memory of 2720 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2852 wrote to memory of 2764 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2852 wrote to memory of 2764 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2852 wrote to memory of 2764 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2852 wrote to memory of 2764 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2720 wrote to memory of 2584 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2720 wrote to memory of 2584 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2720 wrote to memory of 2584 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2720 wrote to memory of 2584 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2440 wrote to memory of 2604 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2440 wrote to memory of 2604 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2440 wrote to memory of 2604 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2440 wrote to memory of 2604 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2096 wrote to memory of 2692 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2096 wrote to memory of 2692 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2096 wrote to memory of 2692 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2096 wrote to memory of 2692 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2764 wrote to memory of 2624 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2764 wrote to memory of 2624 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2764 wrote to memory of 2624 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2764 wrote to memory of 2624 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2852 wrote to memory of 1228 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2852 wrote to memory of 1228 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2852 wrote to memory of 1228 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2852 wrote to memory of 1228 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2852 wrote to memory of 2020 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2852 wrote to memory of 2020 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2852 wrote to memory of 2020 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2852 wrote to memory of 2020 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1228 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1228 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1228 wrote to memory of 584 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2020 wrote to memory of 524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2020 wrote to memory of 524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2020 wrote to memory of 524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2852 wrote to memory of 1892 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2852 wrote to memory of 1892 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2852 wrote to memory of 1892 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2852 wrote to memory of 1892 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2852 wrote to memory of 2396 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2852 wrote to memory of 2396 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2852 wrote to memory of 2396 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2852 wrote to memory of 2396 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2852 wrote to memory of 1172 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2852 wrote to memory of 1172 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2852 wrote to memory of 1172 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2852 wrote to memory of 1172 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1172 wrote to memory of 1156 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1172 wrote to memory of 1156 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1172 wrote to memory of 1156 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1172 wrote to memory of 1156 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1172 wrote to memory of 1156 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1172 wrote to memory of 1156 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe

"C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.linkedin.com/login

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/video

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2720 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2096 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2764 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2440 CREDAT:275457 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6a79758,0x7fef6a79768,0x7fef6a79778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6a79758,0x7fef6a79768,0x7fef6a79778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6a79758,0x7fef6a79768,0x7fef6a79778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2396.0.1977350177\299832386" -parentBuildID 20221007134813 -prefsHandle 1232 -prefMapHandle 1136 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {22710bc9-f337-44ba-8eae-ed77c886f63f} 2396 "\\.\pipe\gecko-crash-server-pipe.2396" 1348 101d1858 gpu

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1184 --field-trial-handle=1196,i,16765358300224247106,10508177907379326409,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1120 --field-trial-handle=1296,i,9872840182896898236,11915166164243335832,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1128 --field-trial-handle=1300,i,267176248556872364,17199177834973381639,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1476 --field-trial-handle=1300,i,267176248556872364,17199177834973381639,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1620 --field-trial-handle=1196,i,16765358300224247106,10508177907379326409,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2396.1.1346398534\1055345854" -parentBuildID 20221007134813 -prefsHandle 1524 -prefMapHandle 1520 -prefsLen 21610 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {414ae793-de4e-4053-b861-f1f01e4debb5} 2396 "\\.\pipe\gecko-crash-server-pipe.2396" 1552 f3edc58 socket

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1468 --field-trial-handle=1296,i,9872840182896898236,11915166164243335832,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1548 --field-trial-handle=1196,i,16765358300224247106,10508177907379326409,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=1604 --field-trial-handle=1196,i,16765358300224247106,10508177907379326409,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2396.2.1768735317\910212700" -childID 1 -isForBrowser -prefsHandle 2324 -prefMapHandle 2320 -prefsLen 21648 -prefMapSize 233444 -jsInitHandle 668 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1dbae48c-f3c5-4490-b100-41eb839a96d1} 2396 "\\.\pipe\gecko-crash-server-pipe.2396" 2372 1015dd58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2352 --field-trial-handle=1196,i,16765358300224247106,10508177907379326409,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2468 --field-trial-handle=1196,i,16765358300224247106,10508177907379326409,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2400 --field-trial-handle=1196,i,16765358300224247106,10508177907379326409,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2396.3.1516054381\1451819875" -childID 2 -isForBrowser -prefsHandle 2888 -prefMapHandle 2884 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 668 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {98d5eda1-57f1-4c82-870c-a1c0b1019693} 2396 "\\.\pipe\gecko-crash-server-pipe.2396" 2900 e62b58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1420 --field-trial-handle=1196,i,16765358300224247106,10508177907379326409,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3492 --field-trial-handle=1196,i,16765358300224247106,10508177907379326409,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3484 --field-trial-handle=1196,i,16765358300224247106,10508177907379326409,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2396.4.1077723433\1879355429" -childID 3 -isForBrowser -prefsHandle 3648 -prefMapHandle 3772 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 668 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {799b98c6-af99-4d8c-87f6-e7a93653b713} 2396 "\\.\pipe\gecko-crash-server-pipe.2396" 3760 1efef558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2396.5.1100297041\1004981153" -childID 4 -isForBrowser -prefsHandle 3760 -prefMapHandle 3900 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 668 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6deecc28-392e-446a-8d71-79e816fbec62} 2396 "\\.\pipe\gecko-crash-server-pipe.2396" 3868 1ef42b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2396.6.721082960\2011225133" -childID 5 -isForBrowser -prefsHandle 4040 -prefMapHandle 4044 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 668 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ccc45bbf-78e2-49e6-8f2e-14dfb269d96c} 2396 "\\.\pipe\gecko-crash-server-pipe.2396" 4028 1eff2858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2396.7.894927392\1858419113" -childID 6 -isForBrowser -prefsHandle 4240 -prefMapHandle 4244 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 668 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {13bd064e-d3ed-4110-8784-4601466f02ca} 2396 "\\.\pipe\gecko-crash-server-pipe.2396" 4228 1ef41c58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2396.8.1667878968\43756742" -childID 7 -isForBrowser -prefsHandle 4428 -prefMapHandle 4312 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 668 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {47d11a13-a75f-4a5d-9546-f19636ab46a3} 2396 "\\.\pipe\gecko-crash-server-pipe.2396" 4296 21795b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2396.9.1094132413\900859850" -childID 8 -isForBrowser -prefsHandle 4524 -prefMapHandle 4528 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 668 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d6c232de-6b39-45ed-a2b1-c186be6997e8} 2396 "\\.\pipe\gecko-crash-server-pipe.2396" 4508 21796458 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2396.10.1486744016\2041503975" -parentBuildID 20221007134813 -prefsHandle 4552 -prefMapHandle 4584 -prefsLen 26251 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5803fc8a-3313-43e2-a9ed-0d3dc53e6f6d} 2396 "\\.\pipe\gecko-crash-server-pipe.2396" 4312 21ac0158 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2396.11.1443700321\2111287214" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 4888 -prefMapHandle 4884 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3f84a8ae-3d10-49d7-a5d6-eff818880461} 2396 "\\.\pipe\gecko-crash-server-pipe.2396" 4900 22053e58 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2396.12.1167555184\652390547" -childID 9 -isForBrowser -prefsHandle 5108 -prefMapHandle 3424 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 668 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6f0c4f38-9bf2-475a-8efc-18ae24e103c5} 2396 "\\.\pipe\gecko-crash-server-pipe.2396" 5124 1e685c58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4360 --field-trial-handle=1196,i,16765358300224247106,10508177907379326409,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4580 --field-trial-handle=1196,i,16765358300224247106,10508177907379326409,131072 /prefetch:8

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
US 8.8.8.8:53 static.licdn.com udp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 m.facebook.com udp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 facebook.com udp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.35:443 facebook.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 fbcdn.net udp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 www.google.com udp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 fbsbx.com udp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 142.250.200.46:443 www.youtube.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 34.160.144.191:443 prod.content-signature-chains.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 52.24.144.241:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
GB 142.250.200.46:443 youtube-ui.l.google.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.200.46:443 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.212.214:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.212.214:443 i.ytimg.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 157.240.221.35:443 www.facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 163.70.151.35:443 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 172.217.16.238:443 www.youtube.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 play.google.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 rr1---sn-ntqe6nes.googlevideo.com udp
AU 74.125.152.6:443 rr1---sn-ntqe6nes.googlevideo.com tcp
AU 74.125.152.6:443 rr1---sn-ntqe6nes.googlevideo.com tcp
US 8.8.8.8:53 rr1.sn-ntqe6nes.googlevideo.com udp
US 8.8.8.8:53 rr1.sn-ntqe6nes.googlevideo.com udp
US 8.8.8.8:53 rr1---sn-ntqe6nes.googlevideo.com udp
AU 74.125.152.6:443 rr1---sn-ntqe6nes.googlevideo.com tcp
AU 74.125.152.6:443 rr1---sn-ntqe6nes.googlevideo.com tcp
US 8.8.8.8:53 rr1---sn-ntqe6nes.googlevideo.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 rr1---sn-ntqe6nes.googlevideo.com udp
AU 74.125.152.6:443 rr1---sn-ntqe6nes.googlevideo.com tcp
AU 74.125.152.6:443 rr1---sn-ntqe6nes.googlevideo.com tcp
AU 74.125.152.6:443 rr1---sn-ntqe6nes.googlevideo.com tcp
AU 74.125.152.6:443 rr1---sn-ntqe6nes.googlevideo.com tcp
GB 216.58.212.214:443 i.ytimg.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.200.46:443 www.youtube.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.187.202:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
N/A 127.0.0.1:50166 tcp
GB 142.250.187.202:443 content-autofill.googleapis.com udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.200.10:443 jnn-pa.googleapis.com tcp
GB 142.250.200.10:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.200.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.178.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 www.facebook.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 rr4---sn-5hne6n6e.googlevideo.com udp
NL 172.217.132.233:443 rr4---sn-5hne6n6e.googlevideo.com tcp
NL 172.217.132.233:443 rr4---sn-5hne6n6e.googlevideo.com tcp
NL 172.217.132.233:443 rr4---sn-5hne6n6e.googlevideo.com tcp
NL 172.217.132.233:443 rr4---sn-5hne6n6e.googlevideo.com tcp
NL 172.217.132.233:443 rr4---sn-5hne6n6e.googlevideo.com tcp
NL 172.217.132.233:443 rr4---sn-5hne6n6e.googlevideo.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 aus5.mozilla.org udp
N/A 127.0.0.1:50231 tcp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5ednde.gvt1.com udp
DE 74.125.162.134:443 r1---sn-4g5ednde.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5ednde.gvt1.com udp
US 8.8.8.8:53 r1.sn-4g5ednde.gvt1.com udp
DE 74.125.162.134:443 r1.sn-4g5ednde.gvt1.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.187.234:443 jnn-pa.googleapis.com tcp
GB 142.250.187.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.200.46:443 www.youtube.com udp
GB 142.250.200.46:443 www.youtube.com tcp
GB 142.250.178.4:443 www.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.200.46:443 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.200.14:443 www.youtube.com udp
GB 142.250.200.14:443 www.youtube.com tcp
GB 142.250.200.14:443 www.youtube.com udp
GB 142.250.200.14:443 www.youtube.com tcp

Files

memory/2852-0-0x0000000000C10000-0x0000000000C11000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D42D4461-CE09-11EE-9CF7-CE253106968E}.dat

MD5 3794901099b4b8b32c2b5319268d18c9
SHA1 a6e6cab9ef662a21b7bc9cbe1cb0d3911ffb75c3
SHA256 98e7c6720a5497588016808f4b17257949a42190aed7048ba9c3ccbabf6e9eb4
SHA512 77bf469d95803fa82774e45af85e80b0d6ef86195d9586094f3f549a73a4d8b7ce81563e1479682fe21380ab0b7bc84120a7bf1caf33c7e311d5692e99ba5ede

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D4322E31-CE09-11EE-9CF7-CE253106968E}.dat

MD5 cfb0d9e810f5e3bf3bf00f9af8ed531c
SHA1 6f576e5cfee917941473b75b8daa929341047261
SHA256 bb34ea2abcbe00dfdb1ee993e1ce58fd5e573b36b9b948273e6c72a28bda8fe4
SHA512 e2dadeafacea22ef4cb9f9e6e109e944abb9060b7d1a49ff74d4892d87d19da332084714d5a298effc720671985ddd8e56657172b18d21dca04ab930dcea5c15

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D4322E31-CE09-11EE-9CF7-CE253106968E}.dat

MD5 b33ddb146faf9e43ca75f0af28e29536
SHA1 cc120a29aca3f10488e309f0f4c8dbf3514406f2
SHA256 6dab9e8e9712254d677fa83288a03b8edf3dc5a84898c0a33f21e86ff0bbf514
SHA512 d08ee7d579c9dcf862448776b32ffae975d796c4368a5106e6c06179c3c42498541692fffd5344e3e38117e38d84938658e37fb3c2bb51650c23006a59a0864e

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D4320721-CE09-11EE-9CF7-CE253106968E}.dat

MD5 4b44dd23e6b8c19019608ce655bc6dbb
SHA1 c2974d31d3b2bdbc5400e1cc6a656fd95478ca1a
SHA256 d9eea3903c5f45e820fabb57e377de2314823047b0a2f7a4597d59325c891f88
SHA512 ff4bb5ba7bb22a96f5352cd940a89f39e44d886746eb0918efd6b9ad832c8c48215aa5278bfc6d3c14a60467578d38fa03730f1d907aa5caf42d20e22c14bda9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0f3b962605a235b06bbf9ed3f5f92bb3
SHA1 b68aef53b3142229c1fae947267e8ee632596180
SHA256 43a40a01a9f03fad0989f84995fc208215c9dc17e023b78f3cc88412bca35d3f
SHA512 0b389dc3d858dcc3eadd8f220543cf4073ffa6158e691cada2c6354cda891064bd820ec3552be00f767f22f7cf3b08f5405c25ff1ca5f640590347a225e4e1f4

C:\Users\Admin\AppData\Local\Temp\Cab3F9F.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\Local\Temp\Tar3FB2.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 1d546d25b2b81d95855a513fb6056dc3
SHA1 46f1561b669e22edb7867e322f01a2edcaf4b52e
SHA256 ab2b5c82b3582c2b39e02e71755846ff7ef7bf018a724247332c09e09c8043bf
SHA512 9dd4d797bf6aab51707c1447e161c63f89baf3f8568b28547a28da59d6b8aa844196f242069265389aee424ce620b32901c54016271615151afb32cc11c5aa84

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 6b8bd585ac1f271c3a882e096d4f0963
SHA1 f3a8aebfc6508cdab4a6a69e1f7df2a16badbea4
SHA256 f384c24ab297301b81888b8eac712f8b178c0bfb781454ee9ffc4d77fa510e5f
SHA512 56e918c1ce43b77ef416116d756d4a99eb568efbb5db1a4368e7b01f8a1c3493dc8838914c0d963703e3810d54409add3aebd3a93799ae82e49ed2facfde8cce

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 aa62d1dac98496ea15649333005fbf87
SHA1 587930f0b1a3011f5c42b420d4e134c0542538ab
SHA256 8fbfaf8130d0515225d67622d042ded3c8562697ec9e350729deaa5bd7db90ea
SHA512 78544839b00a39af8d8692faaf9f8d76282e996466e35285231febb7f967b18f281c1d2051bf8013869c181c875be770ebf25cea5b64a61704008b618ef08b09

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 760b43510f7817a20ec83e91870ba401
SHA1 c411028894869c1825a81882aa310019ff673417
SHA256 db92fde152ea18429dfb23098b82d406e431adcf1ee32b58347359c524ddd711
SHA512 81c976e6fa4648d3526d3cc1ee022ea5a2e77f0b82e8cf2672ca73890bd5a1286cd2b4cb0bab4991e4b368684aa3b8ed0dbafc25dc39930d0522ccbbbdcde133

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d0d364a6a6de9ee70afbc5a2769d6f25
SHA1 9b78e9908ceb127fe20d4c14beac2570eed0e775
SHA256 cd7ad0bf4898a7e79ee1188214c2c774fd2178af985492802539a6b6494b3ee7
SHA512 9e57d0e3c863114710e49278de0abe4f3506a69c468e1cb18e2876db8f9fa6db67136954ceb7628015a3421ab114543543f71b9c4fbe5ad6214887a24a248174

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 11dc51fc2c269e7ba9ff7a119a31fbf7
SHA1 72e98d34d29f0b3495ee463a5e501defbd18ce94
SHA256 d48310a7b4ac64715b330980874cc370e07e8732c437b3e085233065c7f652ed
SHA512 ced3982d01f1aaa1c7cf4f4a8b821da2ac093e996ae59e50722d7406d76730332a9eb296314fc72ed56f23ff11ab346e40331c6316f3025068878687af0ceee7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_520FA7AD0A5B7A5300910F5BBDCB6D0C

MD5 2dbae1c86a886b68f16bd30773e0714a
SHA1 0f2e253832285884962a7548c37df7947359ca59
SHA256 0b1c9a7df64bf94dae65e77c092dd2c1cdf5e91a9a152209652f36eacd429646
SHA512 c951cc7c250ebf5fe00ee675bf4b29cade0cc67ae185cd65d4c5ab52c3cd73ac806ea15a345b6e068830bed57c3381f30faeaf6adf681a8208dd7d3cba787d60

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_520FA7AD0A5B7A5300910F5BBDCB6D0C

MD5 ba24f971435054ba1cfe625d365526a8
SHA1 21986bf09f6f5e87df44b3469e272dd6e4e39d8e
SHA256 cb0954026307a3a9d48ae33a085757206d37ff6060b193c4a14154842fa7e86d
SHA512 7d5b56b5621d528e6f2b2c592742bfcaf969a55e1e3d5bb94f698edc748c3f75e9bfd2d6a1eefaad1a6e91a77e6597dd4e6c2c5cc3d825cc9f67f51b7ebdeaec

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R1EBDLS6\favicon[2].ico

MD5 f2a495d85735b9a0ac65deb19c129985
SHA1 f2e22853e5da3e1017d5e1e319eeefe4f622e8c8
SHA256 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
SHA512 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2s0hu3f\imagestore.dat

MD5 463167d1456ac52f83ec8317a3967002
SHA1 3fbbfcbfae9d611f6711145a24f325929f69746e
SHA256 f1232876b23d2724abd2582e38be2a05eaeb9b2e33f8e000f0e1b4a114513a12
SHA512 f6c660677faabe105be6614e64ba962257b6e6966f7d08b31fed9b4c7fca6e8e32ae81e6e5d3c9900ed4d615bd6bd096e1e985804a019731d7270bc179f318a5

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\CRZ20HBN\accounts.google[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\SE05M0KY.txt

MD5 ab958e666e211978a5e9d025bc30524f
SHA1 d9bb0243437e8f5a60348e75a939e516e79dc787
SHA256 5cf418d2731b47d122a334b151ad485df0134c88a18afdef20aa4ac1e5d210be
SHA512 ffb0b0d33effff6663177a9a09b02c215319d329d0df2ed61bd0d9c5062850ba285bbdef1e54d666d8355c9acd6d6cbf6db061f5be908c31fe4f133189ce3b60

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LSNXCBKV\favicon[2].ico

MD5 f3418a443e7d841097c714d69ec4bcb8
SHA1 49263695f6b0cdd72f45cf1b775e660fdc36c606
SHA256 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
SHA512 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LSNXCBKV\favicon[1].ico

MD5 b2ccd167c908a44e1dd69df79382286a
SHA1 d9349f1bdcf3c1556cd77ae1f0029475596342aa
SHA256 19b079c09197fba68d021fa3ba394ec91703909ffd237efa3eb9a2bca13148ec
SHA512 a95feb4454f74d54157e69d1491836655f2fee7991f0f258587e80014f11e2898d466a6d57a574f59f6e155872218829a1a3dc1ad5f078b486e594e08f5a6f8d

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2s0hu3f\imagestore.dat

MD5 46c5cb629c6228fa6077931025891864
SHA1 73a03650dac7ee380f1f9e0412807969775a642d
SHA256 f7f549f09d88cb5afb01aec5aa3337ce3408cd7625abc9bdf7d1390643619b45
SHA512 41bbe7140c34943dc324023c2ac40846881aa80c65b0ed9ac2a1a00787f63274cb321524bd8326847d89755d7f86e6ea99791f98272e36a3065c96a3fd1f1714

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_77B1CCFAF3D0516ED1D1368847DAC1ED

MD5 b399cf01bcb1abfe489ac9fff9b7b8f4
SHA1 1f7e07c2516c86289fd50139721dcf4f3dc56eb6
SHA256 7247898a3a3e831eeb8a5d1c286813c465098d01690e2fe9c5173e6e8c65cd4c
SHA512 64530752df67280d237328f2a11cb9e8f48e72ea9ea343fc2199815ceb3f1db162cc83293520f14d2c2c21e98e82ba7fc234f1600cca862c5c5bbbd289b7b904

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_77B1CCFAF3D0516ED1D1368847DAC1ED

MD5 3b60c50563c55991b64f735d6f6c4f13
SHA1 6cd6d9f9b65221f59463c9173856bd773aac545a
SHA256 7061d4cf19044e05d8ae317bcc4ebea371914719b3d3a96d3d422d2a4f02f213
SHA512 c3894f6c2ef4f24b3d814e760e4683e48145d115e8463bbb3504f9ed2be5b0d34b238339ac2b351549a931c6bb14fc57771625ad62618787e22e9fb804176c1b

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UOO61SKS\4Kv5U5b1o3f[1].png

MD5 a81a5e7f71ae4153e6f888f1c92e5e11
SHA1 39c3945c30abff65b372a7d8c691178ae9d9eee0
SHA256 2bc7a47889c56ad49f1b8b97385d5a4d212e79bb8a9b30df0665a165f58b273e
SHA512 1df32349b33f6a6fcb1f8b6093abd737fa0638cdd6e3fd90a7e1852bd0e40bc2633cb4e13c4824fb948d1e012e5cb9eed0b038b121404865495d4e57e123db69

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2s0hu3f\imagestore.dat

MD5 e3ac57cfeb030a97c21a44aa25979cd8
SHA1 391a5d245f8eb2ad9f8b3f90065f45e6304e0de7
SHA256 2226f3bcd9aee2f5731d42073dfe68d03291a762cc862edbfea699a9c85f22da
SHA512 035acce52c69f3bbb72979c012ed4d1b677379a9fc27713ab34425814bffbd274a0ead7ce01cbcc84e78cedf236f266b4d5915fbe9742d4497f80ca1fb1b85bf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 970be20c2ad6168858b9456de36a4517
SHA1 aa8149727f88fe7f64ec3369e3109029005597a9
SHA256 dd8ab59f3f039631cfc56d25075f0ccfe9c17c7454b37770c3530c7a119e556a
SHA512 62c690873d2b7e3c50de5fbd1d723647537b2fd4e48ab18a1bcc2956666fc47687b83d99da3324f613b9881cbf81b2e2e0bc18d24dfaecdf5499c3cdc895ddcf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7edca4ac264689d4bc49698c80824f89
SHA1 d92308ab3eaef43b36c43b1e30b27c6b712cd279
SHA256 bfe21da05d8baf86a5d9debc5707618a94ffacc0b394ce8e227ea3d62b37a391
SHA512 ae595a16fb467c386d8bf64d08e72f376f455537498a6009d4413d8b145d1e256c7225f4d71af750139bfa4037f64cb7fc699d69f185b012be25b430040c3910

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 51273e44f90b88756afd5a43b7eb0fa5
SHA1 f518b420b7c4c72ec6005b39eeae8c2a37e97617
SHA256 99244785d505795cf88a4d74d48418661c95728ed74a7e51efe60eaa21754663
SHA512 628edc3149bfd3526bd017e5d8f66c9652628f25cc554397328d3384c74def283d26e673958e4e62d64caa59eebecf9703fea25d05770ff2a34d6c3d0e97eee9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 dec9bb5d5efd57418d4e5ead316260ac
SHA1 4813e392859a88917be2817c0beee15adfc9ab4d
SHA256 343131a26fe9ad10bdc210d614b5414afdf4a4cc4915a9dc08978492d92beb63
SHA512 cb0f7420b12de332b183962467266dbc81c5a7780c6fb2e5a2ff68c7e13da46dd584406ddef81c522d13b33b37f00292ecfa8cf899476fcd9808ae9a11ca6514

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d2c3cf6a5c6ef213e962ea51a9122d6f
SHA1 6897bde3206e6c3bb4fa9eda0d03fdb77f1a2247
SHA256 cef9afbcf56bdf17ba9ce89a7553c7c6ce0c6958a48e8a39cd3b754a366ca25f
SHA512 5c5d449b4c25c7b403ab93c057a9c9e384c16e8adf13180c93a4829d050639a74d38adf173ed16c375cf49060689a070582c6b317b856d087eb77b87333bb996

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 804689e7eb2186f0b377a494291feea8
SHA1 516f5de70b89a3adb48d0db8737778501345f4bd
SHA256 c7ff4a9fdb32fa49e7a768cf48ce0594c8e9375ade4df352aedc71ac3be319a9
SHA512 fa09673dc534d0dced48e3ee32f63b48c43c67f9084e63bdaac5a71b8b68ba7908a9a3f84a0102fdfb68b3b029d3878d29239282ce66a6f8809dd02021c1999d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c00a9e81de09cc26b2b6d2061eca3683
SHA1 0e44c40a02dd94bcba276f40d0995466f56c651b
SHA256 6c23f3fa2293fda5a6edb906ba3d3c9f3014a19ca0746275ceff5d3465fac1d3
SHA512 3c92cf944d14892b81b94e5753f918b628b9e8a92a39f20e5c8f969945ab01bb75319bbd892c1a70bf52216c5f30d9f10002a35afc190430b9a31e5870c3143f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c1609e66683653f709f3113db23d3fcc
SHA1 40116f7e17995ab2419f577ccbb0d23d07e6891d
SHA256 5edf46b543490f774ca99614d777e21b3a07e8a1f2687c4c508b911a75224dc7
SHA512 6629879175bd86f1dc732785d9985b1589dd7771a2124fe31c2cff7b3b5fefed6029b83256745fb95ed7faa0579fbf29c27180a82c180c6f7825de63b31a8cbe

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a38e3044aad7aedb70f099e309a51e6f
SHA1 49f048ac75600ad6e41a27c84e527497d0c68228
SHA256 1b120a6c5a9a91db93a1b746f56b9dc7db828a8d4a1964b0b98c93c81c72600d
SHA512 9a344876421771ce9a7e97a842e0d646373d15dce2014da02f0d9998416cdaebbc41bb238eed5ea7f49297f696dafe1090fa02a3a6aa1701cae4cbbb45066a34

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 90ff46814c8b95de760a56c758407a9d
SHA1 eafd19c06955bf708d17628a09d6a9272a4dc38e
SHA256 cae36e2f16cc40a373ad73cb2af733ac626ae84aeb227542f6f9c3b69b3d4687
SHA512 f6cca749b234f4ed2a3f2cdf353ff4607c33d3833fa88fcc34b5e29fbd969cd6d4cfd6e1d35721b487c1a0ce8f394b0aa9de7e8e19e253c5dc809a0d05eafb6f

memory/2852-846-0x0000000000C10000-0x0000000000C11000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 da34f4b069d4208e643bbe5904660ba7
SHA1 8fef8e21cdbd32ee130cdd5d2369f4eff1f468d0
SHA256 24271c2602a6fd012c611bab3119efc1032a4e94ff2aac598b5ad5c5db7fd38d
SHA512 3273ffd4377adc31ac025981816295253238986f6fb178b5096692bfc5feea3ac2f81bfec3a18610f108cf8bca1c465a9fd685285dfb9d3df08aa07a06446aee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

\??\pipe\crashpad_2020_RMIQQQRBPYMDIEFS

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State~RFf769f99.TMP

MD5 3465021966e759aa3d7c611723903b7d
SHA1 90cab2392c9e3b162c48e791cbefb702fea684fe
SHA256 b99ec6c0de9f2121b62331ebe39b23ac36295ea3b5be7d6f3dd8fd8453739ede
SHA512 27030291bf7b9554cd541d30d09bfa7ba743a4efbde6ca478719f2de0a063c8909c2d60c76da2ad812a61311f8cbf2ce8d39f8a85f705fce664f3de63487bc0a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 8549c255650427d618ef18b14dfd2b56
SHA1 8272585186777b344db3960df62b00f570d247f6
SHA256 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512 e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\1950add5-6162-4a02-bb85-d9da56299082.tmp

MD5 6bdd4df3c352afadeb8b4d6c07b62506
SHA1 83f1bdccccfba33179902dfef7faf8ab5b569eff
SHA256 242b39658b5f9937dbea7e1b00a0124548ebf928feb6c6a2abd58ac6e8272c27
SHA512 da0c923914f5846f18eab4493e05b09d756beb840738b8125681cfef9d7f3df0486ce3850790409b3ededc152bf6fd4857d919f2f087653c7d76af5ef2ac4f1f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\datareporting\glean\db\data.safe.bin

MD5 6991934d63df0f1abe8f05d122790ac7
SHA1 3aac789ffc1d55d14f57ad593f3cbb7a119bc594
SHA256 bbe23d46253e565f23238fb39147933baa9ebf5d66685bd6c0173c3a61422377
SHA512 400d91467ec0283f283dcd56a85adaadee889ce2012316fe17bf26c989ba9b5f889594e3bfa4845157f3fcead2bcfb12f5cfd5a64e21dca31ea03c572775b020

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\datareporting\glean\pending_pings\76209f1e-e701-4d63-b5f3-49e315bc3efb

MD5 501deb74a3f1aba977dbce88e2388f43
SHA1 d48a23c0c78675232531118f0cc48c40c8b12c0c
SHA256 89fe61b9b47e99d689682556f0bf5301d8f68e775b6abc7e8b6ee4bddc21dbf1
SHA512 8a887514475f3e2a0ab554e31d7325645761e9f73391784dc254d184fcd4d6c661425c685dfd3d0ca3a63bbe1929d54fcb105efb24b954ab1784afa7dd2d01cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_AFE3FEB93BE50AD92D574695EE0D96C7

MD5 1b03bae15583ad9d19c4fac3cdb6e307
SHA1 e37c209957a40f3c83b09048d86556d5e19b769b
SHA256 27dccac68c59a9d5a97528db58fcf1bff910f531f9fd48fa6c331fd6737215c6
SHA512 20109a09479a74884ccecc2357c0ac0ddf3bff81f22debfa2d1ee21e3a840491649edf69ddfa4258f946d59f7828b0e8b83e03f4c2d008fc18d205b19a58c61c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_AFE3FEB93BE50AD92D574695EE0D96C7

MD5 a52c6ce220ba5c4735deb32166121cc1
SHA1 79328ea06525c04d9a17fc9ccde2c80d76837eb4
SHA256 0d276bda6d68e65904631ffa3e17d3ec9e23b31047e140a9bf26fdd56650fe17
SHA512 ccc545d91734aefd3a6688feece345cb692061befe0a9de66997be601ac1c66588cd6453bbb32e1802dcfb005e424d9be41de53bc194db3993d77623bc580c7d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 a3553dd24f69c2c13e01483de3216a2c
SHA1 f7fa5d3ceaf65eeca2f6f7dfa81cc95277599379
SHA256 2952010045d68075483b6682c5a7b5a0d489779f2db8d1f32d4b0d2c8a9a7eb6
SHA512 6fea382a2f6ad440cd6928bed893950873cdbf008bc633795685c6a0c16e9b7903a093fbd7e029c0e17bdf067624ce3015140306ea56b10a94d4e2aa0c6d3281

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_B88EBDD1C39B7C1DDC0A20A63167EC66

MD5 9db81ab83bbc5fc0b285cf6345d1bfbb
SHA1 5bdd28ad393bb7ac862ddca29a6b9d8ba84a6a06
SHA256 f87cbc51f6798e9cd11bc86624bfe7ca5e484db5ee42c2a580ae435473cab5ce
SHA512 9350fff06927159b59b16a404603bdf9d86ba16b4034f66abef0b210049106ac824d50e90949d958846edb7c3f4026a791fdba60797902bd8f25ec8002405dca

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_8F986B155B6342EE1ACF678AFF6889B0

MD5 0c775cdab0b027ad439761a5ddefdcc6
SHA1 99d26fdde922ccdab7dd6a01b8f35930d574f274
SHA256 fc1dc11221e57a97c4544568eeb3d4fdeceb386c8a945bd7e33bab0c375f291c
SHA512 a595bb229d1ea6d58494ad30283310b0e6da964f22404e1c9bfc89c22b79196600808cba0ac4a6988c05734a71ceaf1c6726109165dc55c1021626a445e9551f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_8F986B155B6342EE1ACF678AFF6889B0

MD5 578b3255bf432b3676d3663de21745e5
SHA1 06dcc31105c57ce5b7575695cfcf623003682480
SHA256 a18b73178c2889d81e828e8df1ad880f147aed50ca4cc6b45ddffb1784ccef1e
SHA512 5aad3eb7cab8a25a76f7c08c05794f752060c71a8c8bde34c7719e81249ca17291ccce9ff09dd71d84b104245a43ad8f305a45fd027241cff1d665bd79c6f346

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 a0f137d060ca8152a2314689e5d2335d
SHA1 844aacb81378098e78ae40ef6108bc63836b7f81
SHA256 5dbfc1c9aba3d4d44bd1cf83c54a4ac26a9cdd8b86fccc3188f58c3b8b40dacd
SHA512 ba966c06b0b4c7bf4dfe82f9590e73098377743a0d1812bae40a7a774d98403cca0c10bb41df1fa1126cba35ab8a40924dc6452190e7c8016ec516d745cb7f6c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_B88EBDD1C39B7C1DDC0A20A63167EC66

MD5 3ee0c087eb1254a7a281e0f3c6c497e3
SHA1 4d57470518bd23c7beded32e86af1958933c5ae5
SHA256 4a48ebd82e6cc7056896c4925b7c146c4ccb01bf09d06113d4fc15a59aa0805d
SHA512 bde634c07a35bf9cfef3c3cd29ab8a746efe80a1ee22bfeed6abae958122e6a8148fd1a1a8a469eec201be4cef1254a823612f4ae2f5b2a20ce8ac2130a643c8

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 6bc11c760679a04a8e63abee3e09ff8e
SHA1 2455f1176b7167374f98daac4d08a2d4995f1c66
SHA256 baf1a6ef580161c4df2bfa5d7b5709270d0a00c387596326eb990ca6a5dbd2dc
SHA512 c0ece5ed32a1870762ba81d66e618c54b1ecff53f1196756de9b11e3d536f77c6e05c8240a7ab25aba23be08034f287fdc7cdead1e4d7b2145fb8c942e5423be

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\sessionstore-backups\recovery.jsonlz4

MD5 360fee4da57683e7330fa0ab86987b4f
SHA1 35febbe5097e742d159253ab63bc41d86daf30d4
SHA256 37d7ca12ec4ba7614d13ca552f693f6a1e7c82885330f3c56fd1d370e5d0e147
SHA512 a2e18683afc4e00a22e953b1e9ef88d9461eec4ae7364933e31cdb28438f2fa8ecd15cbe242bd8618c393463dbce58afd317141e6382fa65267456357aa8020d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\prefs-1.js

MD5 fb4be5b959f8bf353f172c1b1de6797c
SHA1 c952f35dbfdad3c67f4f33e3ebfc6bd77fecdfc0
SHA256 23c624f7706d462ffea3e6f078d7ae9b432a768a41c0fcd2e520f89c890ca679
SHA512 3a98770cde13597cdb53e5536ba939c31f9a07a74710c612056d182de694031638ff7cfe7b1de017477e02d3601b3d6685c947cb9d23aef00a987e40a899bb93

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\storage\default\https+++www.youtube.com\cache\morgue\55\{1d00e56d-b227-491d-8e9e-f3391160aa37}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\storage\default\https+++www.youtube.com\idb\2030289160yCt7-%iCt7-%r0e7sdp8o.sqlite

MD5 9913ae235236d065d7c77959a8f9b545
SHA1 0d38e8870ad4ccf42c9baa4213aae0498b313914
SHA256 eb34bf0587a1f40368b38152bc43fc67e8e2b29e2035413d1edbf35e9f30858d
SHA512 9909ffdd30599e2a8796a71d00d22a7a4b1584d98087a06bfb38c82dcc2a64b187cdf6e571dffddbe543c448ff842fb79118578fa6df304516a0f21b1e389d65

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\xm25i6ct.default-release\cache2\entries\DFF427F3036CB4FD84301A0F4A7459DEC961B2C3

MD5 315a8a6feef6fed73e2d0fcd4993cce7
SHA1 7f247802b9283a19897371deb89a7726e49adda2
SHA256 b81a8997856c9d48a54e9ce898bcb96ed7447651ebb99e8eb7170a811a34eec3
SHA512 49b9e2639aa7f439c2f901eeeadf59cb8dee3a3fd627a405a7b784b73ae9a9983deacb5b106ffd125f21f546d113decd6eed16690f60b12338717b5a6a100f55

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf76f067.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\sessionstore-backups\recovery.jsonlz4

MD5 cf0c62401d9a340dd1d3c90b60d8a05e
SHA1 b301ddc2345e67cf81f0350bb25eb68fa194b6b9
SHA256 261b47764bdb61acd44f12b9d19faf9c1a29192a75b9ab71831209409cb413f8
SHA512 85171708635793b23bc755261f70e692843df2723b8ccc5a622a46161497f68bcbfffb440beab614ace6f8011d9f0e074c73c525678c6e4f518b2dd427c2a435

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\xm25i6ct.default-release\cache2\entries\70F9110B15BE4CA3789C4E686EFE371A84369C0A

MD5 c7fb6f53e1d8cb2bd9c9dd640c8ce282
SHA1 567bf4b3c3e252fe0664361837a8a96b7bc816e3
SHA256 1f4e019beabc1c0fefde444afccbafe6209c6754d87e769c0538f56daf89d3d7
SHA512 447594ebd2abc9766689aa02a9a81448325f25680e14fcde5aaad8b12007f0e3be990e5cfc86298b35a42b9a00f58b89d6b687cb23afa5589fa2d9ea585c6d04

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\xm25i6ct.default-release\cache2\entries\B244729BC80B4AC34542A2CF7ABB28C54E8B5AC9

MD5 fa9b1c0b1fefe1c920911616f65899ec
SHA1 5d1618d4d788d5ee9f29f0f58effe15d71bfed91
SHA256 fb1be4e89bf759fa6b9f1d7b765e923096307a1701c196e7da8a740f91532244
SHA512 4a24a8720225a68d645ae500ead9a2f6f0252538fe7b06b76a2c081d1e2088ee9df54703c31371e4bcc0a9448ad54cec7f012ccd7e519dbb598a73a8f661c73b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\xm25i6ct.default-release\cache2\entries\5386253589D09F6437E215B7DD9D35AC8A9667C7

MD5 9b6944109afbdbf61fd7764ebf163fb9
SHA1 4530de9a8aede4084f455245ab72246c501802ce
SHA256 13b235104bfce383a23ac8d37ff238d1c827f92e778447f71d8e35327b0b44a4
SHA512 435e305337ec53afe78633c580ba2e7bd02281c358947287c3c1ab6cc541be1a1e73d483705a96ec1fa4b573416a9db9984bcafe6c4d38189ad6ff3f33548489

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2fee986031d7a131e1697ee970c201fe
SHA1 4f7a5ed7b239289a7921f31a2bd744e9a46152b2
SHA256 41aaceb93c0eeab31a6dec8981c4eba81aae7e454c447b8bd17b69ff1d6e79df
SHA512 b09148b156d84520abe0e877bdedc829b5e44dd91681a3ab296538cf49802b22729e0313fe8b8c13cecbed005e98ee4286eaef82279fd48c843e80c2263374df

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F2DDCD2B5F37625B82E81F4976CEE400_FA6E4B522C9C404D38E1A6F1BB26EC85

MD5 5d21e711c84d0751f6e9136f90f04f22
SHA1 0db60ae02ed9b82e5436c761e9e026240f2cb7d7
SHA256 406c47a4ddd69b22c58c0d477379b0da8c87657b4210a3fc66f0982eb4766f87
SHA512 43925737581bac306cd94c17b2a2dd7ed77c3665949f6d70e59aaa31f4b11459e051e23da2d053bba08ab2d5bf1bf9396435569ed7dd55b8822b846e82d5547f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F2DDCD2B5F37625B82E81F4976CEE400_FA6E4B522C9C404D38E1A6F1BB26EC85

MD5 e58b24ef8fc72ff2688a62a9afbd9198
SHA1 b686ba67a45a6c4725924637f12b23ccbfd73e90
SHA256 3f7823b9e5c781a2a8d8faf69341a7901b28e933d1ca09cd3cfa3d10305e1850
SHA512 fa6551aaa6271b24b45187bd6d1b322c27a03d790522767a08ca53d9184ebdedfa8f6152b3a97b5cee732dfc79f4154cdf99c363afca0544bdadcf5821a2b179

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\storage\default\https+++www.youtube.com\cache\morgue\21\{7fbceeb5-1fdc-47a2-ac08-714f81f10415}.final

MD5 45e25bb134343fe4a559478cd56f0971
SHA1 79f18ad0b7e3935c3231ced0edd8ea3c7997ca93
SHA256 dae4dd8e56ccc952312b3b238a1db294d4d7ad4f532c31cd1c2e5f9dee881678
SHA512 9b32b125c4183fe992630bc6ce9a511157959556fdce53f8264aba2aa8fb7b0e53b408b505da2cc96cdec771470927e74cba3bbd6eb71a5077e9f933cdc85292

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\storage\default\https+++www.youtube.com\cache\morgue\99\{8ab76232-7852-43c6-a344-6a7a25b67263}.final

MD5 5b0f165bbdb71faa1bb5b26c4f022e96
SHA1 704bbe81e0d8370e675246e1cbb347bf8599aa45
SHA256 b95a445bd9d295276e8423f1ad3fc50c740512a634f2115364217544bc87d44f
SHA512 6c521b2c55135ec98f79193bf9c62b73cfb1801cdeed03a9871878f677aacea46cae165a4290682768ca1c1192dff2e87b63c39228164d72d2c7abbe732f8d20

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c7604a8acbf3ed5873c7a67a5058768b
SHA1 299afa0800a2b9003830a0bb9b67833fb18faf72
SHA256 d3ead106f2915c7329b86e0a5999c754349c1b78c642b07c4d0ecb595a75aedb
SHA512 e896cab52699169ee4dc8ba681bd2438744e40c467898917f2b90c18abf536b0029bf3242ebba13c346d442008514cb3dbd4aca275a188a054fb09f2ce1e04cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\prefs-1.js

MD5 bd0af48048f4ff3a3018235e39bf4bb1
SHA1 82d03ce0e20151232c17e54ea1131db11da206da
SHA256 c6a3b1120b2c58bb3eb0833a2279065b40e1ea138552484ae722ca2a09f18612
SHA512 6b688cb1657aa578080dd78e89fc11fce9310dfee0769bcca30cbf658e515acb0ec73c37a163c17c8511de51ba87b54a2c808c1c1b3456a957dbce2e48738a70

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6ea8592be0bb6b1f38093667da9690b3
SHA1 5b2eaf003d6e4d763b142340e5fd608d4dd49963
SHA256 ce632d9a242f1762753d87caa9d487e761d73ef2d4bab9a10ba549ee619b9d71
SHA512 9679dcda95cb691e00e6e9f88b766cdf140a2f3451004732083d59890a063e24f000b37dcf33c6f56005e3738b956c010c33a90f53a8252d2ef5b88be1d81d38

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\sessionstore-backups\recovery.jsonlz4

MD5 75ec423abf0466bbc975535dce29f411
SHA1 611274b86784ef865818b489c87894031644e9cc
SHA256 70398f174169a64e87dd388c2853e5caf3229e13540480a013eef0167bc747cf
SHA512 34065b316e35e2ee8c10b55aad0ead748cfbafc9fe0f25cb3692939703708073686be8a73c68b8b4d49fd4acf42839e49e5f1cd2eba64f478a732ea089d2a11e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cbd93126375935e8e16eb88cc3eda79d
SHA1 0bb9adc626577f34562d0a20e73dcd3f1ba438e5
SHA256 2e22e2061a91461bdc4a1bad9675fe15efebf7abdfd228a4fd583303d4212af6
SHA512 51052d3817fd5d93aaef188e640059d35588b791b0c08fa311f8ff874fe7a77bd8c08475fcf228a79e075dec6ed05d1ba0cce7f59385fc31d9e3a0c01dce05ec

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c1c815108c269c348b536968ce7eea97
SHA1 de2661b63360dfeb10143bb11fd5a1eaa3c94c26
SHA256 cf5cea48966be1693288552f7235305103cd4af22e9b2f8c0fa70c72795d7c70
SHA512 d64359b093c5274ff7f6e5924a283cb58a621fe8450034c8922b48feb210e3b8daa3b1aa32971eb1e0be8dad4c5b14f4930955a867962719f6c88b815e83227f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 ee518108ccd78fe59bd91c874811fc05
SHA1 d44aed338e769535e47d442a411068a8af8c5a71
SHA256 8e165ef1c526e5866fb62fbfbc6fa456a69dc4b7066242d28f5b0570c1695bf3
SHA512 5b361ec56e96834fced4147f170506697a79973628b406aecb2ef7321b9cdbcd5964396bfe315eb071b1ce6b24ef816402c211d414843a49a86df6baba803403

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fb90e36fdb17c4651db847a2c3dcd737
SHA1 48d6d7a1c1c4ab5613cb111ccfee433fbdbf2e80
SHA256 1e3c7ce42f909c69c32b44df2a3d5f24fdb67e34bdccd05035a7f30813abb500
SHA512 71ea06dc91f2d2cd4c18c65fa39f2fe61ea1c499cd8ca8343a76c09727dea9428c10a8d98de03e52bf97b023f977ac023beadd05bb8d95b0a10fbd8d27b19d39

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d9b73566be21e6935dd8ac360c8674eb
SHA1 65648060cf88d19564976a51cedf6dc5ae877ece
SHA256 c85d6de02318629b7b98c34903c913280aa6cdce81aef05e826fedb4ab5561b7
SHA512 c7af52f059135aa8350d0326538285d8acc2e3ee1e79deb25402fe4179aaa2f9b0289df701feb8685c4d11f09edbe780ae2404065a7ea8ac272f24fcf08b17bf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ba648b12ba7613e8a9130139d8ac8d28
SHA1 e363dafb0a2cc1e3c28939eca8878a0703c335c5
SHA256 60c8a60177f6685ad951feb2199f2af4760b815676737176460857cdc54456be
SHA512 6b53053979bc659005d6eceac99b8fe199f89f335736b89468e80e0891b67b22688a86b4b87b88c6ddc8177e34b0b3c823b240a6d0ccf72319b15722b2951bcf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6a4429f749e0457b401889fae8399259
SHA1 6e2ea265e5713ec91f15fc4885ac84e525405145
SHA256 4e1bd4b19a29030de242b22b4ab58d157e6b52eebe8db7e092fbec3760c189a5
SHA512 23b19e235b08ab1f9b4c8619e72a18e32972d16cb241c6fd7c0c8c273a6f3d6079f551d860cb7935310dadf0e6b5f4df2e2cada3022fec2adef69fda3deb21ef

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 76c81ff38ad76b9fb5ca715144a6ba3d
SHA1 ed4fcbd7a6e4ebd102a047a5438c04a6052eb58d
SHA256 13686d7a07b24badb9d9cffc9197ee6e338dcb525908500efaf72ce79cef2cb9
SHA512 10813297d4104c6aa65df4ebb78709840dfc6525f706d66ba55c11a12058b30041c27c452d34e6fceee0ad14aea6ef13384abf77855aaa588e54976b5cfa6f1f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6bf073b2841940ece7e1c07217b04a37
SHA1 fca403dee53a5b840905ea24c858b0d97fcf2bb0
SHA256 42d083544cf3077e65583e45a6f1b77c919657e4cc23ab2798c91a0da6fcf822
SHA512 5c26f6505358c85592c4eeefa1544b75f20f23dd19abdb56a37aa1d755ce914d8206bbd46bb133cdee135d6e2a52c70f82e9cc4d330c57c66d30d27c5c653306

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 907fbf8b420ce534879597676b8c34f0
SHA1 0affa1a072b60c9b2901550b2418548d1d81b5f4
SHA256 6daba1d6bed80c6c8521db845ea72a02788997cf6e73aa5fb37a4cde452555cb
SHA512 180c389307fae8a3aa53ee1f05f752dd4ea9324ad3957946f8c87bbba38982454ff431230a1f8669b146aef5d8954b6256b17ca4881621d5b7ffb310a7c55f1b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 be428055d4ff31a6a70708ffded35848
SHA1 e57b37c5c541107496e820e9d735ad11aabeb0df
SHA256 2b02f8b3b364b80a975abd42b4151b21d9ef97b031db2118351279383b4b1b03
SHA512 61a0c8fbebfa70dd66109cf9b1c05d9b0fdf31b6a9ee213840b57d214662568b73557ee227c65392e5f4c9c06e27ea2e5ff7a1e875724057931860ad74d18477

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 31cad3225eb523d08048e83dcbe9bf23
SHA1 9fe39041c4ff5413f3348d8643bbee3158639c5f
SHA256 0e32001652c6b9b92eb2807ef32d0087c0d50069a7e2049825d2f3b3d255e695
SHA512 2fc15a7ae08f272a126ed7e415ffc6570de8f46763819ff6b32e8d60bccd85b18f7428a293564380c8cfd83c1452ad45550f99ff73d5da60e496e39deb6bcf4a

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\prefs-1.js

MD5 6917ed48374ade5cb574722a1200091f
SHA1 3cff5a399f6933df68a59b318066661834854481
SHA256 54985af909b28ce25e51316e3ae6a4797dc093290a5d88a51924ed0b1c3f1c00
SHA512 adadefde9c2d4286df854ad1f06c09b2cdbc2763ac8b7e83be735658ccd815ad8b4fbe754176bc823afa0ec5b572b8fa4bb919b215481141d22ca55417adb4cf

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 1e8edfa720e7497dd99bf09897e1c69e
SHA1 64424976eeecd717bd44def04a7d1df6924cdef8
SHA256 11c91a84d42fc5b6d922131b41b48e70e62463ef414ceb5f5099ccdeab8cc04e
SHA512 d8c413a8ccdb357587182492aafe55902f8c9cdada9b0865669972a2f710114b2098ef0995860255da3a62a7d26de7b46545f2ed2f493d5043c884089b0e9b79

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 98d99f73868979822c8aed912f768816
SHA1 3b13465de35de67050857215dafa39beedc68a4a
SHA256 aa2fc0024af6d582366cef09ee9eff70e1e2580eaa38b5af96a24f29bba38670
SHA512 8016444fec2304073e0b8c9f6c95ef32eac8f9932f6ed6d373b9819096ce5cf00c55ac5f870bf7b472c7f8af48d010c697193cde58fe3eaff355cbea14b42477

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\a4211c4f-cf5f-41ed-9ee5-25c43270f20f.tmp

MD5 a68feecf2f5190700c398ee0f630c00a
SHA1 5476261b8c3b24a71fe92307ea7c829d9dfbdeb8
SHA256 c9b72aa8b222c2848b5c1d15230854d9a00adfc992b39fae0ae6f3399327dfbb
SHA512 f54641253b6172c8082baeea2813eac7ce0980e41577a2114590880d6325b339e2b912a9fdf20063454103db6f949f42d98a826ff9862461bff1a60d96e04cd7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0a15b9817ff9e3e8a1a2b750c338a5bb
SHA1 624afc13c49db5bb5b23e20c63bbbb57ffeb5d1b
SHA256 9600032908b745da4376a8a1eb9114008bd61353d7e0c8d4f5b653ec3187cda6
SHA512 a4c51f36c5d6105aa74bebb3a6a21f1ce30c2fb4c66bbaa68f60f97f1bc4fdf6f6a44f8433ffc228751de40f76b0b4a4971945cf0633c8118171b8abb1810208

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9a6b6fbdc9ae70f860aa5b9cc9cf7ff7
SHA1 48788d9f5e521dd886f165c358a34a27ac766337
SHA256 d70f9d9b88e685df3e3f5c72c0cabcd825fca7bf62ecf0e1cae99d735001a764
SHA512 bad423b167150cd77bfe3ccf20fa13b71291e61080f7d05dbe76b0c349cd0d46b13fc104305aedf1d75373689ff7aeb563290fe42c7e0a474437f84b780f108d

Analysis: behavioral2

Detonation Overview

Submitted

2024-02-18 03:00

Reported

2024-02-18 03:02

Platform

win10v2004-20231215-en

Max time kernel

149s

Max time network

151s

Command Line

"C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-3791175113-1062217823-1177695025-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3791175113-1062217823-1177695025-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3791175113-1062217823-1177695025-1000\{A1C21B56-A105-40F0-A399-D724EC83CC06} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3791175113-1062217823-1177695025-1000\{6C542EC5-DF66-4DFF-8D5F-6FDB59F96749} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3504 wrote to memory of 3880 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3504 wrote to memory of 3880 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3880 wrote to memory of 3212 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3880 wrote to memory of 3212 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3504 wrote to memory of 1436 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3504 wrote to memory of 1436 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 2272 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 2272 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3504 wrote to memory of 2640 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3504 wrote to memory of 2640 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2640 wrote to memory of 5084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2640 wrote to memory of 5084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3504 wrote to memory of 2908 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3504 wrote to memory of 2908 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2908 wrote to memory of 2308 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2908 wrote to memory of 2308 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3504 wrote to memory of 5100 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3504 wrote to memory of 5100 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 316 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 316 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3504 wrote to memory of 4688 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3504 wrote to memory of 4688 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4688 wrote to memory of 2284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4688 wrote to memory of 2284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3504 wrote to memory of 1508 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3504 wrote to memory of 1508 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3504 wrote to memory of 4920 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3504 wrote to memory of 4920 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1508 wrote to memory of 2924 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1508 wrote to memory of 2924 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4920 wrote to memory of 3284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4920 wrote to memory of 3284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3504 wrote to memory of 1504 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3504 wrote to memory of 1504 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1504 wrote to memory of 1648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1504 wrote to memory of 1648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3504 wrote to memory of 4532 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3504 wrote to memory of 4532 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3504 wrote to memory of 1576 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3504 wrote to memory of 1576 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1576 wrote to memory of 996 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1576 wrote to memory of 996 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1576 wrote to memory of 996 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1576 wrote to memory of 996 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1576 wrote to memory of 996 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1576 wrote to memory of 996 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1576 wrote to memory of 996 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1576 wrote to memory of 996 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1576 wrote to memory of 996 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1576 wrote to memory of 996 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1576 wrote to memory of 996 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3504 wrote to memory of 1112 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3504 wrote to memory of 1112 N/A C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1112 wrote to memory of 3812 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1112 wrote to memory of 3812 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1112 wrote to memory of 3812 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1112 wrote to memory of 3812 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1112 wrote to memory of 3812 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1112 wrote to memory of 3812 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1112 wrote to memory of 3812 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1112 wrote to memory of 3812 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1112 wrote to memory of 3812 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe

"C:\Users\Admin\AppData\Local\Temp\ed24826a2231038de59ebc6aa550d0c6ba34748af5c7ba8e652696f0140cafc4.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa860146f8,0x7ffa86014708,0x7ffa86014718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.linkedin.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa860146f8,0x7ffa86014708,0x7ffa86014718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa860146f8,0x7ffa86014708,0x7ffa86014718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ffa860146f8,0x7ffa86014708,0x7ffa86014718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xbc,0x108,0x7ffa860146f8,0x7ffa86014708,0x7ffa86014718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa860146f8,0x7ffa86014708,0x7ffa86014718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0x78,0x104,0x7ffa860146f8,0x7ffa86014708,0x7ffa86014718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa85eb9758,0x7ffa85eb9768,0x7ffa85eb9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa85eb9758,0x7ffa85eb9768,0x7ffa85eb9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa85eb9758,0x7ffa85eb9768,0x7ffa85eb9778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2040,8130467803541019496,13078772745762413105,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,8130467803541019496,13078772745762413105,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2036 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,1697240226860352784,8353197087680411069,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,1697240226860352784,8353197087680411069,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2064 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,18421586634315684362,10585741869149534408,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2620 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,18421586634315684362,10585741869149534408,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,18421586634315684362,10585741869149534408,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,18421586634315684362,10585741869149534408,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,18421586634315684362,10585741869149534408,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,13925055079751957525,2463445167565336146,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,18421586634315684362,10585741869149534408,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3896 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.0.2138763528\519437278" -parentBuildID 20221007134813 -prefsHandle 1724 -prefMapHandle 1720 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {08321ec9-efd9-4c39-9d7e-7f9ba7f98ba3} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 1812 28ef4bd6e58 gpu

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,18421586634315684362,10585741869149534408,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4064 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,4277040689934277230,13539148666435763837,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,17419598761901108426,10824379913171715367,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,18421586634315684362,10585741869149534408,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4304 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,7029947926991743633,13030057065423114805,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,18421586634315684362,10585741869149534408,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4516 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.1.2042089492\1883682456" -parentBuildID 20221007134813 -prefsHandle 2324 -prefMapHandle 2320 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f31f1e75-c1ad-468b-b5d7-a674f3745f84} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 2348 28ef4344958 socket

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,18421586634315684362,10585741869149534408,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4532 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,18421586634315684362,10585741869149534408,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4840 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,18421586634315684362,10585741869149534408,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5544 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.2.40380143\1865270515" -childID 1 -isForBrowser -prefsHandle 3164 -prefMapHandle 3160 -prefsLen 21603 -prefMapSize 233444 -jsInitHandle 888 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6b64ec7b-a6db-4e5e-8535-a8647ec0eb6f} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 3176 28ef85cd858 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,18421586634315684362,10585741869149534408,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5796 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,18421586634315684362,10585741869149534408,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5984 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,18421586634315684362,10585741869149534408,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6128 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.3.2016750082\1920587625" -childID 2 -isForBrowser -prefsHandle 2724 -prefMapHandle 2956 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 888 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {19d23139-aaa5-4fa5-b64d-c6c935a05b73} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 2976 28ef9e55858 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1916 --field-trial-handle=1992,i,12810694803295953084,13890388448581335658,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1648 --field-trial-handle=1992,i,12810694803295953084,13890388448581335658,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2248 --field-trial-handle=1992,i,12810694803295953084,13890388448581335658,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1900,i,10455538462324331666,8355388337047974922,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3424 --field-trial-handle=1992,i,12810694803295953084,13890388448581335658,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3804 --field-trial-handle=1992,i,12810694803295953084,13890388448581335658,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3032 --field-trial-handle=1992,i,12810694803295953084,13890388448581335658,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3012 --field-trial-handle=1992,i,12810694803295953084,13890388448581335658,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1656 --field-trial-handle=1900,i,10455538462324331666,8355388337047974922,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1920 --field-trial-handle=2004,i,17318518789823349746,17623529667250170004,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1668 --field-trial-handle=2004,i,17318518789823349746,17623529667250170004,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4800 --field-trial-handle=1992,i,12810694803295953084,13890388448581335658,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4928 --field-trial-handle=1992,i,12810694803295953084,13890388448581335658,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.6.21046154\288239756" -childID 5 -isForBrowser -prefsHandle 5216 -prefMapHandle 5220 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 888 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {db0ff123-2381-42c7-b6e8-8b1460e8cc94} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 5204 28efb832958 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.5.1809632962\1832821200" -childID 4 -isForBrowser -prefsHandle 5104 -prefMapHandle 5100 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 888 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fbd5a43e-f17a-40cc-b4ac-1266f50f3712} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 5112 28efb830858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.4.417101996\194084080" -childID 3 -isForBrowser -prefsHandle 4900 -prefMapHandle 4920 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 888 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {af3a4d12-6b83-4ba8-ab63-e41d6bf4f8d8} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 4928 28efb4ca258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.8.614286469\2118920986" -childID 7 -isForBrowser -prefsHandle 5636 -prefMapHandle 5640 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 888 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4f3e3fd9-9a9f-4c5d-820a-657e264fb34d} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 5628 28efbe7ae58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.7.2138973660\727483972" -childID 6 -isForBrowser -prefsHandle 5216 -prefMapHandle 5112 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 888 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c8d26565-ebd3-497d-809e-887acd1f5c1f} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 5064 28efbdfc458 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5336 --field-trial-handle=1992,i,12810694803295953084,13890388448581335658,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4192 --field-trial-handle=1992,i,12810694803295953084,13890388448581335658,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2108,18421586634315684362,10585741869149534408,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5524 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2108,18421586634315684362,10585741869149534408,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4036 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5352 --field-trial-handle=1992,i,12810694803295953084,13890388448581335658,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2108,18421586634315684362,10585741869149534408,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7332 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.9.260313623\1579251260" -parentBuildID 20221007134813 -prefsHandle 6072 -prefMapHandle 6068 -prefsLen 26381 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {73428f7d-f67f-4b33-b2be-6a94fa793907} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 6080 28efbd5a858 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.10.873784798\928431017" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 6216 -prefMapHandle 6212 -prefsLen 26381 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {aede47bc-241e-4239-b7c5-4505efbc660c} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 6224 28efb40f058 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2464.11.403228737\287715290" -childID 8 -isForBrowser -prefsHandle 6528 -prefMapHandle 6524 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 888 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {72498611-53b0-477e-887f-ff6fa9c725c3} 2464 "\\.\pipe\gecko-crash-server-pipe.2464" 6540 28efc4d2458 tab

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,18421586634315684362,10585741869149534408,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3796 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1608 --field-trial-handle=1992,i,12810694803295953084,13890388448581335658,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 79.121.231.20.in-addr.arpa udp
US 8.8.8.8:53 180.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 13.107.42.14:443 www.linkedin.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
US 8.8.8.8:53 accounts.google.com udp
GB 157.240.221.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.200.46:443 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 72.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 46.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 35.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 34.160.144.191:443 prod.content-signature-chains.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 52.24.144.241:443 shavar.prod.mozaws.net tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 static.licdn.com udp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 216.58.212.214:443 i.ytimg.com tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 241.144.24.52.in-addr.arpa udp
US 8.8.8.8:53 88.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 214.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 23.147.70.163.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.187.202:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 142.250.200.46:443 www.youtube.com udp
GB 216.58.212.214:443 i.ytimg.com tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 142.250.200.46:443 www.youtube.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
GB 142.250.200.46:443 youtube-ui.l.google.com udp
GB 163.70.151.35:443 www.facebook.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
GB 216.58.212.214:443 i.ytimg.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
N/A 224.0.0.251:5353 udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 157.240.221.35:443 www.facebook.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 16.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
GB 142.250.200.14:443 play.google.com tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.212.214:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.212.214:443 i.ytimg.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
N/A 127.0.0.1:49560 tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
US 8.8.8.8:53 ponf.linkedin.com udp
US 144.2.9.1:443 ponf.linkedin.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 1.9.2.144.in-addr.arpa udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 platform.linkedin.com udp
US 13.107.246.64:443 platform.linkedin.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 127.144.250.142.in-addr.arpa udp
GB 142.250.187.202:443 content-autofill.googleapis.com udp
N/A 127.0.0.1:59206 tcp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 rr4---sn-t0a7lnee.googlevideo.com udp
CA 74.125.172.41:443 rr4---sn-t0a7lnee.googlevideo.com tcp
CA 74.125.172.41:443 rr4---sn-t0a7lnee.googlevideo.com tcp
CA 74.125.172.41:443 rr4---sn-t0a7lnee.googlevideo.com tcp
CA 74.125.172.41:443 rr4---sn-t0a7lnee.googlevideo.com tcp
US 8.8.8.8:53 41.172.125.74.in-addr.arpa udp
CA 74.125.172.41:443 rr4---sn-t0a7lnee.googlevideo.com tcp
CA 74.125.172.41:443 rr4---sn-t0a7lnee.googlevideo.com tcp
US 8.8.8.8:53 rr5---sn-4g5ednd7.googlevideo.com udp
DE 74.125.162.106:443 rr5---sn-4g5ednd7.googlevideo.com tcp
DE 74.125.162.106:443 rr5---sn-4g5ednd7.googlevideo.com tcp
US 8.8.8.8:53 rr5.sn-4g5ednd7.googlevideo.com udp
US 8.8.8.8:53 rr5.sn-4g5ednd7.googlevideo.com udp
US 8.8.8.8:53 rr5---sn-4g5ednd7.googlevideo.com udp
DE 74.125.162.106:443 rr5---sn-4g5ednd7.googlevideo.com tcp
DE 74.125.162.106:443 rr5---sn-4g5ednd7.googlevideo.com tcp
US 8.8.8.8:53 106.162.125.74.in-addr.arpa udp
DE 74.125.162.106:443 rr5---sn-4g5ednd7.googlevideo.com tcp
DE 74.125.162.106:443 rr5---sn-4g5ednd7.googlevideo.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.234:443 jnn-pa.googleapis.com tcp
GB 142.250.187.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 234.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 aus5.mozilla.org udp
GB 142.250.187.234:443 jnn-pa.googleapis.com udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
GB 142.250.187.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
US 8.8.8.8:53 209.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5ednde.gvt1.com udp
DE 74.125.162.134:443 r1---sn-4g5ednde.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5ednde.gvt1.com udp
US 8.8.8.8:53 r1.sn-4g5ednde.gvt1.com udp
DE 74.125.162.134:443 r1.sn-4g5ednde.gvt1.com udp
US 8.8.8.8:53 78.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 134.162.125.74.in-addr.arpa udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.187.238:443 youtube.com tcp
GB 142.250.187.238:443 youtube.com tcp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.187.238:443 youtube.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 30.243.111.52.in-addr.arpa udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 163.70.151.35:443 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.46:443 youtube-ui.l.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.221.35:443 www.facebook.com udp
US 8.8.8.8:53 beacons4.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 8.8.8.8:53 116.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 ba867085de8c7cd19b321ab0a8349507
SHA1 e5a0ddcab782c559c39d58f41bf5ad3db3f01118
SHA256 2adaff5e81f0a4a7420d345b06a304aafa84d1afd6bda7aeb6adb95ee07f4e8c
SHA512 b1c02b6e57341143d22336988a15787b7f7590423913fcbc3085c8ae8eb2f673390b0b8e1163878367c8d8d2ee0e7ca8ed1d5a6573f887986f591fcababc2cfe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 bcaf436ee5fed204f08c14d7517436eb
SHA1 637817252f1e2ab00275cd5b5a285a22980295ff
SHA256 de776d807ae7f2e809af69746f85ea99e0771bbdaaed78a764a6035dabe7f120
SHA512 7e6cf2fdffdcf444f6ef4a50a6f9ef1dfb853301467e3f4784c9ee905c3bf159dc3ee9145d77dbf72637d5b99242525eb951b91c020e5f4e5cfcfd965443258c

\??\pipe\LOCAL\crashpad_1436_PJJYDMPLBBFKTDNK

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 7957c66bdba98a350cd77b04b045590a
SHA1 3b6bfb96b57abe1f6fa83bfe75a211cb7ec2f1bd
SHA256 c00f162d6e8de9236ba690d4fb66e0582397bf9d86764460eb96a1164f2d19a4
SHA512 9a7920ab954e5ab5b02679dce5874cac51702f4322c5c2e132119d7315f32b069d5d483bcb28d8a5757713aa2ff0d8eb664bc9461a11cced037ab1a8cf6e757f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 8f91900d52acce148cce48c2dc1fc17a
SHA1 556e43c928507afd4d83b04e9fb9c9518645d41f
SHA256 904d6800c6248a4068343f629f7a87b1cee467931535df01c6dedf3f9390b1c7
SHA512 02746cf60e5fb7420e4f261f391cfbc7d7578929aa94b653a8fc7691c07c58b5f96516735ef3bb122b2bf5f506df178ad551d2702eb1857ea021d2d9ab355c4b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 5b3d727439d69ac731017c9b582a67c9
SHA1 490a613e47418bc919f8ec1583b39eeea82f26c6
SHA256 bdff4cfd31df9375c7225ebc777c988020e894095af1951bb424816a75609f50
SHA512 b64172bd4b58fe1cedeb0dca1e0e61882418712eafcee1930a92392164bd829234c2a04a8b9569a38db6b959da806e6e24c12c47aaa09d5a188612dc7c15026d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 984654d4c80d934d77dc5e182df827af
SHA1 701ddfc9c67d829c7d53a3eb4bd6b1ba7a38cfa2
SHA256 917df3b6ec7b9cb9cc8d92b21338d65ce0febae03fc405aaad9c461a55a0ae23
SHA512 8aa51c3dabbd4965e1176c6e59e4b659b3e9862764978978674fe100ef27a769d5e7fac4c5a553d5d8b56c089b5fdc3d5a227e7c20e380f7f7a198758076f7ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f19664e86c1c49abbf527a162258f5ad
SHA1 3c3330a36711bb646aefdf425d5d30616f0d95fc
SHA256 e182062773afc6c1d7bce695a2e38712f59cfa89a9a8cf84f766fd34d2739ef3
SHA512 434af5e76d1fe25a5f28fab5932988a89bfd58d2174e8f071cd2757482fe2aca8f6f56fe8c51a6f98ab4c8aa1f0d81869a60c1da8bc77588648b9d391db1033d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 7a4844857627f33563aeea566f5e1256
SHA1 501543d2a3be083071bd7d80a9d17406a053b531
SHA256 ec52779bef6f85a90bfbcaf7ae8532d377169d7f89e97d54c8c8ae441268643c
SHA512 016435fe56a4a6188607dafef24c3a7244147a476d4e62fabc376d7ada73ddf3acd57ee1d2b86a182ed647f47d00a0a1a2950b422eebb10fcf5d06dd9405ff57

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 623b601c5e1fe0fb2951a97c0fd0f2c4
SHA1 4f1ecbcd58c70bc35fbb5ba47cebb4090fafece8
SHA256 9f643c21b7149060a3fea1ab39d722eb60715b32118a7a69f3c7c29196d28f53
SHA512 c037106a02c4b68382e66323bd6afa8ce7a0c9275c5160af057a428ecf6b718fe4b35904b013cc0b533124010e253f19dbfb3a66f94e9bf5251460be4a5914ef

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f06c0ae57f6f48a7c60942cc8c1ae085
SHA1 40646989678f8fcbec36242bc553afdfafee8735
SHA256 9a1a924a51adde8d25239e1ae5ce32c61df3027caf73fa6b10d2de9dcc5d1c9c
SHA512 130b677d670f424bd4d0ae2471f52e9ae7a2b128c493444e7effaff6d85221c968c9b2da36ab5b7d97cee84ea457c715bd709426da8965a717cf219736945d7e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\datareporting\glean\pending_pings\7b1163b0-d1e0-4d3b-9760-35ee8217823f

MD5 5010cdfd18cc1074f922fc9eceb0e693
SHA1 35eb895aa333a1c425c16916ac823e49be304c04
SHA256 6495b9f8707a68e992b561039c6604e2e5d265a750227515d992b4f01b9b7e1e
SHA512 d535ba38d5912670f4c7ce39d214bed42fea8e2e332630b99d9621946431081c1195e4932114ba1a46293685d57668e92c3e61c741088db53290a748956f8bd6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\datareporting\glean\db\data.safe.bin

MD5 2df2cc09c81425be8c38e864c864d9b9
SHA1 99af6dce056bce3dffc1570c5249587d0098ac33
SHA256 751041ea1bd08fb86562ea6ab0523cb46161f12c98301be7425219bedd8f6b1f
SHA512 2ead975684519b8c42d1310ec78d5ee36397bc5e32b9dd2feaa3a708bb00e92bf6ff71762a045fc4acb1c0ff8505bada8e55daac40b9642aa52f1e0fea7dad96

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7cb4a449da8cf8f6f224f1e1f1bdfa49
SHA1 d127af80b935047af45a6f203b9b9265aa317968
SHA256 860e1ca535c3edc8d570b48dcd3dcd715c72361e5eb448aba4e9d63e0ab29069
SHA512 061359144ae2b848920ea5881294dd4f43863bef6bc2b15f2f680e10317bd5b66467c2d7e468e0ec70296d1a1b2c37c1bb91bc699d2bf36988bfc251e88f0deb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 5e7284aa4c23f8a7eb013367a9c2b070
SHA1 415436d9440b4ae23388134db1f189647abcd713
SHA256 babad5de632a71cc3d44aa9f721aa3ff123d375e6d6d66f44521a8e83c8ff604
SHA512 9b736fe99ee674c1ada431a1c02835db10eaa96d90db8b79ab4e0a7324efbc4536e2b9b7df17c5884ec7f90fdf652d16f954c4c58882685249c6cbb83439737b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 8549c255650427d618ef18b14dfd2b56
SHA1 8272585186777b344db3960df62b00f570d247f6
SHA256 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512 e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 eed621f0e300f64e7e9d358061c58585
SHA1 52c0099f87c7a5e52fafb9a64a7a6a33d6bf089a
SHA256 4c32332012d777ab7655b7c5ea980e06a4d05d2c6bb94e25e40d57d47cee6d05
SHA512 7550e6f70245c861f718dc9711d53875e2581f1c6d5e01b4f370b64b89e0ac0aeaf6a450235ea5e71c2ee9a7980660a3abc8937a13fee2acfdd5c5b273688ed9

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\prefs.js

MD5 72be5a9ae32b48810969775e660bbbc9
SHA1 9e415b6bcbcf64b93c869530dcd96a409a601011
SHA256 38efc0971d70d2ecc9c6ee2860e734b5b3a8fbbd90dcf4df3058d9ef3f4c8dbf
SHA512 27c7d3b51c5b425cb90310a92e214db3d2fad3ba0d40fe14260db3267521b5cf1b871065771cf884a713dd339a0e10e50de8ba946a1a88d25d24a92e73264b18

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\g5azq69j.default-release\cache2\entries\A6C7AF91CCA8599C5D4BCD6E0B45CF31E7DA8314

MD5 914301c7b764804b7c0145e50525aa17
SHA1 d7b1c03a2c20ee1d0ed9479ee73ea4454b89c1b0
SHA256 8627ee5148ef877a645546630cf7acd0646b4aaba464dd4e7819a4ac0b6daedf
SHA512 c889ee31cc46027e03fc65c8543b14acdc2189106e0339ba967dcfb8164aba0fe0f622c8d2ce453709b720da09ae450c6815107471798ee18154906dc09d14a2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\sessionstore-backups\recovery.jsonlz4

MD5 a31a47ad0ba612d3b1b77fe06bcc2565
SHA1 ba2a9686950d4acf5b7ce1be8206377dc858c9ce
SHA256 96273a110da78b4c140711fef306a42457a6f8a8b2fd26104981f501ce1ad3b9
SHA512 3969b846f9347c3c892d953ef563cb01db0d7c114ab3f7b8bc37840aae01b4798de3208f59c65d761111f9825f1d81faa755bec915eaea0b1d2e38f7a3b8a1e4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\prefs.js

MD5 3a94ed49ed925bc94b44d3a717784786
SHA1 443f67c0b43b3b454d6a3fa715dbad812a018385
SHA256 6c1c39ea9ef28ff8b7bcdc830c94f8f3d326529c8e6446231fa2b11ea1194a18
SHA512 877cec8f31e06a7176c322972993e8809bf8c86eff45696d13b0a3b061a8416d1c022a5f4f1ee0362f3ce7dade3936d7f7fac4c74eb774166bf5b49e8434cf47

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 45ced2ab36997f9bf1a3e54bd06998b3
SHA1 35a719d549959520519eb19f822fd781076bb114
SHA256 f6e4584213a9676a54ed9a812ff38f42b9fe50f305ef6b66762e63a18a9b5743
SHA512 28039add7effb98c316d976dcbff6d883d40b9e5520024a0d9d7d88669148780c22afa54233f66b925299db9df54ab1b3aa600b5eeb463ca8e4e08f3a064cd95

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\g5azq69j.default-release\cache2\entries\AEC077A8DA76492108766EEE7A6DF0E84FAD94E9

MD5 8de60d405bf6cb8e88fc563bb470e96f
SHA1 eb536a11ae3f55d393875ae2e608d8be94b80e70
SHA256 eb3685aec8820fa9f792cbb5362fdf52dcbefc1872981d6dee1fc879d46854a3
SHA512 fe9fc67d649fd180c314b45227783be44f4320d1a9905945ad0583a663275bc927b1bb9716149e781d5adb0211df1e9b28c7a811f0494aa960bff1038e1e978c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

MD5 b3b3a2a25257cac2926de3c7ca377d77
SHA1 722c60c46ae895110fb1c8beb92cb2add490758e
SHA256 377c00695a5d2fc56c554f6823521be5d44a0e969c0d5ae2fc854fff7b831654
SHA512 43cfadedf3e2e13fdd0cb608263abb38d0809d0d1548755ab97047b75ae70921e5c47a9ba8618c9282350ddb201c94850e88516ad41bbb56c190fb30d0520eb7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

MD5 2b9776807df1c30ef66c45ef60237487
SHA1 17e925fab39688d0d907687da86f566e283ee63b
SHA256 58a7c2031d7dbf5bda9614b64123996aa3bfcb5a783f901145baf087066c04a8
SHA512 e67162fb491ca513627e9fcb69a5db19a15129856ea3d01c2f0b5add061811bc5a0d4b6d8e53e4d7fe155b3bdf4a786cff697df5165368616589b411f8fafcf7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 7a204d478c8dfe822bf86f9103bbd9b3
SHA1 7114b36ea1588d9372d730b2ee5dec7a3aee36d1
SHA256 d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb
SHA512 f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 04dc086f2b973509ffb8a72bf4a30581
SHA1 27dcf4cb539a1047946d5f6151e05d47a429ea2d
SHA256 c30549621ccc563295ee16b57b4098b3053ad9a9af70979d90f715294f7b5be7
SHA512 f34b3611f689a61b07e1974dfbea6a44bb042435d82d1f35af9e0df324f93d3e80fbe8431016877e713f0878be33a930f31bcc8b19d46ff980e9745267a30e9b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

MD5 6113d9f8b5839ba1672a924487efc6b8
SHA1 936ee83885f93c86290d3e6785a7aa57bbc948d5
SHA256 06b5e5a492bf40fcbf52c71bd4181409df6d8766baf268919a18d8a1c60f09ba
SHA512 76ecc189cf732b835244687a435db5070ed839fa4fa5e784e50c0a4b4c5e0c5fbba931059cb17651723c3b9b8446f40a66225a2e5bd0ff907e1948820747d836

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 e7509c0974f418f9abc9cfbe6680c85e
SHA1 1b05ca39e4e5007eb16292ac9153dd09e6e8b491
SHA256 5dfeecb28f2faf93c24e4755b3bdd2d1d32bac448f7ec94ea3eab9e934a425f4
SHA512 f16b7a2ef1e574328a918c42a6291ba3bb8fb146104de2f10471228d122ca27cec21e06fe3ed74192f6b72f01895c6c527f2706a9aa6c582b8d270f4a58d7d42

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 e4871a2a01805f6a4e4b5b302fb51c79
SHA1 5ba1b6c82c8861baae0d2ad4e969db97b05398fc
SHA256 8fe4ca7286a0bca3d62f59e060e6de37466a99e4e2eb293a533d5e470470fe2f
SHA512 007882924601b014e95d9d5cf3a804c231d0b192dc1b714adba25e393e6c7c1adaf068a99ba4848f8a1308f2c9ce4f3b947fab576437d5f8f59f22067f803eb6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 338312df33d20587e9afb2477fb257b8
SHA1 2b9c400bab14120cf8514375b9a122bccd7d32d4
SHA256 b08cb52b2c93047eeba81c8c5c8e844425c3620bc52f9105fc336886630ba01d
SHA512 1065f519a36688c0311e5cdbab26acbb98ef38060ae56ac0753764c21ce224d46043afa9ded8535e23ba16dcebfebce3cae3ee8a5e990f9c2784d11ab437be19

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\g5azq69j.default-release\cache2\entries\4DC75AE7BE106203C668F4A8EAE4B1735CC9D518

MD5 4acfd195503e47f12081ac801b88ae6d
SHA1 bea9af02de9029ae79b94e78d94b38b338623b2d
SHA256 85c36dbf931cb3eaed73905f967fc1a0013b7ce8c45eaa0d191bbabaf55104fc
SHA512 5b2e2e05ead3aa7138cf1ef6094bc125f430d3c6e7073d39d1d3974d6ee08a6013193ade14821a6933ea6d0ec6a22d2523c37385f955f93bfb04f0c44c42e7b9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 925b59458aa77cdca472aa7c970d8f80
SHA1 2fcfc560503c1632727b17963b9890551cc37236
SHA256 d3fa91e701046480d6e51b87d21eb5db292fac78cbd5cd88db042489824e5dec
SHA512 3359b02849de30dc8b7c2f2d25c11e6f94951653837ca9fcd02d837c5ed0353f7421c1214384f42a1b90574dc05876675d8922c723e4258f2b120bb42be82eed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 b0ba6f0eee8f998b4d78bc4934f5fd17
SHA1 589653d624de363d3e8869c169441b143c1f39ad
SHA256 4b5ee509e727accbd11493dda2c1d512e7dbfaff66c4f5f7ea9c2d2ccd06151f
SHA512 e9a165da246c6b80fc38431538203cf03f95794184ff63f00c9500f8919a2028b803f64b670e685185eed72df0509e3185c9b434fdbf2bc7af36021d46bd08d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

MD5 48a1f77ccf0f523f5c2864f20fc9c4e6
SHA1 a97d896b97804750932a9e8444f7a65cfbb295a2
SHA256 0097fe392f2479647d8c9f3840c7ac49f8296b1908bf0e99722a86f223037ed8
SHA512 e89189bc54043bb14f6535b55ba9aec1f27cc36defeaa5274e5f22acc50854bd9b34073a41649a4cbd66abf456bca5b1a695354bc4de3569c9bba9a494e05098

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

MD5 26009145d15eb91da5fcdc138770618b
SHA1 17c5dff4b9fc5e5a98f93cdf35ceb5ffa4c2f8e2
SHA256 85cd6bf80a72139a65e56632c333d648f0ebcd9bd8c1fd526557949f93ad7e8b
SHA512 187744cfdcf34bb94c50e175873a35e48a937ca816e6cea13870698e00b4edcbecb2a17f79e5f5f0980de4e0f7fe02327ad4917a10839c4e69bde5b791979696

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 00e4719e921c916759eaaeb965fb9b6e
SHA1 f0e7c979c0a1e85ac78d9dd231502fb425b18cd0
SHA256 5026526565cff03c7fac8772152e339d2161d8b473c2be9f2bd85937a47aa6d8
SHA512 b67fdeaad9acbe718c8713b6c4ce3dc7c4d76726f94febc6539d245e47b8893c744c338d6c2b18c5cad99e9d0141d1ce514e53d67dbc8d1d825e5eb08c5a5781

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

MD5 769287d0597f2baa517207a337bf038f
SHA1 3db7e68e2009f19907d2287caebf99eec0b8287b
SHA256 5e930a1c171d4599bb6daaf71ac52b2b50eb0f15e1ac08c0ba651fb27dd06b0d
SHA512 f504f98bc5550d19e1fb186fe35c0c9d67411259ea37e87404d503af6c04b3a6724959499f2be17ef753fed53bf892f0c27f6dc11ded18a7d22eb6e3c28d7d3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 468f56c49e928f7324bb12c425b1028f
SHA1 e62a69dce5978ebc31f113e66c8a298cd812192e
SHA256 281f7992219e8282dcc55a27a46c7b7391381f3b17e23bfd859804051ba46228
SHA512 ae9a65b88d3c9868245d161547f4759b58c16935a50c3e0b4c17d966b302ef7253c66539b14c6897f2eaf53da75848ded6c7c4086cb48f2a2d6b9eddab45209b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0b039f2c717ec5e767de80b3cd46782d
SHA1 45d7849c56bfc97420ba0edfa48519253ced9a26
SHA256 df5b4c246deda6f07160d31f070945d7b5ef2cac9721e1243bdc6c96a45e4ef6
SHA512 3a5e1208265d2d46ff58c5d59c67f5134faeaae1c0e29a906928e5985d106ec55e107200435b865c0ae707a4f932b141f77d532a59b199169e62f43677f534c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b32d29e5b2e893a6f017f2a8cedbf085
SHA1 9383186dfe0182c4cae29dfdcce326ca24ef4461
SHA256 3d814bdec67ffc8545facfc60ca1b768314c884aec9d0873864dda16e2dd4e16
SHA512 8bce5dda7f3e26725bf10a7aaa8e8d2b37e2e56c5b58a236ceb27b6f5c3c5f4ee1985263d44fdb8fdc05b5ffd1ab674142f0d83e5bd7d11279c3f3d487e8579f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

MD5 76a921ea3d22acc67a058e302cbaa814
SHA1 e98ff80e514d2d4780e0b8d6f1de07238c833374
SHA256 a79f3a428008b2aa5b0c0d2c3a8fe654e2ff94a0dcd4bdd3fea18311cf6758cb
SHA512 b159bfa8e3900a59f890d2e5ff48cfc0a9620d19dceebe075d83bd4fdf6713b18a0cdcfdd28251c211637800f719f6c6e4c1285af10d07ebbdc563c96b4e824d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 2fa8c144a6c53d2e3c1e56d6ab80d1bc
SHA1 77ad34e9a6bd0e005ca68b77db7d2987f40e77ba
SHA256 372866e552ef43e292ee6838f54471ec6b5e3da8e07dce079f5d74ba31f5ac1c
SHA512 c2389a65ed3df40de924ea7d96a28a9d54d7a8f1f0f21d140d91d471aaf1850610797557c40600e3899911c43b842dfda4a216bd44d1b5d2005baa1ae5c9148d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

MD5 b92f07ec192c3ded7a920bbc5b1493d2
SHA1 c9cabcab04ea5264b97b7b0bd292ad95bee38abb
SHA256 1615ef7eef1f9f770eebca18ca117d5c8eaf2e96b547ec08464105a0033e6d84
SHA512 486504fae81f52929a1f9d3335c804499eeb1de1b976e2c3f83a3264a76ebf754619dfaa2422055a0f9dd4535daab95bc4f3a517ac446b498876442dea705528

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

MD5 b2b10af6e07990804c51df39192ff570
SHA1 050ea70f5f4c4676461f46dec9facdd9a8930198
SHA256 e1d55e7fbcb77faf053972d4e6a553166721ac62bd83df05a30670c941290228
SHA512 4e4b26d39ac7bbd0b53e81e4720568dd2dd5b7bb9b591c230bddd9c9763b151bd58301daced47685f2b887ebab04e9e229a3f7833fb6e717254c03822ebc8bfb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

MD5 a09b4573128cdf9ee118e9e276d01cd7
SHA1 7a5c3e0d665d0ff7da9d2bfc342e5cf7d6b2272e
SHA256 3a05421c38076c0171c3f7f46521d681e87e11e6dbaeacfd58860ad5148673bd
SHA512 c7be976264238ee95b519488c8bec32e3c5d1ec3537d813df7b5595e3d05f075a22538fbba0fd6feec5a7c05e4098f04ada59fd4ff7dd03ca849f1a55486bd9e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

MD5 9a8e9fdb1d9fe002c73d008ec100868b
SHA1 15ca0a58132eb1f3314e1cc60580dab091dc2b11
SHA256 40446236d6cd5b9b2bd29175c3bf0a5e0c6e9bede6d897c054b3157a55100880
SHA512 7ed30f64e4861b5101731689a16d161fa95e5e326467ffb40e2c9dfdcfec9cf091d98af9987ea46b2ca2a56291761eb46ab9fd0a93912c9fa5370958fdcdb7d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

MD5 307347f839d3aff20a055f848a180bbb
SHA1 faad6d11f4df65378fd55c78e508c7d61fff5179
SHA256 5c0e59e4a65e374c105be83a72ab368c352725710620d205ea806b016e212744
SHA512 30d59708618e2dcbb69fe7aa6f4702aeef93ca3b328836b5c865409ed80cf605fb22b8572aa514978333e996df76d9a6919d326d610ea606f69ce3aa58e49f48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

MD5 f1df7431da0866efb701677e1a96e1ff
SHA1 91f7ffe416e3f2dbc2e3defec349944a72f459f7
SHA256 9b6a5fcda044d4a799f2df41a5c4572b8ea05951dd0f03f44e9309a316449e42
SHA512 f3fc48d7a465d2986d9efe3430abb59af91e3a9d03d856b9405f9b899bf3b6b4253732d5631f2eac5207b85a1c3cdd40cb611b50a1f11c378f69cdf5d00888c2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

MD5 c2feede87f6b0820fb813b2c31fa1b8c
SHA1 8ed9662199a0e662882c497647c7dc35170161db
SHA256 868913cc4c41810b8599a9f85eab0a6243a82f97ab279e3b6a6b4f4547479567
SHA512 7d3494797523f6071d1fd69b43f9b79981397f87c45918f9a6d990b32adf315dce9deb061bf6b3f61fd424a15a006e0fdcf6dc8cfa435afdc22cc9224c0f46f9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

MD5 afe2c593228c74e585760ff978d921d1
SHA1 8c838e77f10582d4434c28e217737698087090da
SHA256 a853d41daa0eae025a692197204a28a0b03d895c88b3a831e020b2bfc9a1f2f3
SHA512 5767f1b18418b69edce54dbd70d8b804004021623025a8e510de997314bbc9b1b32c0efef13a6f912bafcfb9b0e8933d301ad95626ca84232d195b7c057bdb4e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

MD5 1ccfec0095eafbfadaed6121bba85a50
SHA1 42138a9ad0f9100933ae9771a0570b388886130f
SHA256 233c7744c658121611b9a44ee51a360c515567f912caa14a0c23d330ca1156d4
SHA512 e707689cf462b6f89cb6d91acdf69ad1de4e15698688cc2697affb9a2ba1b1f45d12835d9fd76203f4d17265b10b4e3ee490e9f86514ce648978115a035afc27

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f

MD5 40565ae77bdd56c5065c3040f299cbd3
SHA1 326505677956a0caa2d8c422b300e510a0c44099
SHA256 a366a1cec37da47e00204083349df8c8ab365b666391bad9298ffeb692539ad7
SHA512 630930aff08acd9b76e3267597fbcd35cc74f4faf0180d8b164896b8ea0fa487f92cd054f0ba3382dfcfafd8a29d7b202ba4c291c6be3f2900cc4f64963d62c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 b09800abba264700a099ffc8280a30ed
SHA1 e7b45cb04557361f4736a7bd63533d87ca9ed3d2
SHA256 3d568a4aac6779408397cdb5aad0071805fdb1b9fc848058bd757271c3f5c8d9
SHA512 fff412f8c8ab5fc5e097a1f9a4040f68863625e96f11923aa4dbe8f65991db90bb2aa1e8d50a85a276edccbc370b8ed6baad08ec90c59c147c152a4e6f91de21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

MD5 76d5d8445f0f0313e26d64a1a3b2e7bd
SHA1 580ceb5b232fe3d278f47f4f602a0fda5d6f9b6f
SHA256 fd9a6d3dc4a6f6ca90c20a27420f8a68c4898441ff1237b96dedfe02fa6dcd67
SHA512 bbfa2c5ad5965f4426113f3f005acfe91fbddb917945cb8988b010efbfca13f768095cd1f522ddfebeb1437da9949bd1e9720d62396598674ecb209b1748eb58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000001.dbtmp

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3404b020714c36d7528b31bd85f35555
SHA1 01f22b34e281cec863fce44b957f64202e210f94
SHA256 149decff8a2677c84f06263a372682095361729fd32dfd12ec90629b9b185847
SHA512 630a546ffd6e86c129ba47b418953f937656d2cd6180fb7c2d5efb13a8bd2166ffb7d6582113eaa9ad9efb88edb351ff14830ec25434ceb9423ae1d9dbb7e177

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe579b27.TMP

MD5 e514d193c9e6f50ec9da007c9c59caff
SHA1 c9b2aad80a2ffcb5e0b9ee042122832a55f385e9
SHA256 59064e0108b5b9d1f431bcd59c5952885a9a955f2d34b2dd60addf1bc719d8bf
SHA512 61e9ab56322ef48d587379d77312ff1494ca11929d0b555ac6f7c7fb01f73582b18aca1b921fbc20dcbca0e51b681e5b4ad2a62cf3ee0551b29d1114728da6c6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\sessionstore-backups\recovery.jsonlz4

MD5 1bcbdd74ead84ccaf71294d573dca64a
SHA1 dd2b66cfd07ff26f30771b10ace2186c572ea262
SHA256 3efd175f73879732e6b00436ac0d6879b289ee2090d03f7de145c5c948170d63
SHA512 e1ae7c5f0274b22a65031c9972422cab883c14fdd7d5b9a38095225681331652c72a0cce756baba1cf932fd6fa13377cde4ee094cff918db5a55cbe28779bd7e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 e4b1dd4f4666ed9cff01686e01f62030
SHA1 42353e56d21af169802da7335a7a7fb1f2efa0d5
SHA256 a13559612756a5a405032fe99c4cadb946a41d4ba45dbb463d272324d6e1928d
SHA512 75b53ac0d02cfeb38c536310b58f474d4d1a5e06f8fd40f13e26bdd0d9e6d31f78d6cace900f5c268a1fa45a31a61323490e4e5f3e6b372c1ed419f181e6f009

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c97cbcd294aa8ba684dd5dcda60e40cc
SHA1 c202eb2b47b239af3fd08f555e11e7f949fc9338
SHA256 450b7901108563635188eb945eb4c416664dae4987236f736b377aca9b2a9098
SHA512 caad7694a0c9fe5862393c153c3ece915d045d5f0bb24fe10b14f2525f4b68b0a4564cc7bce85a5090581e9216493a5f78052085e5b84067624a34a009f80b46

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 4b974a6415255dbefbc97b9c4652c716
SHA1 f75d9f0861b88c0f2e37759e881ada39e18ff62b
SHA256 99910b4e11c82ed36422ef00bc7d22093c605bb4c27a9e757b9650ec3ffcf919
SHA512 e104e4e01bec7945b871f436d8468cca593dbc63b099d625f15a362f3158fc875592c51e8ec88d9bc5b1dda89d6783bff4abbb6ad8beab4c7fb8e35114fcafec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57a587.TMP

MD5 3961c77b66a8a9b5d4dafff03e2f9125
SHA1 2436b7a38a55364a41e27bb3defb7b93121874b8
SHA256 8dc734b26628bbf0f0336d9582893fb99b7116b5ef8e481f0ecfe428077d268b
SHA512 a855accf02318745a928b1eaf49b03ec062228ac7afbbf5df1d2d7ca0f13c6fd122898b598eaf93bdef4a930a2ad4d0b9113af48224c3ea330a7d28f84472635

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 7c0e34d6082945210aabbcf40199aa88
SHA1 fd1f9c6e97fe6a6d5ca5918ffd1d88c5f95884ea
SHA256 ff45b515d570205ed2337c8fef558a5acae5e6abfec08b5d4abf7041b06b8981
SHA512 6927abb00c48b3854c68a0d8733ce92c4785ddb776eba8bb7380e63a5e23b3c7aa06b548d4da37a65ae52accb09941844921728e98c3f2f422422bad383934f4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9dc521934aa5f691e0a51b6086e762a3
SHA1 8f260a38282f456074b3bbbfb7d8868980083293
SHA256 89c23541e9cba98248e47f2bc195e25245873727d2b747f27a7957ae4c336562
SHA512 44e706bf093463f954e2191410c2f54073f0d665f9a9e9238636e0ed6713f8b845b4ce7ad95ef434fdf357fbd01a459216a1ee97f8f9d410063a7be20a4d32a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c6ded87fece6920f7ec2916c4197de61
SHA1 9aeed84bf7c70e099dd5527b3fb356f71c145f08
SHA256 fb0cce37e8c7e7a15a7732a273dd755819abd2a4f57c914628be542fd9684416
SHA512 88a568b09f71fa63fc4278dcca59bcb0138cc5c15b42199754c53dbef34899acd26be072e0d0e9acd71ad781ef024cf014629a1000ae802882c7a83b40e62b35

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 74721631da6be91a3790fe38fce6bbba
SHA1 2cea163afd7f970c71730980720dacd4dbff4b6d
SHA256 e9d6b76526825dea45e26c58fbbbc4d7e0d672b77160f9334f34303dcf8b9867
SHA512 c964600fb62138cef1bb8d404eb35c601b48b8e817676808db4da07f54d24ee8794631b3a0503efd436fa5e35ccf8cb6c7139bdab6de489cb1189d49e3a32217

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 b5c8a9ab8b100247400931b400c6e97d
SHA1 a1213d14e47f579bfb0fc6ee8278c63f76a04b01
SHA256 893567e6c4186b1352850838193e63034315f6dfec8e6059ea4b7101cdb5b2d6
SHA512 ce496cac6f23d2e83699655f1168b3a3e025b2a8ed9f13a69fd4bb78db43dfc6b50ad277b82808725814a6bd85a04169742b354a052523cf9e08081a47f8ceb9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old~RFe57a95f.TMP

MD5 80373d0e1f1c805ede7bc3beff79e1e3
SHA1 35ec48d65ab10d6466a13d7c755b87da24ac571c
SHA256 d627d6abed965d1022903c9c1d802aaed24d55bb4f8b75bb8426c3e5c332aa32
SHA512 8b748c269dce3dea563091916186f9f9c637181f6d4c6c6849a9f0df8a012a42f35ac8fb9dc3339d4cc66f59b963bebb5678d41575ee75b65ca013f0bf0fc621

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\storage\default\https+++www.youtube.com\cache\morgue\214\{01b06b09-7f30-4c13-b715-36bc8beafed6}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\storage\default\https+++www.youtube.com\idb\1543534062yCt7-%iCt7-%r2e9s2pfo.sqlite

MD5 2570e19fe96e42cfb2320450cdeb6a19
SHA1 e0fa2e8383bd950e7a631d6700eb292d6b36c5e2
SHA256 146e6ec305cdc89d31e8708caf03ace9c85f9f6d4c8f8ee785a20fa3e1a6f4d1
SHA512 49650e6baf9f6db89e1a26aec6402987ca7cc2c452dbca816a8f53314327a02cabdcfb9141880399dd6139c4eff4e021811ceb34380665d63aab056ced9f2043

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 81ac05c6d01d84d913a56c11909cdc7d
SHA1 55f6bd5429c5a35ed53caae2cd50d856edcb7883
SHA256 b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5
SHA512 0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\storage\default\https+++www.youtube.com\cache\morgue\22\{036ad50a-ab85-4f5f-859d-2526fe2e1a16}.final

MD5 51bb0fe00991a2ae6707b3aefc583918
SHA1 21ec201ebf41ad57faaab02f7961ce5a746e6dbb
SHA256 97dc140355b2b45b54c3dab1ac66b951afae0bc742402cbc342be117f4424e0a
SHA512 41863cc0f1252366a5514dd62a06f4bba493029b8c7a35e19173b6d7f9114e7098fa35d284623b6641d28f7d7bee1ce99064987afc985dbf0354368f71f9a39b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\storage\default\https+++www.youtube.com\cache\morgue\114\{733b824f-f7e7-4762-a312-c12cef796672}.final

MD5 45e25bb134343fe4a559478cd56f0971
SHA1 79f18ad0b7e3935c3231ced0edd8ea3c7997ca93
SHA256 dae4dd8e56ccc952312b3b238a1db294d4d7ad4f532c31cd1c2e5f9dee881678
SHA512 9b32b125c4183fe992630bc6ce9a511157959556fdce53f8264aba2aa8fb7b0e53b408b505da2cc96cdec771470927e74cba3bbd6eb71a5077e9f933cdc85292

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\storage\default\https+++www.youtube.com\cache\morgue\163\{6463179c-8b17-486e-bb2b-8c8814285fa3}.final

MD5 5b0f165bbdb71faa1bb5b26c4f022e96
SHA1 704bbe81e0d8370e675246e1cbb347bf8599aa45
SHA256 b95a445bd9d295276e8423f1ad3fc50c740512a634f2115364217544bc87d44f
SHA512 6c521b2c55135ec98f79193bf9c62b73cfb1801cdeed03a9871878f677aacea46cae165a4290682768ca1c1192dff2e87b63c39228164d72d2c7abbe732f8d20

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 f850185521c327b3d102f4b47037ea32
SHA1 e87775fee0a3ecd3c436acf5eabdf41d0ca35639
SHA256 4a2db06443ff6c0a450952069e0c0f9ac5450a2d0a1efe6b8061eb36749e1ff6
SHA512 6f97ab1ab019c69d7f230355466e1bb058ddd44c0ae782da5022e8b5f8f95426e8a0ddc0999119a6c112b57285f2c6068db7888ff00fa847d67b866b30ec8648

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 61ceac108213c19ea66102d23d184fb6
SHA1 6eebaafd7ef73d28576dbfeca3900234b533bfb8
SHA256 d8ffe044f2690d3b83e44bda3e392eb7ba37e75614746de9c50c14ed940e6597
SHA512 f70d0af8f5ea7ad22a4be2d3494fafa50d9fb56bc2352c609f24115a8de96ab10bc3bc301e08633ff06738f3fe36501336f6600a4e8dee776063a1c2d499cec2

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\prefs-1.js

MD5 46251b50e7865d50a062c00688d366d3
SHA1 d483fe2cffebde17f47a41d2beae548db4f0c938
SHA256 c66251a12531bf24afc00c9947346580557679209b3a26a4e12079162a3b5f2c
SHA512 7268e2c59fb47fa8450dbb4d823be93f3fba6448251c68d300e68adef1292405bd63566a20fc15b19dcff9a1839f4ada1cae49e23993876d9b3f14298c7e28f9

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 e8e5866b54ea6b392aab9e72c1ad38f1
SHA1 32aac2e2d7c16d50f50ffe2648c142d8880b88e9
SHA256 22cc38637c831d71dd351dee9499898080fadc3b9d4df7faf615bb18e67a3865
SHA512 b4a4c6994bc9dee9b9ef25dc1c10988ea1ee360b6a7fe66bb52713bee8e5bb9bfde5b9a010cbb7080718d284d88fd54074bed1c21818e9d8f2a2048941ab987d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 d034e6b6cab3b9fee53cffedddf5c586
SHA1 47dfb5b2d230e01c9dbe5215458ce1b03a658891
SHA256 53107a9539bf8a5e598913d3e1ceedab76eb2adf40f4cfa1265121a9c409334e
SHA512 17536b75218f79718da75cc7cc6700d84c40cdf692fe232571b71d11eda1ce67ac71224111ce1ae84d26303541f3cb60070659473f9593c675a21bcae83daeab

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 5cf46c9838d82b36941355d0ce9c970b
SHA1 2d3ecd661be5f1dd55d292832b6cc795c714163b
SHA256 2e746273370eb61251f0d694283ba7c47f7c545eaefd17fbcc8901b967535fd5
SHA512 0779e6daac4b94f696701fd75f2d8c81d563d4cae24889da05713e3357b0e4243ed80c81e86978291e13b14dd1cafff8ecfd3d253618f70338c8ea7a61f3bccc

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\sessionstore-backups\recovery.jsonlz4

MD5 5491055ed22f4991c4a48eb8dc4385dd
SHA1 44be5edd061240e18809d1a9e413fb5caec9b0d8
SHA256 48c5780215972855ddbb09f68e6896ec429ba920299929c39f211643b3c2fc58
SHA512 9fed831a5997034819388b56ad274d5b6f3b88c88b87ccea128de7d6353338ea69a00493a39f14a14979c6170a7e52637430855dc5652435ab166aa6807fbc93

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 af61a9ae0f2add89c56c9af60c740ecd
SHA1 ed78a686e6961287f647ce3e996afa73d2cd1ea1
SHA256 d9ad3f18ab2a0e9c8a616c3e3ee2b064931c7d82e8d7aed4219ac262342f1f0a
SHA512 3944e194b9fec0447788bab03b5a4a75ba19d4e00c25e6c980ae1965c09faae600474757e84d93d56ca7b5591222694233f300c8a15ef7046f015f5ec7ee6a4a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6250b8d6196773c674bd7608c032f73a
SHA1 6015d1be16fe233402aec625b7abff811e9902ea
SHA256 bd68b23419fef8191bceb3a250255662b3c601b1fd9953b2bfbba98d9ad8dfbe
SHA512 17051cc9a118980792579b971789ec27bf3480b4f49254d81ccb9cbf1b936283cba1f5a99ffd0c5c1fd1cf922e273b78139d9b252c73952182b105261befb196

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ca0e967408ccfd3b5106bbf4d596e963
SHA1 60dd3758c7570693eff9ee6ae06599d5f08ffd34
SHA256 d504dd03aaa5b9c98ce33edeb1183ad0b747b4c29f024aeea9eb4ae1ecaca985
SHA512 6d7f05de3e3e95294c7b4def982ec0476a0b071ba1fbf2b522878839a1fbbd5469cab35f0e18a8d656223af353c567064fb64b7e20082d7e1e535145f50e0e9b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\storage\default\https+++www.youtube.com\cache\morgue\194\{cd0f8b43-99d9-4ece-8676-ca0fe73e38c2}.final

MD5 7981f433590b9d8b8a3ddcbd9d4a83ed
SHA1 58944a6101a8cd3e37574d26f2d03638c0fe2b2b
SHA256 097ca92e3fe122231764cb6d23deca18894c83cbd4128b39e925c88c061096b1
SHA512 67e541767b07de4f4a1b88b13c5ae2f0b0df41c09b22648d8681cd7e7cb2cc7d0c15f685f8d6165317fa5956687f46731867892d3e811b78a9b6df2eb3565d4f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\storage\default\https+++www.youtube.com\cache\morgue\161\{f8199ef3-2819-4ecb-95ac-6560346fe8a1}.final

MD5 f8a4486578289f338eccea68bf578c6e
SHA1 6cbd17168a35b3f10b74a28f1fa3a83e161a7e35
SHA256 264c3ef4f7bc3f390875ca49d87ec35f9c4f0bbb0eabfdb38073951253ca721a
SHA512 e896ce1bbfd145a4c38f7e81a8afb12c3f354d5632f24f26cf19e8b5f1a466fca8d098e7277a4c0979170c37be25b6cdcc0654ae94f46908bde1810d4c03c3c1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\storage\default\https+++www.youtube.com\cache\morgue\189\{b39d7737-3e14-4b7e-8c05-5978f9fe51bd}.final

MD5 5dac736054f1bfd6efddc9f8941f6513
SHA1 8d333e22dc6fa20e26c4732d5ff91c954433185c
SHA256 e1f390622425670904099ccdffe9b808e555fc402e7015697d49f9f22abf9175
SHA512 3ea570e7041a136d250e5e94c215b468991b70a6d6609ed27907aba24123e068e08559bbd96ca39a615a52dceccd524e3aa52702a8ad544f8a7b952fff935577

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\storage\default\https+++www.youtube.com\cache\morgue\208\{caeeff3d-fb7c-45f8-aaba-6920f4ef01d0}.final

MD5 cedfd917c042bfd5faea22058d451ad1
SHA1 5a98904fbf1c9bea6d27f75c42aa49c66db8c54f
SHA256 9cfc9e25c7e723abf5c14049886f33d836c6ab91b40218920efbdc864764f3f2
SHA512 5f7513b881549aba1fad170019ddf45e780ddb6a576e08365f4c9ab2c8bf4e7d2d5053b1db4ec6a2af570de21a182fc8981a0790881172d8605c023fbbbba4d8

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\storage\default\https+++www.youtube.com\cache\morgue\46\{d6c1ebb6-1e0d-49df-ae5f-aa81c040ac2e}.final

MD5 321ea72e49df8692233391c1f36451e6
SHA1 2f016758fc5830a806ed9891e574936db521c034
SHA256 8113ef313d8a5519df57034e29db538c65721112804bf1a1a446b8302ae7e0d0
SHA512 86d5a408e472a62c2cfcf69a5fadc122f7a62dae866a36fdc4a7381de6cc8028af4ba51cec9c827b9815c26f75db82c4813ab25682c728c1f03d3bfc7ff21114

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\storage\default\https+++www.youtube.com\cache\morgue\48\{f41d3ff6-4376-4187-91c6-7c588df50030}.final

MD5 2300eafff09d478fbf68f49fdafbff49
SHA1 12f127da15a69beece4f71f600975e0503c77ce1
SHA256 f8c94c9f9dd4455eb89053d024bfd28afa482a9c697732ce5acb2df3144e885f
SHA512 93d447b0a87e4c25dbca71a80a198693b12c684c0a96b370693d693899230460bbd8c85c137dcc0b4872bd2d85fd0d10bfe3f4137c1b08f01da3a9bbfa481447

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\storage\default\https+++www.youtube.com\cache\morgue\173\{0f1c488f-7f68-4b6d-a93a-0dce9b5ca8ad}.final

MD5 d0d1672cc7d147f9f802ebefdb01e914
SHA1 22ed7eb147f695ec1df8ae6f43cb7787dd0ea652
SHA256 62efa98b135e5ef8779b99489ab8200b60026a5b1000ff3c997f3be230febe2f
SHA512 7f8ef8af3f57a6aab90ccda6ab1079e43630de11d14a780786a1b0f1ab057d7cfd5ab512b53ecd8ddd1bcc669fa56a0c260b2df421db64e3855dee7d63251a68

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d11eabeeba9d72d5ae1250e2843f4b64
SHA1 a0e082262e7045022fcae12f5dbfde883fea2926
SHA256 d6ff16b37de1bcbf6d7657e73c56f908d33dda92daf601ebb3577661bde88ba5
SHA512 aa1818593f4a826a0f27c838a8df62f2aa07fb0a137929803089cb374fc9a6c10eb922e54f614d6c28a336a7def2331bc2964f219f94377861e0967aa2d443d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 f7568586e26a42dc527ea388c85adbfa
SHA1 1daa9fbaabf495fb7299fc0f43a579a5b5e63860
SHA256 b9ef4952da2e66a20bf48253698fd768813380fadb5ead72ed8ed764213501de
SHA512 996e6c854aa4aa6ba25dfbcac9bb23889323f23a32d591e207a04639969bd1281a279a45884434d70892139eb98bd1c44339dbd00ea2a8ffa41914d8c343dc39

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 e97c4351c95ac21197129cb34b0d9ac8
SHA1 e48273fd666d2782970b9e026ec177ee3dd8f714
SHA256 d2d5647bff7f23c9cec2320fd5ed4751ad75f90fe2f8e438d035ad2707ffd00e
SHA512 9e67c3773f21c0f6b2d98e34f9364d333e190e32559d3912dba44de2e340a0a41bf6bb73fc9275cf8c0e531d5b5a6ea4f51c7c478fe22864f2e570d7ab97fd3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5803e3.TMP

MD5 eb2e77661dde7e35400bcb88db92dcb8
SHA1 01f7082a912d4c7f2c3cac8de91104cbd1c534a6
SHA256 795eaa4b1e1183474d0290b993712257c115641fdc72371ce48f410e5d4033b3
SHA512 8c1fab878dfb18a325f08e7c44ae0b4aa43e56d6e079e18d56769d99c42c62c3b4636bdb86e5f3e7d7495afb5368a52949eafde33ef9e967782f984a3c7eb541

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 709f7544bd3e74c424113e6853948595
SHA1 a8c1d9e6c8493091727f0e303e45ab92b773343a
SHA256 0f2a35c8b824d54b483d0b2ea10964bb7af8eb6b1c86d40efbac4c55e1123a2f
SHA512 c2ed4cbb5e48d04eeb63c94d7d88acec5af101c2da003a34379023d8454d810ae357d0b4265da7027af38889fe307ca597f815111295ed62520f39aabeb2020a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

MD5 7378f426d93d2f806b536db7d5d1ef37
SHA1 3b7a025816a583f4d77e2d446666cec3d280143e
SHA256 d40eeb6f1bcee392df7288d7ebb484b3e8fc769fa52d13a41804d59573799087
SHA512 44fbb6d3b806dc28ad340c33163649a12fbae9bd70823ad39da45a36e3325efaea3e4d060702d0aa08f417592b7a512b967610e361b08101e7f981bb9cedea5d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 afcab1e71dc59a2a7a7cf500df31ee4b
SHA1 36c748afc8aa25bf51bda1b8010a42d672963de2
SHA256 9dc5cfd6dbfddfc6471eba1db65d1633ddac0b8476ae5d098ccbfdf3882a7ce4
SHA512 a7a6524e67cd4826a63f772ba15345eec89559d015bb6eb3f5c0a789e3ce012b542bc710c8e599021b1694683a325c5ce2540f7b868bd57de5be67ac4ca40b63

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g5azq69j.default-release\sessionstore-backups\recovery.jsonlz4

MD5 aab72cbf0aabce33110de5cf79ba75c2
SHA1 c9160a3bd1067a6e58c4d836356b0720c1f9e083
SHA256 7d891475f9a91cbe4516ee2c197933e06dea8fd4e00aa277bf39f5010e339b3e
SHA512 b44acfd1962caa957fc3033be1b5a2e312f61e76b6d9d87c3c8b045cebd8a169f0254c77835605b5a933ce81b7f2e190866e445bba73e2208cab72a7a24a52f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe581b24.TMP

MD5 b35d89dd21caac099dc2374d12191e71
SHA1 c6c4f657c2f8ecad9c64ffd6c2446bf4362ba152
SHA256 0cc19acde3e0398f2001dffc2652b56a14e2d9e4da1feda880d4ade84ddc3543
SHA512 8c7f45bb98e12802b082cc977d1c8f546d3aca6666802857a83afa72534007ab2c2e62b73b720e1f9bd570d547bfcef7c31542f895a0f63b2dff3cd0786fe3f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 f2f9a1255347618b6af8c04195f9fc2a
SHA1 c61a794032ff3706d21d1ad60f60bf256c9a7ee2
SHA256 9e80ef5b216b3fd4c5d96fbfa55cab0ba7e3df24309903309ba3f9ac35b30df6
SHA512 0eb3afaad12d42775c71257ceddb117e3c698f3e96ad4ce121971cc1386b258e1078feb8ccca3bc7c64670f328e401d659cee94d919e6cea994b0da60864a1f5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 23cd8b375a2260f90b5eac58f9681c36
SHA1 3481aae66e29c8d273c3a441a12f7c76a7ac4ffe
SHA256 a1130d8e08ee7595290c4a29b1772f29bc124b5d05e5a963dd28e2eb8a3e8800
SHA512 de4bfc4c8ef9fbb162497903edd46ff73dede37e9c51c7442ac2e5e947110a31053786d81e17ba293d6875e49a74878e6ef5080ee5db01d533e825fe869d66e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b3c703119b8c1b54be3c8e6a3846f6b8
SHA1 c1227b3fcccbfd15f92b73f74c871807da6fb77e
SHA256 8cc5dd2d10ca0c358964cc27870bc607a67cf7bb4b0b457800ba749f659061ab
SHA512 767a17f2b2728540a259c7b8228d93345cce7f80c21bb61733c2ee4fb41bb8aca9a3e1bd03ab938936429f6adc321384f398605e1fbaa09b47bf3bbcaed2213b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d7d824654f7cdafff3b38902ea73ce7d
SHA1 3f0014f0de95d61bcbb238f994ff140dbd4f3981
SHA256 560aad00b261e2fcac6ba1a4984a7e4bc95b1d6f87a499e59130ab3c567991e4
SHA512 652e96279206762db1b35a55a38cb7a159fa1921a8bc42e99fe062df801995b0ec699d505f9b561c8c9e8467ed8c1142b951e3e18660d381a686f9a089add5e6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 921c3f5714524d6783d162f8ef145f15
SHA1 686986c9114fe6989bc2fe1f6affa51715c55971
SHA256 397e8355134c139a9926cd84616f117b3f6f37b2a2f1ffd8e85c6a19f0f2f1c7
SHA512 540cbecc83564d83cc716410b2cf0336b88ad8c8ff52e4f911895fa51078a4d3b7beaa7eb16ccc22e29388d3e9ad04af29ceb58b296d8a29dd34710d6c37f91b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

MD5 86eac13ae042c5838d20274274d5d82d
SHA1 a1edc2336435162d57edd8e9a4a2b7ce2d693fdf
SHA256 2c700f68f9355697fcfb8a1be428158cc2937d2e0d01c0afbaed92cb2cb0c125
SHA512 313452f845e01faa3b45d9b37dd7db8bd1f2596684762d9affd50c1479c73592f06160f459c1fb11e4f7f38d185208b9c86c373f1abf34349daa3314382e337f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 4c44a4c4705e1e7ff214516345726b38
SHA1 c50da19ec6fbd99ee4c4f305e9ece188e0d19233
SHA256 7202e097880e3d2f06bd216cc9277332b95ff8b7d3a676d3ce89b869eebed990
SHA512 58c1de9c2d940b1d6195d96320c3b15030439ab71b1bf6a0d9e67c88213a3d1d29602a3079fbe4ce9cde6e6879020c05c237e1a7517c942b6c26f9da681da979

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 59da7c3ad9d862334cf8c4cd37e4da21
SHA1 16f13c5b55f1255f759849fabfd427da8d4a5e5e
SHA256 48237a026c1be226c22c7edfd156f26be62dcbd61d17879a56d5610941db5aa7
SHA512 7404d176d9b88d38fb6826d975ee567aeccbc9a16efa3c0872e28a22e03841b05d5a9c5d95db9c6430f200959d146b862e4d468766ced13381d92b9aaeefc4df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d8f4865abbaf6fde19ccf79659f910bd
SHA1 115deaef22722c10a8e07c1c40897b0bd73b3228
SHA256 44dc712cfa23b050418961dde04aea6c3712150ef665b09c0dbbc454b0e72ac0
SHA512 0a84a1f130f0c3cf7305bc33087de30558e72c963d2a74256f7eeee282bcf364536a2a2e54b0eb9a84eddb06a5bb3d711362a16ac141ed83fa4feb6bb5f1f62e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 8eb97b0a6c838c897894cd40da9ca263
SHA1 f8d67ff737792892301f2a886b10aff28b3b4c0f
SHA256 fd45506c7ee04e96e18c4a5df1c6a01828ff78500f42104c1fa973cd9e83ab46
SHA512 de8493ad3e98f44c6b188e1a2b6999c28c74ece26740943c904e0572fc16f73ac99362a5b063a1d2c1c1faf675101b5f80ec57a58deebd35a91a7d36973ccf09

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 be5ede74d4c9aa6fca7d4b5147393180
SHA1 5b0dc36c44843eafb6e2734d19eb981bcef8a095
SHA256 ebd8b21b7bd96e67a0b92c714fec7ce672ff79a78c5d5f7a58dc334858224ccd
SHA512 99aa2dbac43c929d5d84a1b1d6c8a5cd3c173e4ca55b0e34bdf9b1def4ab5443518668cc9d8c41e1df0900ad44a4024a3e5445537f931f989fe4887366e3812d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c5640446e0fd70904eb527e06d4c3886
SHA1 a3c035d9d3c1b53f066bfffc145c3653553e437e
SHA256 0100777428b51fdfb0986f36321bf35dbba61b16dc5c70435c3642ff054a10e9
SHA512 2a5deca69455c4e27740cf85962ba2292a5ff6e0836516e9cbcff02fa8ca091e495d154d38f5443ccc9098784aa5ba4f58b1a8fbdf45cfc9a9ddb5fd497746cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 f49c3e598c0bcead3cb47a544bf303bb
SHA1 ae1a8cc62988e12383a9e6b641c39ffa3eba5e23
SHA256 8ae50becd932a81788689f56f22fcde4cc04cd66b35f40ef601c26f10fc933b8
SHA512 2e105ec537bb1680dbcf33c6914406a76cae587e7a69df61a0e959b6b14a8bbfa65507340bb3ae5dc917bb320d6c305ef92051d89bc322b95d4ee585c408c643

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 96e2ca01ff5d120acbeca2c1567c2b50
SHA1 9fc80a8360eef8f0eb14e15e06d2adb97697df27
SHA256 178aee33371bd163ed609d3e824234325e022e8038369f6e58ca56f471d42391
SHA512 d2574be82a469dfcd534941acad6d5ba24f0eecc286002651f8b01c68aeee13133891e5680694387ba3af988a0b3aa099b8dbd573df9090bcd8aa7cbd590d29a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 8b32152c75584e923488a1b1f470ec45
SHA1 ec268d4cca61024dad6ea1cdf7a2aebd5861bb8a
SHA256 dadf5051260433a87ae93add08082aed51c21af60a88a3795ee6e95b1108df40
SHA512 0e83abdb01a53ee8ec52065773d244b5cd239282c2dc5963a46ee01b5ae524dbab30bfa511b44f1cc20ca89322279ac925db56f36fed4c7491f481b7bd1634fa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 288b99d6a8bd78554c82afcc140e2284
SHA1 d0dda17a1dae0537bd75251200ddb426eaeceded
SHA256 a2e5aa398e788c42c9dc9ecb3b70e8d1b0fa85f4d46238c32f2b185b73b5df8c
SHA512 b00a1f3038d756a1267139f54803449708b44bdbb52b31429d16adb6795029ad59b197fdd6306af1138a425cab9cbb9fbffe2703eb0beff8dca98d831bb5b431

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036

MD5 287b447915ca4017780e2fd8f63fdfea
SHA1 ac2da401f5214b0ff39ae08c3d5e62b9ad7f5cd6
SHA256 236f53b323cebcb1533417d0911de6af391e672eb543342d1e6ae93a4b25b7b0
SHA512 baf797686e8d4f6dd6d5e6c18fa4b2d7aef6bdac2fe3c4077c59148de23b90421353eb587bf3e326aebe6f8b8e686ca89f581a9686ef237dcab1a9baecc6b7d6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 e58369e0703e975dbb37d94ff8f00601
SHA1 7acae5f4994dc3af782812c8a93dd552519b32f2
SHA256 364cf10bc2f970e090a0fa6e40de40010cf9c86717c947954facf4c69f69bcaa
SHA512 e5e9a1fa18e0060bcad2cf1ab644690e9334b6ee4c8874c5738cd488dbd80cf72e80546e7155e30687a8bcabcfd46673868e546c1138c1f26ae1c81a4fab6ae2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 b36b032e2634336dc8c193af26776888
SHA1 0fa2240866062378a99fb4c020308eb4e70d3872
SHA256 fa7d203fcc7c72354eace9c467c06700a54405ba254c5406e1b90a745a383b15
SHA512 4fa9c2c9653c105d37048e643869d906b8101b22700d51171e50cd84fefcbde4630fbe1ca4acdaa7c006f2adca1640793327666f170789e172fcef421284e2ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 ac7bdefe7d5e388ba88efe22d6a6ed39
SHA1 275b9aef5effc0a64a9bebe286975f721058c36d
SHA256 80ae7b777648d47502512908d4edee390d7d9c77cd463e243d7b6c5c261dd8fb
SHA512 d4f552465444fef2736154b5a2e3479451af7125ea11661246c659cfe7cc38bebf742f68d103bbb2302e0c6b23c32bd32a52d7b147fc09683edd1648cb6f6dfd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 2c3c66b845abe9eef145ff6149e2bcad
SHA1 0fd2bd2235c726573cf233f9daba216ab11e45e2
SHA256 0c9d49e6085caff808900087a6982085b163947af32b8ca2c53bae7dd92b9459
SHA512 bc1c4f903d905f4a66b71d3aaf341db2940f9d0981a1996623658179d15809181864e37f610aff61361af4f2acc2918c4868704aef496721d95f47900f61d2db

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 bb9dc6e16c56d96de79222eec54a85c3
SHA1 e1ee087dc59568c2249d66202539a3212fb8954b
SHA256 c520b4c72c943da8fa80763b555de5a526601d81191ddba0d9eb53de0237093d
SHA512 5b450cc80275a38b5e1ad2801ddf1b36c6faac15e25b68da7a5449804ab8cd21f2f1d074c099df36be6aeec00dd8feb81d1cc59ddaf38355ddcf841984de958a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 fbae4575bb53146ac2472ddd98e07470
SHA1 dbb79d6bf98f6f95639b5ed8899aa687160ad184
SHA256 a76547c44ce8fa9c64236ba2e4e1913475372262a58d1551509cbf86a3d290d3
SHA512 cb4587ce12a219c2e7cc68b831d95eae9b7eb5710893837a85d8553d7ec1f1f45f5d1bdd8342a8f1494600f1594ac3d1a34abed5c0c1e4bbd06224ef8f643232

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 847ce4ba44780938ef077b70857a6109
SHA1 b7c0413ed4661490eaaf6b967d8fb97ff4ded5c0
SHA256 848dd20333ca512014d7d86aa931c509eca6e778d5d813c80e041ccdf242a5bf
SHA512 5b814cff1a3e91ad9ba4e4c13b2424cdd50a8dc37255f07c65eacd03d94c3853c3b174e4788dfe7207afa0433b551216c4c5492b555a94e7f824abc35692b984

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 04585af29856b18383a618f5172177b6
SHA1 a18d6efea7aeb883320a787054af7e42ef6d16e6
SHA256 cce4142f25acd8a0563e426143cd116ebae09e6d3134566ec59418b1d0185f0e
SHA512 f5783c3982ae5198c9b7e47f8a13dc77f7d4607bd7fd8791fc18d80c307e6b100a93374265e7e700863d2ebb46a227c504a942777c7be58eb8321d41e2e960c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 7b26b5e2fed3f2cd4d789234014e0bd5
SHA1 018146ecd020240fac1446bf7be10d80716212f7
SHA256 6294eaf9c93f6f9871c5150cd84915c28df2df6f87dd03b8cee3b4214053451a
SHA512 cb3a7b4a360d8ba6728a3c1075f9fe880b8621be9581acc256e7dfe988689473fb525ed81a0041d6ed6db30edd1ba22d91de9528ed48a91afc5db769bb07c066

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 cb3f45d184e112ac0b3d4d0aec5ecb6d
SHA1 52686c392e507a656c394d7257edbcb7cae3a0f8
SHA256 4d3f7eb558fe64234ba16ed79fe3b5a93c94c33c06755710117e4fca7813ed47
SHA512 2f9833ff06b1ca891dbb1fb2e36e302d5a912beb85ff9000fdfc4b942df071275c9f01a7219eab80ecee35ada8b53615440c61bf8afc2f8e5aae6d8e87d4aef5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 82034210e30af448526669568817862a
SHA1 0075d33a31677fc6e2efd4a7301a10fbe5203510
SHA256 1ce657c428fa90e213cec0f9f9e2e188410d7c55e59584590633e5ea23e23499
SHA512 b387d86f137b57638d862f7f4dfc05e879ff412dc660cf562ce0c18e70de7a9c8a38158fdcce36f53848db6359505c7c7a89ec063e13bab78c0d603fd14a3fc8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 df912f53903586fae83569c0f5a181f2
SHA1 5f1eb43e9b4428a7359775e43dd0660efc8b1d55
SHA256 2f2d29d60578d226dcd90e4593bf8ea0b3bfc58a8bff9a0c1105c6da3bb3ada3
SHA512 812e8b4b6105c89f4d78d56217bab51cb3a47e40f5c5e4569c0a5481c6a8dc93fa07df8ab087ae77d72093264b092deae3cf12b8eef7e10e4a337dc80dcc2a86

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fb9d53a4ebe69ba0fdc844403107d8f5
SHA1 1baca8bc54155be3b28e931f4715996f4fdd591b
SHA256 ed522ef8cc8dd9af1de19e86eb76d13d97f6d4cd58ff2e6ac564024ec583430f
SHA512 ab4fdd5a733c09b5a1a911d001b46715ee017da8a6c79eff4dc2a56d55208ec940b2f457a584dd296a95b872f7c90116c5fdbea08b23d4adf6e15c7942e26c3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 9662852a63e7bdf87d8b6806beeda887
SHA1 f8f9e7ed04c9c181661a4af2b8bbe84bee29b21a
SHA256 2a64e03749b9ca34e6e0dae3ae13c6b906a4d0bb29fada75a8fa9584f65c7cff
SHA512 ff246d1d7bc65c7e534e27211d9009aaf8c57fab998bc163109a3da84052c5db929f852a454c43c68ce590ba850a52f11afe7fa787c5537c4aab2fc95de034b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8cc0748e2790df99356bf0db07993a21
SHA1 6d3821ea8206ad7a1c67f3739cafb9922175e779
SHA256 74693959db78a8600ca5e739f93c3b38116caaaa3d94fc32fbda08a567181cf5
SHA512 b0d5c8239489e5530b500df290dd0bd3a27d7bfb2a6443fa8e637223715c6ca023eb98bcdc24473020219ac34e67bf1d3877260140b51ed1c647c1677085119b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 596c732da6351cebaa97d778aac5b9ce
SHA1 ff7a32ae10e8348111c32e0b2752394c555b4e4a
SHA256 05898f371a8cc0a2e49920bc3acbf5b3506bf571722d124db5f9d775df4b4639
SHA512 e2d75dad21bf0c810109ed4d6d08a78177a6dc3deda91deadf83f901658d0324966b3fbadf4b15f7c54773ee5f2e64e327d8fea7723f485a17275ee5164abd3f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG

MD5 acefed231b517ea693fdea0ff42b859f
SHA1 6d49aa7c574b5d35c74b1102f2eec8e092a47426
SHA256 8824dc23fa4eac8ed825d323c0f583c50c14e7c2c38a96530bad3dd4aaaa3fc3
SHA512 53cd7c027218ba193f4c8927528d4d028d6f879d98baa3d4a5cd46368149f2dec554908fd43f38207199159486e89c17d43f22205284ab148ccba78f31441f9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 ed52a08d906a4af1e1cb1f0a8717366f
SHA1 e4ee8b7939f5b7422abf2448e53fd2ca6b48d263
SHA256 aa8a05eb18eaa8699ae49d36c5b173b4ce36fff4018d4359c25e61034c5b8039
SHA512 e28b0b629fffd4493d8565f4b706507b46474c3e1916368d2c3ffdfe70ca79bd71d4561b4d778ad62e0c49c3192220dd43ae0cebfeb54d7753e19c566d4139e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 eac444939fead7785f2b0e7a2f9668a4
SHA1 9d0b7da65cf59781fe5331be36251139949e0cec
SHA256 1280f2e6e22892be515898612d4eb5f5662a1f107fafbcde3031a36891554849
SHA512 3b187a010f8363ad60a597da9d82d884ab29ed41ad069c1a0d148733587fae8f04b14d1bbc25763cb42100f191ae9725279c37fce2a4a1a445e293532b75a6f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 8ecb812711e8867c4201f03122760bc5
SHA1 6b2eb5f2efb6e74df0ceddee419b5b7ba8557192
SHA256 61752b5f607aae4ea1e6b07182f68697409e66bd7895f9875893a652227fbc24
SHA512 a1c2a3db881a03b60bcb00c16b30532ff363947788995550764d12244a0abefdce36d65bb741c649d34c7c8f2da9d9ff0ab465e427bf003154ea6bf7264edbda