Malware Analysis Report

2024-11-16 15:47

Sample ID 240219-g4aw8sae71
Target d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe
SHA256 d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e
Tags
google phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e

Threat Level: Known bad

The file d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe was found to be: Known bad.

Malicious Activity Summary

google phishing

Detected google phishing page

Checks computer location settings

AutoIT Executable

Enumerates physical storage devices

Unsigned PE

Suspicious use of AdjustPrivilegeToken

Checks processor information in registry

Uses Task Scheduler COM API

Modifies Internet Explorer settings

Suspicious use of SendNotifyMessage

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Enumerates system info in registry

Modifies registry class

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-19 06:21

Signatures

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-19 06:21

Reported

2024-02-19 06:23

Platform

win7-20231215-en

Max time kernel

39s

Max time network

154s

Command Line

"C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe"

Signatures

Detected google phishing page

phishing google

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff5600000000000000dc04000065020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{0FF3BED1-CEEF-11EE-9AF4-C2500A176F17} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{0FF85A81-CEEF-11EE-9AF4-C2500A176F17} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{0FF397C1-CEEF-11EE-9AF4-C2500A176F17} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DOMStorage\facebook.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2520 wrote to memory of 2192 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2520 wrote to memory of 2192 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2520 wrote to memory of 2192 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2520 wrote to memory of 2192 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2520 wrote to memory of 1724 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2520 wrote to memory of 1724 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2520 wrote to memory of 1724 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2520 wrote to memory of 1724 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2520 wrote to memory of 2940 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2520 wrote to memory of 2940 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2520 wrote to memory of 2940 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2520 wrote to memory of 2940 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2520 wrote to memory of 2292 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2520 wrote to memory of 2292 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2520 wrote to memory of 2292 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2520 wrote to memory of 2292 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1724 wrote to memory of 2608 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1724 wrote to memory of 2608 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1724 wrote to memory of 2608 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1724 wrote to memory of 2608 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2192 wrote to memory of 2844 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2192 wrote to memory of 2844 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2192 wrote to memory of 2844 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2192 wrote to memory of 2844 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2940 wrote to memory of 2536 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2940 wrote to memory of 2536 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2940 wrote to memory of 2536 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2940 wrote to memory of 2536 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2292 wrote to memory of 2592 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2292 wrote to memory of 2592 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2292 wrote to memory of 2592 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2292 wrote to memory of 2592 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2520 wrote to memory of 1692 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2520 wrote to memory of 1692 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2520 wrote to memory of 1692 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2520 wrote to memory of 1692 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2520 wrote to memory of 1820 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2520 wrote to memory of 1820 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2520 wrote to memory of 1820 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2520 wrote to memory of 1820 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1692 wrote to memory of 1088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1692 wrote to memory of 1088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1692 wrote to memory of 1088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2520 wrote to memory of 2268 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2520 wrote to memory of 2268 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2520 wrote to memory of 2268 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2520 wrote to memory of 2268 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2520 wrote to memory of 2512 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2520 wrote to memory of 2512 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2520 wrote to memory of 2512 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2520 wrote to memory of 2512 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2512 wrote to memory of 2340 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2512 wrote to memory of 2340 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2512 wrote to memory of 2340 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2512 wrote to memory of 2340 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2512 wrote to memory of 2340 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2512 wrote to memory of 2340 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2512 wrote to memory of 2340 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2512 wrote to memory of 2340 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2512 wrote to memory of 2340 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2512 wrote to memory of 2340 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2512 wrote to memory of 2340 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2512 wrote to memory of 2340 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2520 wrote to memory of 2348 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe

"C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.linkedin.com/login

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/video

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2940 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2192 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1724 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2292 CREDAT:275457 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef70c9758,0x7fef70c9768,0x7fef70c9778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef70c9758,0x7fef70c9768,0x7fef70c9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef70c9758,0x7fef70c9768,0x7fef70c9778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1420.0.1512873957\1689093659" -parentBuildID 20221007134813 -prefsHandle 1164 -prefMapHandle 1112 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {525d666a-9e3f-4d98-ae3a-e369a69cec65} 1420 "\\.\pipe\gecko-crash-server-pipe.1420" 1280 f8f1158 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1420.1.520858793\883468476" -parentBuildID 20221007134813 -prefsHandle 1492 -prefMapHandle 1488 -prefsLen 21610 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {06a797cc-4937-4fa7-83d3-a6a7bad55616} 1420 "\\.\pipe\gecko-crash-server-pipe.1420" 1520 eaedc58 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1420.2.1215734942\1979068583" -childID 1 -isForBrowser -prefsHandle 2056 -prefMapHandle 2052 -prefsLen 21648 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {686b8290-b0e6-4b03-906d-88679613213b} 1420 "\\.\pipe\gecko-crash-server-pipe.1420" 2068 19a91a58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1420.3.1097075227\501651965" -childID 2 -isForBrowser -prefsHandle 2780 -prefMapHandle 2776 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {14d0caab-d37b-4588-944c-6a0f90f0c89a} 1420 "\\.\pipe\gecko-crash-server-pipe.1420" 2792 1bc4d558 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1072 --field-trial-handle=1244,i,2013188973033536548,15083406951507721633,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1096 --field-trial-handle=1328,i,1622923310035315211,13641461778616541432,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1516 --field-trial-handle=1244,i,2013188973033536548,15083406951507721633,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1484 --field-trial-handle=1328,i,1622923310035315211,13641461778616541432,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1620 --field-trial-handle=1244,i,2013188973033536548,15083406951507721633,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1476 --field-trial-handle=1288,i,13879551881430839836,394574593249334250,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1196 --field-trial-handle=1288,i,13879551881430839836,394574593249334250,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2332 --field-trial-handle=1244,i,2013188973033536548,15083406951507721633,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2152 --field-trial-handle=1244,i,2013188973033536548,15083406951507721633,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=2900 --field-trial-handle=1244,i,2013188973033536548,15083406951507721633,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2488 --field-trial-handle=1244,i,2013188973033536548,15083406951507721633,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2140 --field-trial-handle=1244,i,2013188973033536548,15083406951507721633,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1420.4.1467141517\1984741257" -childID 3 -isForBrowser -prefsHandle 3736 -prefMapHandle 3704 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2d1b72c7-1d9f-4986-8cb3-753e88212e23} 1420 "\\.\pipe\gecko-crash-server-pipe.1420" 3748 1ee22c58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1420.5.1436092841\1463882373" -childID 4 -isForBrowser -prefsHandle 3876 -prefMapHandle 3880 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6816472b-5ddd-4893-89be-bd62dd0f139c} 1420 "\\.\pipe\gecko-crash-server-pipe.1420" 3864 1ee23258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1420.6.812850487\1854403415" -childID 5 -isForBrowser -prefsHandle 4060 -prefMapHandle 4064 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {88e52a6f-b4d9-491b-8cac-2be92670dd8b} 1420 "\\.\pipe\gecko-crash-server-pipe.1420" 4048 1ee22658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1420.7.77537143\1997100292" -childID 6 -isForBrowser -prefsHandle 4224 -prefMapHandle 4220 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {440067cc-f5db-457f-9463-17c8ffbff998} 1420 "\\.\pipe\gecko-crash-server-pipe.1420" 4236 1fa96e58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1420.8.1203487086\2002158272" -childID 7 -isForBrowser -prefsHandle 4260 -prefMapHandle 4340 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {136b341c-3d1e-4022-a25e-6d4de9d03879} 1420 "\\.\pipe\gecko-crash-server-pipe.1420" 4224 1fb53858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1420.9.1702062276\557024208" -parentBuildID 20221007134813 -prefsHandle 2756 -prefMapHandle 1900 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8587b51a-cc7f-497a-8c23-69783e4125b2} 1420 "\\.\pipe\gecko-crash-server-pipe.1420" 2340 16f4a558 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1420.10.94391507\1737692151" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 4732 -prefMapHandle 2352 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7439e87d-cb34-4c79-8ad8-8d576337caad} 1420 "\\.\pipe\gecko-crash-server-pipe.1420" 4760 1e01b358 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1420.11.16878783\1471071767" -childID 8 -isForBrowser -prefsHandle 4944 -prefMapHandle 4940 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 572 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {feb3dc77-433f-4855-95df-64bc1d684b86} 1420 "\\.\pipe\gecko-crash-server-pipe.1420" 4956 1ab90258 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3796 --field-trial-handle=1244,i,2013188973033536548,15083406951507721633,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3424 --field-trial-handle=1244,i,2013188973033536548,15083406951507721633,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2776 --field-trial-handle=1244,i,2013188973033536548,15083406951507721633,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.linkedin.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
GB 157.240.214.35:443 www.facebook.com tcp
GB 157.240.214.35:443 www.facebook.com tcp
US 8.8.8.8:53 static.licdn.com udp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 m.facebook.com udp
GB 88.221.134.88:443 static.licdn.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
US 8.8.8.8:53 facebook.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.35:443 facebook.com tcp
US 8.8.8.8:53 fbcdn.net udp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 crls.pki.goog udp
GB 172.217.16.227:80 crls.pki.goog tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 157.240.214.35:443 www.facebook.com tcp
GB 157.240.214.35:443 www.facebook.com tcp
GB 157.240.214.35:443 www.facebook.com tcp
GB 157.240.214.35:443 www.facebook.com tcp
GB 157.240.214.35:443 www.facebook.com tcp
GB 157.240.214.35:443 www.facebook.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 push.services.mozilla.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 52.24.144.241:443 shavar.services.mozilla.com tcp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
US 8.8.8.8:53 push.services.mozilla.com udp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
GB 163.70.147.35:443 www.facebook.com udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 push.services.mozilla.com udp
GB 88.221.135.104:443 static.licdn.com tcp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
GB 142.250.180.14:443 www.youtube.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.178.22:443 i.ytimg.com tcp
GB 142.250.178.22:443 i.ytimg.com udp
GB 142.250.180.14:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
N/A 127.0.0.1:49950 tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.16.238:443 youtube-ui.l.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
GB 172.217.16.238:443 youtube-ui.l.google.com tcp
GB 172.217.16.238:443 youtube-ui.l.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.google.com udp
GB 92.123.241.137:80 www.microsoft.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
N/A 127.0.0.1:49965 tcp
US 8.8.8.8:53 rr3---sn-q4fl6n6z.googlevideo.com udp
US 173.194.24.200:443 rr3---sn-q4fl6n6z.googlevideo.com tcp
US 173.194.24.200:443 rr3---sn-q4fl6n6z.googlevideo.com tcp
US 8.8.8.8:53 rr3.sn-q4fl6n6z.googlevideo.com udp
US 8.8.8.8:53 rr3.sn-q4fl6n6z.googlevideo.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 rr3---sn-q4fl6n6z.googlevideo.com udp
US 8.8.8.8:53 rr3---sn-q4fl6n6z.googlevideo.com udp
US 173.194.24.200:443 rr3---sn-q4fl6n6z.googlevideo.com tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.35:443 www.facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 173.194.24.200:443 rr3---sn-q4fl6n6z.googlevideo.com tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 rr3---sn-q4fl6n6z.googlevideo.com udp
US 173.194.24.200:443 rr3---sn-q4fl6n6z.googlevideo.com tcp
US 173.194.24.200:443 rr3---sn-q4fl6n6z.googlevideo.com tcp
US 8.8.8.8:53 rr3---sn-q4fl6n6z.googlevideo.com udp
US 8.8.8.8:53 rr3---sn-q4fl6n6z.googlevideo.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 172.217.16.234:443 content-autofill.googleapis.com tcp
GB 142.250.178.22:443 i.ytimg.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.180.14:443 www.youtube.com udp
GB 142.250.187.206:443 www.youtube.com tcp
GB 142.250.180.14:443 www.youtube.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.16.234:443 jnn-pa.googleapis.com tcp
GB 172.217.16.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.200.42:443 jnn-pa.googleapis.com tcp
GB 142.250.180.14:443 www.youtube.com udp
US 8.8.8.8:53 fbsbx.com udp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
GB 172.217.16.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 rr4---sn-ntq7yney.googlevideo.com udp
AU 74.125.109.169:443 rr4---sn-ntq7yney.googlevideo.com tcp
AU 74.125.109.169:443 rr4---sn-ntq7yney.googlevideo.com tcp
AU 74.125.109.169:443 rr4---sn-ntq7yney.googlevideo.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
GB 172.217.16.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.213.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
AU 74.125.109.169:443 rr4---sn-ntq7yney.googlevideo.com tcp
AU 74.125.109.169:443 rr4---sn-ntq7yney.googlevideo.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
AU 74.125.109.169:443 rr4---sn-ntq7yney.googlevideo.com tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 142.250.178.4:443 www.google.com tcp
GB 163.70.147.35:443 fbsbx.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 142.250.187.202:443 jnn-pa.googleapis.com tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5ednde.gvt1.com udp
DE 74.125.162.134:443 r1---sn-4g5ednde.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5ednde.gvt1.com udp
US 8.8.8.8:53 r1.sn-4g5ednde.gvt1.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
DE 74.125.162.134:443 r1.sn-4g5ednde.gvt1.com udp
GB 142.250.200.14:443 play.google.com udp

Files

memory/2520-0-0x0000000000D90000-0x0000000000D91000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0FF3BED1-CEEF-11EE-9AF4-C2500A176F17}.dat

MD5 f9fb58e3fcc43f9755e867db64428f9d
SHA1 5ba5acd9e8595a7ec9d6fb40370b2691a9bb3ef7
SHA256 390682f1790aadc4a558ece29692f7a3bbc2a630116222f6b92cc49ec28fe246
SHA512 f0b7c4f653b13ed583fa64669e5d2817fec04fef6c278ccf290eff7c95c9c22de402833b32eb464867cda43f14646a2b962e329a0f969f0145db93b5d94e2b72

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0FF85A81-CEEF-11EE-9AF4-C2500A176F17}.dat

MD5 988af5b37f2f768ed89924762f955e96
SHA1 2a95b20b459f593a4b691391626dcaa3f5b9b1d1
SHA256 a3a15a11e631239147635269ae73fa4bbae75ef82b49b2aa47da7f75c76ca5c0
SHA512 93a2c4de6a566dee669fcdb15da91c2b138ea2634597200eefa0fded40ad7275769bd60d2c1c939f901f21ccc7433fef6999970507f951baff4e039b23e113ae

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 42261a298da9dace5b5f05d682a27423
SHA1 80ce55b5ee3c71d81d047b5c03ba47f4fba1df76
SHA256 999d1361502a87b93794d4c21d65275c727b8af98fa5e76c31c13b3ffff3fd33
SHA512 5e556555e158fa88164514fee4a1a27b9d10e038180761de30ee8619d7e37b479cc449a5c8598b2cdbee3694740837505c64c0ae6319a03c8a91120008735ab8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 93c322b2f7bafdf918a3a65fafe1b342
SHA1 0e68b7b543e3f76f7ab10a29fb0843e36b44b111
SHA256 1327dbaa34dbaeca8e47f2ea080047fdc4ba92e512a5818618de5d0d75481b77
SHA512 b178a70a496362a231a14c79e485c8acec4c21193cbd38a3c58670ea692ee544ca5cb5fb8a1d2d4e5d2f9f33de54af12cbcff7c7bfb4cdb98858f517e579bdae

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 da6e81233bc6aa29ce663da9c667d405
SHA1 cddf77be69e45c4fd9c1d2ba4309714af1a18a80
SHA256 b6cf1710600d1a04a8117c78dc9755c601c45b8d44104d2ae7004fc8f5ba4bb0
SHA512 177104f1848d069581141afb7aeebbabf79f49874b8c419f97363bf1ead1483f3497ff7dad0dabffdf193a5f72569ae5a07b9f5d2a37eda74f5158af6b962bca

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c18a09b344f3ccd2a19f7719a9218e74
SHA1 4dc803ca7c8ee13b156a2339301f596bc0226d0c
SHA256 0c1b3b307d397391addb418bb2ec36fc57af5caee8490f9c4745945d86ca77cb
SHA512 e566b2f60ed507e7eb2285297df951ee7ff82a693961ac0f441c23ed3e1835364cad2bcd3770e48f19b55e237732ace5c2ffd48ece66ecdbe80a87850b74093b

C:\Users\Admin\AppData\Local\Temp\Cab9924.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0FF397C1-CEEF-11EE-9AF4-C2500A176F17}.dat

MD5 a57dab15b245b9710bc2fe2ce4326428
SHA1 072bf3a453fcbb3d982cc54953ce8e12d887c698
SHA256 a84bf2e510aba457c756b7369d2ffdf8b11197a44ca38d48f66a7018da79628b
SHA512 4d9aba4d5993dd4ae26795cf9a3eb7f65996eabeed6006a17dbaac6f5eaa20a518fb692dc567ef0963fcd9a11d62516929bf00c44d0390228ca85ef42de8f0a1

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0FEED501-CEEF-11EE-9AF4-C2500A176F17}.dat

MD5 1f0fff5dd10f81a3f6f23701119f480e
SHA1 26ca09d955a8109f20d1651e6e98189dde91657e
SHA256 358b8a6fc9cab67affef223e59d8e8a94cf6d3355290962b83f6b369f59739f8
SHA512 9b7548a3e23e1e1296c21efeae124dc65386323ced4a30dda77d31a2cf9b289aee6840445c91b8f791c113feed933b65b63fa5263f1bf30b6ccbe08d994fbcbe

C:\Users\Admin\AppData\Local\Temp\Tar9C60.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c3befdf7daaeb446c22824917d327791
SHA1 b1ff63eb3e33e49978409be8a94d16cf6b22d6b6
SHA256 61a260ebd3c7bec29866dbf855b63c4974d40185cdc4d36d67c461e2ab7b59ba
SHA512 4ec6bc03ed49c549808ebeb8f6a2b9efd4bcd6948bfd079b15d15f05183c7156d672f19fbb296928355b65283dd56973faba37177cc4307fe77f67bdddd3766f

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\NR3HO709\accounts.google[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_520FA7AD0A5B7A5300910F5BBDCB6D0C

MD5 0d475a764f404e231206bdbc20392613
SHA1 08adab374d681c8a2e385dc1aab1f8814a646d0c
SHA256 dbac3ed47e9109bf3dfc043aa2051749ec60abfd9491abda7dc840785121907d
SHA512 49b63bf4ca2f0e5fa337d1b1cc257690bb14388c19476893ac4e490e3eca9ab1588fbfd1842ffdc550c72decb593950643017813070c0fe7a7f685e2254a9775

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_520FA7AD0A5B7A5300910F5BBDCB6D0C

MD5 aaf26513b1b89691faf489b535e6b63b
SHA1 3a35486d33a60e1db905c1d9736091e779f942a8
SHA256 c6c19ef27886722ecfd0594ed63b3c84a1f6b1c856026c52c8da818288962601
SHA512 260b469737f0f3c611adfdb3aff89a8a79b51e7f5f56697d240caf294e8f8a54198269357731cdb71348f1eb3b2e2a602e1377f7bb54beebe1c9d6e82cb87a57

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\53STNJLW\favicon[2].ico

MD5 f2a495d85735b9a0ac65deb19c129985
SHA1 f2e22853e5da3e1017d5e1e319eeefe4f622e8c8
SHA256 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
SHA512 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0ptx2pp\imagestore.dat

MD5 e3b29ddd775b9b9a95ec8e4127f1e92e
SHA1 059a124bf35337b3d348f52560c5ef13d624735e
SHA256 fda41265231a12927d828685b49415e00219a00e164b4f9933780b5580ff7cba
SHA512 cb65f0a07fa89d46fa47ed799baaf13ac31c9f3837748f793c1b7594ea08cf975642a527558b206dd8a12670e866b59d53de78a15fa7db687ffb61b22da06f4e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fa24896f7d851622a372a9bdfde8c990
SHA1 96a17909d157f39d8e499a305d4b25e766f6a1d9
SHA256 88a70e3cd326cd8615514c393bfc9e746a7e620c85f238c6ac63541a37539fa5
SHA512 9c1f6e94468d3561ad3deb6fbaccce065f55d142d70f4eeef64c078c8af80d842b158f3112564af5aeed5798b629bc0628122112734762884bd47dda5858d0e2

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\CD2CSEY3.txt

MD5 624db484edb508ac2059d22cba800b1b
SHA1 9dc2af8f71d56997b37bc387e19fe861022df940
SHA256 63ce26893341feb8d08effa004c1383aaec1b3120688ab09e05c9463dc22ed01
SHA512 7eabaf2c5d181beca2822c2fe6a925b0b154f883ecc554f2a536fee0971533247d48aad0753f77b718aa8c77de98d16bd4e72df5c29271636089dc0f3112e1fa

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\53STNJLW\favicon[3].ico

MD5 f3418a443e7d841097c714d69ec4bcb8
SHA1 49263695f6b0cdd72f45cf1b775e660fdc36c606
SHA256 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
SHA512 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0ptx2pp\imagestore.dat

MD5 b9e463471ec5492a07d6b6bc1acc52db
SHA1 0365827411688a2be226eafa43b3978c87ead102
SHA256 37dce573e79ded51bb647d6a5c4fefcc3d293a5f1b7d0de71c93a3efdbf8ba68
SHA512 d06011e006c59fef354bb66f66ebb28be9d90f128f8cc0fb686cb5d97e6a9eea1556b22a2e5b8dc6d0da45f2442f7d9718835026fe47e0af22006ccb7b32737d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 58acef60e4b21d9ee00f4ac1a7c2432b
SHA1 b96e3938cd0b7e817290d6c48e29f8cc14ca38bf
SHA256 f4bffcbce74f40bdce46840134586134dd13face0612b3986af2af228ee30ec5
SHA512 6a8ab76cd32d96c67736849ec4ab8e6aa2a8a46498b0fe51065754d7337011e489d0c78d11e25b97d6989b36f50d9d6206f3ea7bee5bdcf8b3ae9b4f2e4fbbaf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_77B1CCFAF3D0516ED1D1368847DAC1ED

MD5 d6fc6eeba47c9863e001cd20985718c9
SHA1 ddd0d38cb425420ba30911b9bd5ad0ca1b3f2734
SHA256 4c90b0e59d714bd7618e7f5ec9a1bb1d287b3e796f2c33cb4e4a0be0528bcca1
SHA512 6b6190803663ecf9ae7e05a6b00479b3fe29f785ab56c4b1015e894c928e6913344aee5ba9d8cfde13893086c874b50396f8f3977f3dc2a07f900e7677f62865

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_77B1CCFAF3D0516ED1D1368847DAC1ED

MD5 a3cd08eb3bdead5bcffe5edd8b78a445
SHA1 0690821870aabbb491ebbf25ae7707de62336f3e
SHA256 e0d5059439d49458ddd35af23f868747e1091aa6f3c685d2a72d88d1558d2ce5
SHA512 df398a4dca12353bb87935f5861ede5cae5da3162e7690337e81c9aac6c6ba7394edf46bb4c87ba9f3bd1935a601c35cce1c25dd077e29303211e0b35b9b7ff7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9eb8f6128ce09f370e9ea51ce9447a62
SHA1 78543ac70ae4010a54f579beee0f2e8a6dee1731
SHA256 60237cbee9c1bfe7f6ab76e08771cd7b18f573fac64b3fd3bf4ac923b1c61081
SHA512 17265f701cad1668052b9b5d1e3e83aba645cd5d4efa843ffa4587cd94bd60f7057853fe837ea49363fc463aa2c1a071a0e356f83c635bb1ab2db1f336ad7a83

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2e660b19837665749af62e805f5d338b
SHA1 1f053916257d04f55c0ec0a20232d51601d8fbb9
SHA256 45a03d8bf41c5cba2c33f08e97016dfecbd87228a223b9b1d5802015c02819bd
SHA512 c638d4726c8461ff7dc8f0ef36577bac21b1381fa8be7816b45aa3b13bafff1d3ab910ad129a3e855b273a3638795addac20a491bbcc0d74da0168d1471c8bfd

memory/2520-639-0x0000000000D90000-0x0000000000D91000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 6ceed0c88ffab51ae4b831f53ba82b6a
SHA1 3f6500fa70a8f4fa4506551868ba008b23e3d6e4
SHA256 6efbe2390fb6d125e1d4d26f2c4ac6f9130a3dfbff7da0e60f31a9e11d697ef9
SHA512 0bd942ee8e7ca33fff6611e6658001480b707137cac3932ef73de61912caa26eea6479aeb64f9b87eaf306c3dbcabd07d1528b16e11524dec4b3dba7e3c2b2ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\datareporting\glean\pending_pings\057b9f2d-b023-463c-a487-dd2163d08e84

MD5 aea05ad2f06e809224ae3d0f6351e140
SHA1 45c4337f8331546117f69fb41d02da930df02272
SHA256 aa428890eb317289be88457e129f004ec6ea7318b0b673061b7c8ad79c619306
SHA512 95a0a3458dd5d447f9f20ad71ec02f3ecc1b60bdb58f3094419117e7025a11d4254a708f236fcf9656b190f673fcad6aae546f37d22e442aa549974b210cbe90

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\datareporting\glean\pending_pings\aa7781e1-feb2-4c33-81fc-c38530cb76d3

MD5 9768a3cde143f33ec56536ab78b66460
SHA1 97eafbab66f73aad2729aca30c3d889709bf7564
SHA256 61f708f812d6a3abf277ee933ca6a96432f673ed6e969ffc077ea97e614926ac
SHA512 e1ce1c0759fed4286821d5995f9c7134cc22bbf6c68373c5acda9149f37e82edabb895ef99504dfc8474f1bbee9fa9aac614bced1f893063ef1e3b5bca188e91

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\datareporting\glean\db\data.safe.bin

MD5 8f78a3f20937553c7ac623b04171f9ce
SHA1 a0a8a678566c443e5ae38ddea4c40fd57d537a9c
SHA256 d515bb71f88ac4914765cd0c43befe8fe51b8febdd096448c2f523071afa7979
SHA512 59924c31aeda5ff9504874c7fcb49f18a8355018905871a64a3e5ceb9a034103250fbbda6353b26ec2244df5a6a6824c6cb7610f3aa1e866e09602d4a640f58d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\prefs.js

MD5 53386342fa86ad9903b6ea4b5936d292
SHA1 b437e3574b9911a99fba9d33d6d9e29e28694936
SHA256 16453dc79955f1b759e856437d0ba3c7a3bb3bc84c04dad911b2333a196e1705
SHA512 713719df933f6b84540298faa4b9ac808fa10d6ba81cb9cb79e994b31fa1509025bb345f472956368f83263bb9418951f28790b6a4815bf56902571ade5c0929

\??\pipe\crashpad_1692_TBZPFCMCQXJDFTZV

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 f3965fa95e06684299ae35f7eeae247b
SHA1 dcea011cc74fb8b27ff8273628b85ffe2b004bdc
SHA256 e039c3e5800004b61a2ea06237d6ea523a8269f52e15860d4afdb200958b472b
SHA512 2d4b46148d6d508a24c8477c6891b732341cbeaad4308d40fda778d8be3aa0104628ddc0b0cef3be5fca6de17e2a8959cebc06fa65b09bcae83fce0fb4b49f4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 265db1c9337422f9af69ef2b4e1c7205
SHA1 3e38976bb5cf035c75c9bc185f72a80e70f41c2e
SHA256 7ca5a3ccc077698ca62ac8157676814b3d8e93586364d0318987e37b4f8590bc
SHA512 3cc9b76d8d4b6edb4c41677be3483ac37785f3bbfea4489f3855433ebf84ea25fc48efee9b74cab268dc9cb7fb4789a81c94e75c7bf723721de28aef53d8b529

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State~RFf76fc59.TMP

MD5 c743763251b0edb189fdde92f8b61e5b
SHA1 f195be9212753121ac7d6cec6a6e343ee3bf03d6
SHA256 ecef266556a4861f73c27766b69a77e7155103e8c460e8b1b2e7519201f51816
SHA512 a7d6232adc2dc2a740f4be92a4b9b847eefa8e951279ade7a004b6e3209613d4b0bfd1edf34fe2b3dce7f4ec4875fa51c70d4737d3bbd5d1abc178d4da9d642d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\prefs.js

MD5 3eb709c0042144800ab70ebbc69d8669
SHA1 2e0d3f41077a17b916a2de6e452408cb0531a8c8
SHA256 e4272c4dfc75f6da3c5dfc8231f2fb03398422740a02bd23b4c495597ee07feb
SHA512 a2401bba36d8c967c3a743ebb92906338f95f8c5c5c88ecb91641b75302476da9943ef3a52c91efbaec97a50a7086a74f2f855d988b7fecd72a9ed0e783b9834

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\53STNJLW\favicon[4].ico

MD5 b2ccd167c908a44e1dd69df79382286a
SHA1 d9349f1bdcf3c1556cd77ae1f0029475596342aa
SHA256 19b079c09197fba68d021fa3ba394ec91703909ffd237efa3eb9a2bca13148ec
SHA512 a95feb4454f74d54157e69d1491836655f2fee7991f0f258587e80014f11e2898d466a6d57a574f59f6e155872218829a1a3dc1ad5f078b486e594e08f5a6f8d

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0ptx2pp\imagestore.dat

MD5 5382d222ea21aaba54021401481a4a21
SHA1 ea26e73dd788bd9a50983419ba048daa6ad4d2c8
SHA256 6d9788616dfcc936b0a8b341ff76c6062ac99dc6eaf0872a38e78624e6a6f5ef
SHA512 ba2d414d6dbf8d0f8e9ad0336b5ffac3503a2dfcb3d54aacd233262dcbe241d0c31b98ea2e0e407d8981e009aa06e7f26f1bdf66b066773fda12f87326f3840e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\sessionstore-backups\recovery.jsonlz4

MD5 ed828ca69e34f370f763157281817a05
SHA1 34f1125b21f98ca6655a53197971184cb440d3a8
SHA256 67e55ada6620b7d0f6e7d2b86e69d37d76b4401b3ee4a6f79b153672fadec3a7
SHA512 f1fdd5dc70f7044dfcdb2bf6b60bce06f6b8414da4a9cfd819eb530fc641fa6af1896471f55f80ee73cf3dce6d0ca27eecdd0730a5c9a389238e482a35d9c5f6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_B88EBDD1C39B7C1DDC0A20A63167EC66

MD5 c28b317f409273fde133bd50a9fe4e4c
SHA1 d1d3fd7223e8a9b52c42f12fbb3de1e0d39f0ff9
SHA256 e29eecb0814d74fe773f9856fd20323533b274197a1781de036caa14086f5235
SHA512 b53681b8d1be79a64dec020444a25b7bd2c3044951a5a17a7bb5b98ff1b31f3bb76d906cc4a0826a18c2c650a9184c509fcfe78008e944987299b1cf8b5aa885

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_B88EBDD1C39B7C1DDC0A20A63167EC66

MD5 99064081ec30ea89febe17e4267ba0bb
SHA1 4018a7661395b6a7f42b147130c64cb976f1af8c
SHA256 0c2176df3933b4bf50d1711acc9c0826fbeec270810d23c77351e16ab96a3274
SHA512 116e1edff6c640d32e7268190bcefef881070f47156a649e5ab8bc026fab5d3581d49d7ee8b3b2c19037801ce32ec8cab9ca4d266c59e5a0c017fe49adbf2926

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_8F986B155B6342EE1ACF678AFF6889B0

MD5 dd0e7a365e693c451036b8cbd84d6351
SHA1 2881d46eb9175b41aa73038a95bfd09e274d1b65
SHA256 d97d69b4b62609977dac8c6d648af27ce3dfe5acf67b1d6c3e591312e6ec33e7
SHA512 bc85fe30e03470bcf94afd12195f7e3c134de8a5a829005ed065878863cccdc0c0de7fe3e07976ec23850bf957cf564503aced31d32794dc3666eaa3bda00cda

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_8F986B155B6342EE1ACF678AFF6889B0

MD5 f97d618bc6f9075489e980313d743535
SHA1 44f9c23ea9392d7585b16f1d13a768cb17893626
SHA256 c263bf8683424bb373c3b658a06e3cf58970ca2f5ff81a130b80d64274e58376
SHA512 eed06c6761b59f369653fc66636b0d500fbd623a2c23c79fe27559c1166a276f111e592c9271b4d2b27324cb0dce41e9dc5aa0deddbbc3145bd9d99421ec8ecd

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\prefs-1.js

MD5 5db2c239f4aa1331eb61a3e289bad943
SHA1 f879b34fa6120da5b514cfdd7d03b51a407efa4e
SHA256 25c1449340cc7180092e17cb66e33ecb0ff2838b14ec4ed49707b471ade73dda
SHA512 972883f4e189bdeaf169b2e49141eb6ce06c308856712aee162134621836286bc18cd0275f36b1c74407f90b48fc9019640b3576a6b597b2178d925e902b5370

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 41723617c7cc6a9b945a2784edfbb614
SHA1 e21fddf97de22ab5b4d60ccc2d71f932a6a9008b
SHA256 0cfff88bd1a5aecca3e3e9a8e2f41178e0523dcb1e89298ea4a98da9bedff507
SHA512 b1497b7f77d7609d4be2b11e0884e71ef53c8011c3715f2583bee40f34ed3a8f21498301cb0a083922d3ebd9d01c23178ac26de81a71cd78400ed3d801e3cd5f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_213A1FC67444E3E9CBD41E0A7B4B61D5

MD5 2bb163291d180858f6e5a033e17b51f7
SHA1 920a82eeebe4060d8d0e1d128f21fa8949a76a11
SHA256 d34746f42a10f4b2483d7e97868e729ca95c607a6808968b8fbc988b45588fbe
SHA512 a0861f5192533ab724c80f01dd48c04a34e9fd03f97477c7b0753a43b7a04ea037e5d9f5eb0628273912fa873f6e97ee29949b8a604faf65c9b0c2ab4693ca78

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_213A1FC67444E3E9CBD41E0A7B4B61D5

MD5 72e2b365b4b0ecf232866db46dd82e57
SHA1 7a39b6a0b8ac62ed4a458ef65f12c6c8ad5bb87e
SHA256 8b8826d7716f861537b991d0ce0c400d4d0e7ad97f45b2d39227ed8366cc7efc
SHA512 33f7ce942dd897928d01223c4318d7adba6fd3d9f423f5db800bc62c761085de61ba0bf622984969c6d849737f7897a9817fbf3331d97ad5a073d0647e5f3587

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 deddef559d60c2db9583cd1b13c19172
SHA1 6237fc4293d659d2bbc6351df4404f3bd5b895cc
SHA256 b14b9a501b2bcb5682196ce24a6416e5f116018d51150b27091c914e82862ba0
SHA512 d988fcb04f93218614043e4e527c11d4b65ee063f495fdbc66d6a2066f5a969b18386806150f1f4ef16dc77e5b290e058cf0e21c22745f3cfa1446ebac6f700a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2cae12d49f56cbfa5295c6b27a537229
SHA1 b580151ae3fcb9b5804a5a134e8f4374a0160a1b
SHA256 04050da5a0cbdf98d7e64b2f20201deb4992cd8dc490dab61ad32b74ce117f01
SHA512 6319d82cf6a15f62dbd91447f6c542f2bd0693373015edba127a5c50fd503cec3e8b89e8ecbb7c8f44cf794e0f84ec6a7d8e07ea34c730205cd659e449824253

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_520FA7AD0A5B7A5300910F5BBDCB6D0C

MD5 1691c235e1d2764e9b678ed51172bdb0
SHA1 be23c7037350443a09adaef6ea254dff53c1f06f
SHA256 3ea608d20c41212002367222fd22d397e0260e6c9d3fd2696b38c381e4baee4f
SHA512 2391a13890087d2dac56e45fed1c0865981010a2d6c1e040049c005f9c41ae48b4099f5bf55890a83c9e4c37bdac49bbb6a28b89ad2018b0b51b5cad3955793c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c26ee83798725365afee040865ce83db
SHA1 21d15fb8d133e8dfd4eb0a02a273203cff4c172c
SHA256 7086e0f5c1f65293b566d1f4db76c2eedf3b2c417e56fb2f0b48332caa8ffefa
SHA512 35edbe2e41020cf71e2d68312c81bbef80fade01063fcf514158032c86aefaca4ff19d28fe4a76ddd4035f5717819937ab8b3189e087dd18052eda3d93b27f56

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\sessionstore-backups\recovery.jsonlz4

MD5 7e713bd514bd4e643dd59f468b8ecc9c
SHA1 aa0ed5704cbc617dc5de616bfa511fe8084388da
SHA256 eeac19bebf01040021adfb64c7760f29e55d90122d45a3e376fb2f5fd0acd3a7
SHA512 8ff285bc8e6ed1f45072a1e1e6e3fe5356074c8a128a0918e9129cd9b5e729f3e8d921321e102106903ea33afd281c75777aa83ca02c8ca4b190155b8a4da456

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\cache\morgue\89\{78819256-b021-417b-8c9d-f9cdde42bd59}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\idb\177570639yCt7-%iCt7-%ree2sep8o.sqlite

MD5 72ce1ac6dd9a19e2d42cd5d1c83c3ca2
SHA1 800f9abb0f892ebce512f31ff84403af9ce8061b
SHA256 eaa2c68346a8dedf5e48e696565aa836663d2cbb6ca43b7286a6dcc7bf60ed39
SHA512 be3c00347cce25f1507fe5aafa1d5f924ed188d7e9f9c7bacf106ffdccf34908b7640827932d7885f67e2f02b18927a8b2d8e6be62d465c88b33b91a472ce57c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\prefs-1.js

MD5 abbe6d9e962488194704b675b6a398e5
SHA1 b6672c4d349c44a771195ddf2744352d96799713
SHA256 dcc5c306e2399548fca01b2e1a3d48e013ef6dd1e1feb1f4e4ef24748c02bcbf
SHA512 63dedc90c2e9f784ccfe331d267e18c34a51a118d96902faaf05d964b8e80939db84e926fb4000e6be388bf4cfc29d44262c9af96cb03ddfb2e8cbeb7d7cf00c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e9a90b2a54d949bcda3c33e7328828a6
SHA1 5aae9a41844ec08303bacd63a069ed09f642ca5a
SHA256 8a79aee7329148114c72d5e7137cb1675a70a3adc1a0566b31c509da7ff37410
SHA512 6503ef36ae219b250ecc7ecd3c76e8c94669c93e1b33150e45dda3593e06b04cc404b9be47b1c7f01a609cb1f386f5cb9ecc41763fa02306e2c1242d5eda2e82

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf7782b7.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M2VO416U\4Kv5U5b1o3f[1].png

MD5 a81a5e7f71ae4153e6f888f1c92e5e11
SHA1 39c3945c30abff65b372a7d8c691178ae9d9eee0
SHA256 2bc7a47889c56ad49f1b8b97385d5a4d212e79bb8a9b30df0665a165f58b273e
SHA512 1df32349b33f6a6fcb1f8b6093abd737fa0638cdd6e3fd90a7e1852bd0e40bc2633cb4e13c4824fb948d1e012e5cb9eed0b038b121404865495d4e57e123db69

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0ptx2pp\imagestore.dat

MD5 617dea2be8d2f042e739e8a67580a25c
SHA1 1ca71ab604e904f484705df76839df64fb7be1e9
SHA256 10ac425e3a94d1536385f3dbaa5a2093b5375ba89e694514f3843a20458b8f10
SHA512 177c1526ac6f0bfb4fbe036aae17c7819c8f827ab83fa8253529f73caf654332bdb7d6c4cf02274224313a3dcc9f58705b346f1664c7946363b687be16fbc975

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\cache\morgue\170\{4d60688f-7cd5-4d3b-9313-405c345b5aaa}.final

MD5 2300eafff09d478fbf68f49fdafbff49
SHA1 12f127da15a69beece4f71f600975e0503c77ce1
SHA256 f8c94c9f9dd4455eb89053d024bfd28afa482a9c697732ce5acb2df3144e885f
SHA512 93d447b0a87e4c25dbca71a80a198693b12c684c0a96b370693d693899230460bbd8c85c137dcc0b4872bd2d85fd0d10bfe3f4137c1b08f01da3a9bbfa481447

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\cache\morgue\123\{807ff4ca-4394-4351-8c17-14bee44bea7b}.final

MD5 321ea72e49df8692233391c1f36451e6
SHA1 2f016758fc5830a806ed9891e574936db521c034
SHA256 8113ef313d8a5519df57034e29db538c65721112804bf1a1a446b8302ae7e0d0
SHA512 86d5a408e472a62c2cfcf69a5fadc122f7a62dae866a36fdc4a7381de6cc8028af4ba51cec9c827b9815c26f75db82c4813ab25682c728c1f03d3bfc7ff21114

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\cache\morgue\46\{e1c6350c-abaf-427d-969c-7ff179497e2e}.final

MD5 f8a4486578289f338eccea68bf578c6e
SHA1 6cbd17168a35b3f10b74a28f1fa3a83e161a7e35
SHA256 264c3ef4f7bc3f390875ca49d87ec35f9c4f0bbb0eabfdb38073951253ca721a
SHA512 e896ce1bbfd145a4c38f7e81a8afb12c3f354d5632f24f26cf19e8b5f1a466fca8d098e7277a4c0979170c37be25b6cdcc0654ae94f46908bde1810d4c03c3c1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\cache\morgue\132\{d4229868-f06c-431f-9f61-9ba2bb910784}.final

MD5 45e25bb134343fe4a559478cd56f0971
SHA1 79f18ad0b7e3935c3231ced0edd8ea3c7997ca93
SHA256 dae4dd8e56ccc952312b3b238a1db294d4d7ad4f532c31cd1c2e5f9dee881678
SHA512 9b32b125c4183fe992630bc6ce9a511157959556fdce53f8264aba2aa8fb7b0e53b408b505da2cc96cdec771470927e74cba3bbd6eb71a5077e9f933cdc85292

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\cache\morgue\251\{7338b5e3-8f36-407c-b6eb-8081be67bcfb}.final

MD5 5b0f165bbdb71faa1bb5b26c4f022e96
SHA1 704bbe81e0d8370e675246e1cbb347bf8599aa45
SHA256 b95a445bd9d295276e8423f1ad3fc50c740512a634f2115364217544bc87d44f
SHA512 6c521b2c55135ec98f79193bf9c62b73cfb1801cdeed03a9871878f677aacea46cae165a4290682768ca1c1192dff2e87b63c39228164d72d2c7abbe732f8d20

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\storage\default\https+++www.youtube.com\cache\morgue\191\{f58f503a-b1fb-410d-897e-1dcbc20aeebf}.final

MD5 7981f433590b9d8b8a3ddcbd9d4a83ed
SHA1 58944a6101a8cd3e37574d26f2d03638c0fe2b2b
SHA256 097ca92e3fe122231764cb6d23deca18894c83cbd4128b39e925c88c061096b1
SHA512 67e541767b07de4f4a1b88b13c5ae2f0b0df41c09b22648d8681cd7e7cb2cc7d0c15f685f8d6165317fa5956687f46731867892d3e811b78a9b6df2eb3565d4f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ffa8e8ad70116eefbb80bb4ab35c8499
SHA1 690d9713a0d58f7230da8b13bc8f0f930250e779
SHA256 dcfbb43779866fed805817d91de6ebbaa72661588137d2ee135cdbded28b1419
SHA512 a65d727a35928b7c51f88b5f3382d590b48c30cec719d3f578abc75a32d54159f48c6033d579343df7ada07f87ef13591a050288217ccf2a42007eb08c85b558

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 54d024b9fc6f2191da69b6ac5bc979c1
SHA1 53c14befe29889387fb986fe4492b70f57c18c54
SHA256 29e8ce6368e68449b5d666dc7288eb9c62bfb4d68a45b143ee7d51b4578f94f8
SHA512 6235bb32a5778bb67ceeb115dd4df46e7379b7f91efc435c88b8682aa1f659084b6a80c924f9364c73141f049c9e29af2a009c0b34416e631e0c78062915465d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 3add4552d85a1daa6336859603a9ad12
SHA1 7eab7e30b1822a7c8b0d1738f63f4144190b27bc
SHA256 b6b16d677def6dd04b970525d878261ce262e365318f7b58e525d7e1dc5861d2
SHA512 1c9385e0e9f55d9ea4648eb72c9c667933e93cbdc078bfff56438bf77a83e605ae49a897384253c7fbe210a5d350eba10cf77c79414e4727bab5e4cef7c3156b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ac66a9fc626d77a83303acd0b8efeb71
SHA1 4af90635d01e552d8c07525ac7180fe98811ff5b
SHA256 765fb0cb239aef98bf33451e8871ee3326326cc946a06586cff22c1f71a20a66
SHA512 9ffc60e0ca501cb062fc6efb0833ed84a0e5989cc1289435f4b4292a347bee15fb7fc5426aedfa4c19d0c779cede21677ab7d718b12b20529389d249e292f1e4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 3b8d1294b53d0a2690da5a676563397a
SHA1 64188e5c723f879d0ae50e2bbf23ec4ec1218b6c
SHA256 f2dea934ee0185babad7cdba384fa330f05ca14e3d6f521ccf7d8621ed431b6b
SHA512 2e1274ed3f6d9be149efc570fa4f199eb679eec8f9d24a0d336da95b29202e55abbb1d82755b01713b47e3ef53cec38a5c791cd091e9df2f7659cba22708953a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a30ebf608ce589be0c6001ff8916d855
SHA1 e21ea913e000da0650d3d6703114703b793df2b8
SHA256 298084cf079777d55982d6fd30e99f70b1f8859a1caf0878a7a9c44e1a1e8a88
SHA512 3ff6abe305003652461ec7239c4786427ace19842a3c44f9414cd2f83411eb44ee4387e64e97c85d063185c55a34c7bf419b91499050bc919d35bda22ed0e2c8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 781f500f7bd511c0c807f06182014350
SHA1 30774cdf00059e8607bef2e9f08f2ed9870e47f5
SHA256 7bc382c7e68448f14aa2098508ee80e0289d41230c450c2d26afe4b5c2e5fdfc
SHA512 ba5951eaba26f19d7c333e789de4f5070aca24036b18af572555f5aeaae9b708448d2ea5b9bf4863c8272a19be0c2ea2cf7f79de47790fb39d68815cc01ded76

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0773cf5c3a721a2aefe59487484da5e4
SHA1 8bef55afcae4372cc2564a6f6b8d774ec5412b1d
SHA256 98f1a9b58dfe54922a77c254abcb9297395141bce00c910cef735669482a026d
SHA512 7ce3c7c8d05ca1d265fe9304f10e290e02cee75c0101b6fdf6b9a4246c76fd7d7c3c834d0f0b0d75c9482a2070423fd716027e40713ddd8afc2d569eb9132047

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3fe04ea1c466ed03bf833fb1b5e8ce13
SHA1 5e8dfa543e26a886d384a6edd8e0a44908fb172c
SHA256 fe9772a16896e97065b6212e0e5c1907aff14c9d01b280b8269099a0045d07d0
SHA512 f9c073b8fb8023536607db40e8aeacda2a2cc152b166c95ab84ac4165f518b5fdc43bac864f4ef6b62d2c8c7c86e51c0d9763f67d968bd41079a50489f3a8224

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 51c5869a9b0206acb22c53a80d53d34d
SHA1 1214fcf008e29f39d36dd4576a9e523fc204925a
SHA256 0386b2c97c5d9f20abb324518905f8ae25de658d050a4f920590ca6d809dfed0
SHA512 39a75868033d162c6307c71b96cb66ee13a8af2e193b631b85268e5ce28553171e6e89265c6c5873a4e3ab5018da35f8f45d9c2d68d4a08e185220507c2b073e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6f54c8639723428ed34aaff99268c43d
SHA1 cc901552e221474cd5f51bb4c4946b956f26464c
SHA256 9656844c08da400f98e9c45bb58598104632f1e23031019dd32d7a6178d5520d
SHA512 a8217dba3fec1e33c84186986358fe1348483a629155d90b960f6474615669f52d4d31dae1d4b5bfbecea12781383615ea04b2b07388a8e9982374dce8932b66

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 940db94772af742302dd159a4166e2be
SHA1 8ecbbe4c263251f2a512e22e71f9d0aba4cc3074
SHA256 aee78d78745f51b83cf826d2aa53791649079dfabb0d2efcb31f083ed7bedaab
SHA512 167aaec2af922a95ab61c31c33eb2e889c7f1ea68391c8c5f49816d2a650fe94fa988abd46c7794032f605c75101d9ecc3369604bf2911fba49343c4b94cd9f1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a93b0a291aba1bfd2d72bc58b9dfe39b
SHA1 fac1de258f46eee1553bd558f50ec6693b5858b1
SHA256 718a1469a9c4698aca5bf55301d5dd2d36351b03d0b00f897777a27d477286b5
SHA512 d79db6f62bbad33d2ab374dffd4309d471f3c2e477145ab2b73f28852bf56c92a8e69adb643644f3ea650822efd24a76eadfc131c6f1eb042bbebcca9d84fd5c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1b878b10571a9e77e3b1654815c001ca
SHA1 aabd8fbc82c49a7cf33c0fd8071c8460c79dfbbc
SHA256 b01f2172cd89640b58e913928ca18c4be230c5303f887594aced2ac3550f962f
SHA512 d1976f9669391f948aff70589f780e61ce196122c75a58f80b4165829121d63080427301ceb1fef568102789d5d63a39bca4a6097ab4efa76557a574b62704eb

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3d1c86b5d58bac27d4a92056566315c0
SHA1 ce323ff48c7c0249b2e88895d7c844c7b2268e80
SHA256 b4ee85e9e5083ccc691a9507824438c5f020a4ca45698bd232c51570df66637e
SHA512 cdd9cd04e96d82d7cb299fe6269b377ca9bea4a38b3829b9dff5c4af20a8b9247ca7954f3b6908c2de968a6eea5ec9a95e8f945588463697ef21cbc569b2f714

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\sessionstore-backups\recovery.jsonlz4

MD5 73b6f2f7c3d5f4ecef318d4df0945864
SHA1 d700048baf9eb2beed5df30172f4c9b599cd32fe
SHA256 46a0cca7ae613ccfc973581d5aa29f0a94e7ab8a47a5a0ea283a112a70e16319
SHA512 e9509fe092e357d696c047c3c3697a13140f1c1721045b9c46704fef1c4a5b994d56eaf69444d89c579e77689df674f8b9f99c806c4a96befa48bbb26524c5b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b1261b51019e7176f01e0c03e82ef18e
SHA1 78f1c9a35f3bdc605313b86f2e0a7a918b8b96c7
SHA256 8c7902de317f10e5624a8cbf258ba09225bea6f3f9ddb7cb026a4800618f5a37
SHA512 39f6b105f30ba0069bdba4dfe647d8548840a4d177602376bca30d86e484c7494cfdc722428a7f7592f90a10436e624654a8045115bedb52f63d8fe76b5724a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2ccef2cfd7395b52b6beb565fa6a742b
SHA1 4efd49d0bd04b0618891638781f2614b080cb6c7
SHA256 e8ac81a93b0e4a4ddcc01098e10c261075e9b8a8dde69c8143c316835b14067b
SHA512 dabb74c56c1c37d93079662db3168f29364b94d3b477e79841e67824bdf73137db4be1b87c99594e18210c725fb89a1b24db812149987205983312f3b62da4bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

MD5 65fb8a888aba88d641452f3b4722adaf
SHA1 293801b04e4b67d724fb7a79ba9db9c78de1ca7b
SHA256 e0b5fb8efbfaec63d04ca1e74827dcc2a9c14d5a9c27558fa2580ffb41edf1af
SHA512 f5ea62f82e8a443d34202abfc80480a8c9c6601872be4f41218b9a1a8d1e3e139b756880a1ea99620d4792cb09c82119eeb8e4e1b43b62b1469af2269f927ea9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\4f34d182-e145-4ef3-b1f0-72a907db2a33.tmp

MD5 857738885ac17dda38bbd900e6ccd259
SHA1 b46da84cdd7b26fa41160a4008170123b43cfaee
SHA256 2015d12cdc229d0c884c7cfc6f373d911fcd0eea60e0e25dd46f5c8cd61d3f1e
SHA512 0aa200db1c137a5b208d430db9e0ea66bc514edc4525eb990f9a12cbee8d52ec768bbfb1aff708e5771433e378f313260be92166fe19951924df1c8bdc4b3d69

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bd554579c6a40158178dd25a4a4e6611
SHA1 72ea8d755f7cfb6f7145102b47451a535df594b1
SHA256 7ec3975ffd88af6af9cdff9c71366a33edaf61cf0716e489c25b3007253d2597
SHA512 53583efe941c9eef4fee7de8ed754428002959687634ba8d46520e52e333427a1e516cfc1e86f3da6756da4402bddafec3a58d7932d210dbd79fcd1063906d5e

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\prefs-1.js

MD5 d73021f4fcea18a9dd1bc2920ce94d12
SHA1 81b62896343568943636e5eadfb394c7ef180eca
SHA256 57083bfe6e747f76a6cab474669994ffdddc9b3d7d0b87a40f6cc161a370bb35
SHA512 0c99d047790d5f66208ec18afb437791ec8e6556f927884067e045867804626046916d3b8d0306a274d132a5079ef3606e854d1e3db9b4e32eda2a888325492f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 92b464debf35d7ac6fee0652fc5b0cf8
SHA1 a8842c604d812401c40a6e0ddee1860dfe595b31
SHA256 968c323eeda23c059e836d4f7805bcfc4916bbf0ba26cd12c8f404154e0be3af
SHA512 9bff5b7fc0c43847f27475e11a0ef38d9eea114d456cd22a4367bcb03af2c15008b5cb9bed43417067f9b7787fc9063698806c6994908ba612d3b386cebbda1f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 8cb0e6f0e5b17a0418c07042c4fe7c83
SHA1 dd45a9d55f2ac8b39126d7a5df67b2a9dbb07f91
SHA256 e359c5bb6210354ce992d13c41f746fd15ee8c8ebeedc29f3edeb5791af52fab
SHA512 a9666b58722965ac8ae0fb614e71d56160360eeb54ac77e711a9b7af3edd0b5df82edf0b70afda2f9f00dd648315308f0f3af4130b11d92f744d26a6aa8c28c3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kzcnpuah.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5ddc0c259b7400ed0cf7b9cadb5d1fee
SHA1 5d281ba51e81d34fe56440846a46cd63cff6b8a3
SHA256 7155ea4040d11975fffc1fcf612cb447fcf4b59f1122657f988a2ff2530e6676
SHA512 2bd3d2020264d703cfcefd4b014e3da91e0698103567cd43fb2150b3d3c431037b27df9faa8822946667484db6328c75c281e3d6505bdb29d5e562ba624f150c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 29dc8bf926d8b8e2e38cf72be2b604e2
SHA1 7ac477c9c068a4f94d52d88df29407465e22d133
SHA256 91df548a99336d2aa7dc1a6e25e9a1e53b2d41c0e20eaeaa997022ffce3fc8c0
SHA512 3e7e145a15fcfad108a2ed803d8c0cfad631543be8ea2f73cd5a43ad275fd8865bbf4d4dc3587479af1d175feb086e41a109299a8ae109da71afc097b6179f59

Analysis: behavioral2

Detonation Overview

Submitted

2024-02-19 06:21

Reported

2024-02-19 06:23

Platform

win10v2004-20231215-en

Max time kernel

149s

Max time network

150s

Command Line

"C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-768304381-2824894965-3840216961-1000\{3AF88C55-B10C-4F3A-A906-8AFDB2AA4F25} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-768304381-2824894965-3840216961-1000\{F4AF8E6B-5116-48B8-82AD-BB4711A4105D} C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2784 wrote to memory of 5020 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2784 wrote to memory of 5020 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2784 wrote to memory of 2120 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2784 wrote to memory of 2120 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2120 wrote to memory of 4600 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2120 wrote to memory of 4600 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2784 wrote to memory of 792 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2784 wrote to memory of 792 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 792 wrote to memory of 1212 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 792 wrote to memory of 1212 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2784 wrote to memory of 116 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2784 wrote to memory of 116 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 116 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 116 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2784 wrote to memory of 3736 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2784 wrote to memory of 3736 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3736 wrote to memory of 4892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3736 wrote to memory of 4892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2784 wrote to memory of 5104 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2784 wrote to memory of 5104 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5104 wrote to memory of 4288 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5104 wrote to memory of 4288 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2784 wrote to memory of 2824 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2784 wrote to memory of 2824 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2784 wrote to memory of 3928 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2784 wrote to memory of 3928 N/A C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2824 wrote to memory of 3892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2824 wrote to memory of 3892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5020 wrote to memory of 3148 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe

"C:\Users\Admin\AppData\Local\Temp\d3031268d18f0981f8f4963db699aad171dad0eb1becb78d52fbc9630413917e.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa9ab946f8,0x7ffa9ab94708,0x7ffa9ab94718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.linkedin.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa9ab946f8,0x7ffa9ab94708,0x7ffa9ab94718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa9ab946f8,0x7ffa9ab94708,0x7ffa9ab94718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa9ab946f8,0x7ffa9ab94708,0x7ffa9ab94718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ffa9ab946f8,0x7ffa9ab94708,0x7ffa9ab94718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa9ab946f8,0x7ffa9ab94708,0x7ffa9ab94718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa9a679758,0x7ffa9a679768,0x7ffa9a679778

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,612428225523362652,14295659659645224686,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2768 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa9a679758,0x7ffa9a679768,0x7ffa9a679778

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,612428225523362652,14295659659645224686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa9a679758,0x7ffa9a679768,0x7ffa9a679778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,4795988605280948494,831922903085083986,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 /prefetch:3

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,612428225523362652,14295659659645224686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3960 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,612428225523362652,14295659659645224686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2052,2084282853753498776,12059334050700193034,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,2084282853753498776,12059334050700193034,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2064 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,612428225523362652,14295659659645224686,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,612428225523362652,14295659659645224686,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa9ab946f8,0x7ffa9ab94708,0x7ffa9ab94718

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1900,14209353834329385391,15000831999349526695,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1464 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,612428225523362652,14295659659645224686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4176 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4576.0.1357535663\1601158598" -parentBuildID 20221007134813 -prefsHandle 1876 -prefMapHandle 1868 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1bf480ec-6b8a-4675-8ef2-be6c645cbfcc} 4576 "\\.\pipe\gecko-crash-server-pipe.4576" 1972 19dc0ad9e58 gpu

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,612428225523362652,14295659659645224686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,612428225523362652,14295659659645224686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4496 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,612428225523362652,14295659659645224686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4672 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4576.1.1253709831\1825030870" -parentBuildID 20221007134813 -prefsHandle 2412 -prefMapHandle 2400 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {20aeeb69-cb27-494c-8798-ef2f53feb30a} 4576 "\\.\pipe\gecko-crash-server-pipe.4576" 2448 19dc0234a58 socket

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,612428225523362652,14295659659645224686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4848 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1860,i,14664514257633536568,2247641137832611400,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1788 --field-trial-handle=1860,i,14664514257633536568,2247641137832611400,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2220 --field-trial-handle=1860,i,14664514257633536568,2247641137832611400,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4576.2.1261913238\967002645" -childID 1 -isForBrowser -prefsHandle 3380 -prefMapHandle 3376 -prefsLen 21603 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a4518da2-9472-44f9-998b-c00e55585e51} 4576 "\\.\pipe\gecko-crash-server-pipe.4576" 3392 19dc436a858 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3032 --field-trial-handle=1860,i,14664514257633536568,2247641137832611400,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3024 --field-trial-handle=1860,i,14664514257633536568,2247641137832611400,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1804 --field-trial-handle=1964,i,9661241354728941048,8809845336272216777,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1664 --field-trial-handle=1964,i,9661241354728941048,8809845336272216777,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3752 --field-trial-handle=1860,i,14664514257633536568,2247641137832611400,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2024 --field-trial-handle=1964,i,3883251715689008767,9810509643613287393,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1780 --field-trial-handle=1964,i,3883251715689008767,9810509643613287393,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3964 --field-trial-handle=1860,i,14664514257633536568,2247641137832611400,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,612428225523362652,14295659659645224686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,612428225523362652,14295659659645224686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5976 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,612428225523362652,14295659659645224686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4868 --field-trial-handle=1860,i,14664514257633536568,2247641137832611400,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4828 --field-trial-handle=1860,i,14664514257633536568,2247641137832611400,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,612428225523362652,14295659659645224686,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6164 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4576.5.1989609334\1102238823" -childID 4 -isForBrowser -prefsHandle 3932 -prefMapHandle 3928 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c47c1ca4-2aae-41a2-bee5-a4a69b906fcc} 4576 "\\.\pipe\gecko-crash-server-pipe.4576" 3940 19dc49f0058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4576.4.1322358880\1602918567" -childID 3 -isForBrowser -prefsHandle 3172 -prefMapHandle 3660 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a3fa6e7d-9120-465e-9f12-785672694bad} 4576 "\\.\pipe\gecko-crash-server-pipe.4576" 3736 19dc49efa58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4576.3.383858007\1656330233" -childID 2 -isForBrowser -prefsHandle 3648 -prefMapHandle 3236 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1c3e68a9-3179-4fbf-aa76-cf1995e1793a} 4576 "\\.\pipe\gecko-crash-server-pipe.4576" 3084 19dc49ef158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4576.6.1313219076\322700133" -childID 5 -isForBrowser -prefsHandle 4244 -prefMapHandle 4248 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {77c84f41-9da1-4c86-9a53-ca031ecfeded} 4576 "\\.\pipe\gecko-crash-server-pipe.4576" 4272 19dc54bfb58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4576.7.374828768\1000009427" -childID 6 -isForBrowser -prefsHandle 4960 -prefMapHandle 4956 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b89065f6-135f-4390-9334-71e4da23bdf9} 4576 "\\.\pipe\gecko-crash-server-pipe.4576" 4968 19dc54c1358 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4576.9.862843328\406894317" -childID 8 -isForBrowser -prefsHandle 5868 -prefMapHandle 5872 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0755bdd2-ad20-4d01-b950-2756c484f50a} 4576 "\\.\pipe\gecko-crash-server-pipe.4576" 5756 19dc7936558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4576.8.1888743756\1703515822" -childID 7 -isForBrowser -prefsHandle 5720 -prefMapHandle 5716 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {da1b957b-956c-4785-89bd-05e79958f6ec} 4576 "\\.\pipe\gecko-crash-server-pipe.4576" 5732 19dc7399558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4576.10.1599473935\1856052045" -parentBuildID 20221007134813 -prefsHandle 6200 -prefMapHandle 6196 -prefsLen 26381 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f29e988e-72b6-4088-9d33-422c3fa5a4fd} 4576 "\\.\pipe\gecko-crash-server-pipe.4576" 6212 19dc31cce58 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4576.11.947189221\1722529561" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 6212 -prefMapHandle 6164 -prefsLen 26381 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {979dc160-8ec8-47c9-ad6e-661101270002} 4576 "\\.\pipe\gecko-crash-server-pipe.4576" 6148 19dc547fb58 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4576.12.260132785\623044436" -childID 9 -isForBrowser -prefsHandle 6656 -prefMapHandle 6652 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7262f392-eace-4c10-bfb2-91596ff7334f} 4576 "\\.\pipe\gecko-crash-server-pipe.4576" 6668 19dc7b9a558 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2128,612428225523362652,14295659659645224686,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=7192 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2128,612428225523362652,14295659659645224686,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7176 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3028 --field-trial-handle=1860,i,14664514257633536568,2247641137832611400,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3904 --field-trial-handle=1860,i,14664514257633536568,2247641137832611400,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3784 --field-trial-handle=1860,i,14664514257633536568,2247641137832611400,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2128,612428225523362652,14295659659645224686,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7484 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4128 --field-trial-handle=1860,i,14664514257633536568,2247641137832611400,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4120 --field-trial-handle=1860,i,14664514257633536568,2247641137832611400,131072 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,612428225523362652,14295659659645224686,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1800 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2792 --field-trial-handle=1860,i,14664514257633536568,2247641137832611400,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.linkedin.com udp
GB 142.250.180.14:443 www.youtube.com tcp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 142.250.180.14:443 www.youtube.com udp
GB 142.250.180.14:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 35.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
NL 142.250.27.84:443 accounts.google.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 static.licdn.com udp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 23.147.70.163.in-addr.arpa udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 157.240.221.35:443 www.facebook.com udp
US 8.8.8.8:53 104.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 14.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.178.22:443 i.ytimg.com tcp
GB 142.250.178.22:443 i.ytimg.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 44.227.167.82:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 22.178.250.142.in-addr.arpa udp
GB 142.250.180.14:443 youtube-ui.l.google.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 142.250.180.14:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
GB 142.250.178.22:443 i.ytimg.com tcp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 82.167.227.44.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
GB 142.250.178.22:443 i.ytimg.com tcp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
GB 142.250.178.22:443 i.ytimg.com udp
GB 142.250.178.22:443 i.ytimg.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
GB 142.250.178.22:443 i.ytimg.com tcp
GB 142.250.180.14:443 youtube-ui.l.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 rr4---sn-t0a7sn7d.googlevideo.com udp
NL 142.250.27.84:443 accounts.google.com udp
CA 209.85.225.201:443 rr4---sn-t0a7sn7d.googlevideo.com tcp
CA 209.85.225.201:443 rr4---sn-t0a7sn7d.googlevideo.com tcp
US 8.8.8.8:53 rr4.sn-t0a7sn7d.googlevideo.com udp
US 8.8.8.8:53 rr4.sn-t0a7sn7d.googlevideo.com udp
US 8.8.8.8:53 201.225.85.209.in-addr.arpa udp
US 8.8.8.8:53 rr4---sn-t0a7sn7d.googlevideo.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.180.14:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 172.217.16.234:443 content-autofill.googleapis.com tcp
CA 209.85.225.201:443 rr4---sn-t0a7sn7d.googlevideo.com tcp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
CA 209.85.225.201:443 rr4---sn-t0a7sn7d.googlevideo.com tcp
GB 142.250.178.4:443 www.google.com udp
CA 209.85.225.201:443 rr4---sn-t0a7sn7d.googlevideo.com tcp
CA 209.85.225.201:443 rr4---sn-t0a7sn7d.googlevideo.com tcp
US 8.8.8.8:53 www.google.com udp
CA 209.85.225.201:443 rr4---sn-t0a7sn7d.googlevideo.com tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.234:443 content-autofill.googleapis.com udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
GB 142.250.178.4:443 www.google.com tcp
N/A 127.0.0.1:58584 tcp
US 8.8.8.8:53 ponf.linkedin.com udp
US 144.2.9.1:443 ponf.linkedin.com tcp
US 144.2.9.1:443 ponf.linkedin.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 1.9.2.144.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 stun.l.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 platform.linkedin.com udp
US 152.199.22.144:443 platform.linkedin.com tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 144.22.199.152.in-addr.arpa udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
US 8.8.8.8:53 youtube.com udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
GB 142.250.187.238:443 youtube.com tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
N/A 127.0.0.1:60186 tcp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 155.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 78.169.217.172.in-addr.arpa udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 172.217.169.78:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5ednde.gvt1.com udp
DE 74.125.162.134:443 r1---sn-4g5ednde.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5ednde.gvt1.com udp
US 8.8.8.8:53 r1.sn-4g5ednde.gvt1.com udp
DE 74.125.162.134:443 r1.sn-4g5ednde.gvt1.com tcp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.200.42:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 134.162.125.74.in-addr.arpa udp
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
DE 74.125.162.134:443 r1.sn-4g5ednde.gvt1.com udp
GB 142.250.200.42:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 rr3---sn-hgn7rn7k.googlevideo.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
US 8.8.8.8:53 127.144.250.142.in-addr.arpa udp
GB 142.250.187.238:443 youtube.com udp
FR 172.217.130.200:443 rr3---sn-hgn7rn7k.googlevideo.com tcp
FR 172.217.130.200:443 rr3---sn-hgn7rn7k.googlevideo.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 200.130.217.172.in-addr.arpa udp
FR 172.217.130.200:443 rr3---sn-hgn7rn7k.googlevideo.com tcp
FR 172.217.130.200:443 rr3---sn-hgn7rn7k.googlevideo.com tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
FR 172.217.130.200:443 rr3---sn-hgn7rn7k.googlevideo.com tcp
GB 142.250.187.238:443 youtube.com tcp
GB 142.250.200.14:443 play.google.com udp
FR 172.217.130.200:443 rr3---sn-hgn7rn7k.googlevideo.com tcp
FR 172.217.130.200:443 rr3---sn-hgn7rn7k.googlevideo.com tcp
US 8.8.8.8:53 217.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 209.205.72.20.in-addr.arpa udp
GB 172.217.16.234:443 jnn-pa.googleapis.com udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.187.238:443 youtube.com tcp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 142.250.200.14:443 play.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 beacons4.gvt2.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
GB 172.217.169.3:443 beacons3.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com tcp
GB 172.217.169.3:443 beacons3.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 8.8.8.8:53 116.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 21.236.111.52.in-addr.arpa udp
GB 142.250.200.42:443 jnn-pa.googleapis.com tcp
GB 142.250.200.42:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.180.14:443 www.youtube.com udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.180.14:443 www.youtube.com udp
GB 142.250.187.238:443 www.youtube.com udp
GB 142.250.200.14:443 www.youtube.com udp
GB 142.250.200.14:443 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.221.35:443 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.3:443 beacons3.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a57cb6ac4537c6701c0a83e024364f8a
SHA1 97346a9182b087f8189e79f50756d41cd615aa08
SHA256 fe6ad41335afdcf3f5ff3e94830818f70796174b5201c9ee94f236335098eff8
SHA512 8d59de8b0378f4d0619c4a267585d6bfd8c9276919d98c444f1dbb8dec0fab09b767e87db972244726af904df3e9decbff5f3bb5c4c06a9e2536f4c1874cd2f2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 5e77545b7e1c504b2f5ce7c5cc2ce1fe
SHA1 d81a6af13cf31fa410b85471e4509124ebeaff7e
SHA256 cbb617cd6cde793f367df016b200d35ce3c521ab901bbcb52928576bb180bc11
SHA512 cbc65c61334a8b18ece79acdb30a4af80aa9448c3edc3902b00eb48fd5038bf6013d1f3f6436c1bcb637e78c485ae8e352839ca3c9ddf7e45b3b82d23b0e6e37

\??\pipe\LOCAL\crashpad_5020_VXTXMJPSOJVCQLLV

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 da720017583df8212fd69f8fcd7b6b6e
SHA1 0ea9e35cd6c6dd27a9601b0ec3a30cc8283dd738
SHA256 7ae143ff4808674a468026efd4944dc2007b3f6424ad789d88c0a3d31a625e1a
SHA512 4f526d979a5e772bc7cc8692fec922332ab8aa932573f93225dcb7908b55f42daeddf3f9d4b54ee47b042843d82483caee91a0273bdded58dc2a41b60b4ce0d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 34c42698e2f82fa31fad66971c0913a3
SHA1 adbea46a4f522035cf6450c4b6053e91742da050
SHA256 784525478b2b72961aabf01d535d9e26615c045b5daf783209968382b75abae8
SHA512 8ebf3bb03ac60bbd84bf7504f12442d4aea3a600829d04e2cc4e771543af744f91ca6bd5e6b1744d7d0aad086e843f3147c2a04444badf6935dff77b3b5ef283

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 59ec3bf70c538ed4fef1feca0e12419c
SHA1 b3294ea0362574fb8020e46286af0c64bb1d0d5a
SHA256 beb918bc317c191ad45cae8b6fdbc27e55406fc1cae4625b191e416f0567c3c0
SHA512 57cf224978c1f9005f40a2312c5e22f1a1a669ecc21f46f2705027589d793dd48d890f9e75415a9de861f097cda61449478fecef2be1b499763ceb959f4dcf98

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 cb8e95ad828fd91809912be81d7bff76
SHA1 1a32fd7adf7af5b69efc7833ae1707c422eb5188
SHA256 89ff138173145f3f35bb475e338c1b5444852d6dd34cba48137b3fea572e924f
SHA512 f03726eb5c2a5551ec298822cd43335c2e2baf95e1a8d470e5fb0ac427614799f5d72d8c7f9c59f59128b84981602f6caeeac7b5a1c15c9e678199c98c7ba939

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f950fc20a6ad7991905fa6f9f9302f9a
SHA1 8d46c3de1b50751b84d45e19fa96d6f96cfa8f1c
SHA256 207fa8bdfed9cdf9a2920ea1e46283574ccbc22ee61e59960496e3b08c562f36
SHA512 6a51a672f485a9140be1e2874028b85ca6201ad458b7c30a862196e56f52e2980ca57f2cf243f06ab813ab00354523779b8776b828c9208e49afb2027bd8d756

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a29ce578b55693c6bd31e4b83f981895
SHA1 de3cc928b06a92fa9a27b3e8397c9bcf9c7ff952
SHA256 1979a73baf11634cd72a31a4035b35c8466f54ddfc33fc5ec5e3a1c68396c102
SHA512 ae8e69e7b572bf73d7a92267f67bf233f3d20a0f0e6be614205d35704871490188010e715f474677095e9b08a5b306d71eb0fe93ebf0168fc4fe0083d55ed8b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 53f44d74237b04748ca69213b584a806
SHA1 f076d51d66fd2337b6de6f5f2ba1e6fd92fd8f4f
SHA256 7419e18bf146a1a637627a17530ca1a868b1a5fb7e8d74bcdcdbc50c28b29bbb
SHA512 072faa597a94be9b22d6f196edb9069e18a299fd81c0aa9a70d7a99121b454a730526da15d581fd47d7b511bf4e82338954aa85b6dffabe3b41d9160b846c0ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 27d1c9f7f8d0d2667e1c7f16934400e3
SHA1 69864fa30d201495132219dd157b20fae8112091
SHA256 e2e39189606d0cc9fbcf37c15e85a42bc261bfcc2502c6a315d16467fefdcb6f
SHA512 e76ba800a953b72d65efb6913e8f83e3fab076a969d7257fa6189aebb833461097e957ff93e033074ce5fa85262b58c2f97bfea073820dc135cd4b77ca1d9cb6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 8549c255650427d618ef18b14dfd2b56
SHA1 8272585186777b344db3960df62b00f570d247f6
SHA256 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512 e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 eef758c41823dc68bfac1ad8a7846d17
SHA1 04d5f48ac48e8c731845e7c1bb5f965277a5c5de
SHA256 c8c3a34b29d1cf7682e43d130ba84b9439b2a876a4fe6a3eafa5904a684298cf
SHA512 380f81c4e199f5dbf0887ee68a6c64cc2562a102eca3288da64ac48a74875362154fd532d66fcee4ede7ed280494793cdd80d8f11491bd6c3301c582303cdf8f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\datareporting\glean\pending_pings\ad9cdf18-9055-437c-b6bb-42df47c268b3

MD5 a990ba2713ba0fcb8cbb5df6b6847e56
SHA1 3c6af4f8b470eeee14738f2edc8769f346c4fce3
SHA256 97e54fdb50dc07e62ff794113670429e345833923e6a7dcefdfdfdf488031fa9
SHA512 73ea79e965e281d50f52fc340c566f32ac4a0f7ca6b9590f305f18fed56c55efa60cb9c4187079c42e2a4c802edaf3a6c3b71b72ef268ac30f97da23b2b1f1e3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\datareporting\glean\pending_pings\13e55811-af01-4f6b-a31e-253d748919a4

MD5 0fd7eef326b2fa69aac63af4528577f9
SHA1 446ca23b7cc1998991e92e3f12c9c3417dd1b39d
SHA256 cfad0ef13e603893a6d7aafc189357a8ebe2e24dd4725585ce35851d1754f9f6
SHA512 34a38291f50d3a30da7d86584f1ad4f53f62fd3adfef7416952dcb01cd05ddb18438a53fece2f68f9e9a768a74d079278fb3792dec69985f840b859cad94ed71

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\datareporting\glean\db\data.safe.bin

MD5 00a0287560069f4aac9f69fe9ee163a8
SHA1 15d7a0f8c7733e78dc4cc9164cb47419ba6f9ad0
SHA256 92ba13462463f56b61695fa1f0cf7e77c7879474fd734458d8c771c9c7adc569
SHA512 1710b3e8d4a07e5b0c0a76c68e3eae0394bfc18f2494748d197dbc5b03817a9ab4fffbbcc8c20fa12381b541ac8beea78945cbe00c4ebd17df2b61377f7945e0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 fcb7f0509a2856e75f48535bb88a0989
SHA1 49e6b8082725fef501fce4218caa268c9a317fd6
SHA256 c6659868cb893164b87da53576fc4ea809afd5772ef19cfbb2d1d9506a28f769
SHA512 b623d6ca521723ffaac7547092552f1f802158e62c3f98af51d7abc7c1f78d96a2565d25c5b0da475a55abc6c6e9d51b4ffddd5f23d064562e7a5ad355eaaa40

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\prefs.js

MD5 7953df1fd42ce42582747ffec21e4aa7
SHA1 47139f39bb376acc71e3d6084ffba6a89ba54213
SHA256 ae4cffa0ac9b26d4cd2c9577747ffbd284391ea0b2bc20be93313d9bc7e46254
SHA512 2cd55ebac2af1a6f54cd80716d224274672f210ad4abec123fd7dbb5656444e6da48c14c0e8c84dc4df89dd72a8aeba914713a3c1035f2f2b6f0bdc81d1636a8

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\sessionstore-backups\recovery.jsonlz4

MD5 887f86b0a35f2484f3e18cdeb5ba8d2d
SHA1 e184800eec10c48970cee1140142966b929ddb3c
SHA256 c2e3023575c8b6c4227ab7a1a6cdbde474b38e90fc1c63643c28d5057e0c8a95
SHA512 0390e449919e923060887d7f5f73eb9e6e845cdecc0bb050c3bbec434f85f3826f0fbc564731333d7f1ad3fc19f87d16ae4a0651c0918d440972622662f52bb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 b3b3a2a25257cac2926de3c7ca377d77
SHA1 722c60c46ae895110fb1c8beb92cb2add490758e
SHA256 377c00695a5d2fc56c554f6823521be5d44a0e969c0d5ae2fc854fff7b831654
SHA512 43cfadedf3e2e13fdd0cb608263abb38d0809d0d1548755ab97047b75ae70921e5c47a9ba8618c9282350ddb201c94850e88516ad41bbb56c190fb30d0520eb7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 e4871a2a01805f6a4e4b5b302fb51c79
SHA1 5ba1b6c82c8861baae0d2ad4e969db97b05398fc
SHA256 8fe4ca7286a0bca3d62f59e060e6de37466a99e4e2eb293a533d5e470470fe2f
SHA512 007882924601b014e95d9d5cf3a804c231d0b192dc1b714adba25e393e6c7c1adaf068a99ba4848f8a1308f2c9ce4f3b947fab576437d5f8f59f22067f803eb6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\prefs.js

MD5 81e14fc1ae45dd07bd7af1df676a8e5f
SHA1 483bed3ff630be5a8772b9611c6f7d5275bd4574
SHA256 a2f5970bba82ee085f464a3e03af96257236ae4f36c4a1dadc12ab7f3fa9fb96
SHA512 cf33f0f342456fae99588195deff1aa7bcc3c29342df1f13f537d338bece9b181fd7d211b730bec7d62d0801b2638b56207fd7d6b49c576850201026539d1399

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 9cad3234956712166e11a04604019fde
SHA1 c81846d18cf09e820e1bcf3a8c4b5373d608c0b2
SHA256 0c4164edc57bab9c0c84f869af0931fee6f2f8354797e51fab012117e35c3365
SHA512 e4ac5d631b81107040a0504ac0267525863c1afbf1f67937ef554ed280c761c5c621eca2e6ebbb2641fd703dc07e7a271dca367e48c1b4b4b82439275bcc7acb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e49f052c6efae42946f654f8d48b0253
SHA1 50b714e98a5aed8ec9556924a8bdd0c8a11e8656
SHA256 70fd4d0affb9c6841d71b308a06df1c01ca28d835b887b31e926c1820996926d
SHA512 636949dc8aa3c50670f7d01d707df3fa39b9b6622d8e66f729456516c94642b78433aebdc148410c6922a2b883c3ad871c8c7cf0f0544c3c7b8f3d1388192256

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 6113d9f8b5839ba1672a924487efc6b8
SHA1 936ee83885f93c86290d3e6785a7aa57bbc948d5
SHA256 06b5e5a492bf40fcbf52c71bd4181409df6d8766baf268919a18d8a1c60f09ba
SHA512 76ecc189cf732b835244687a435db5070ed839fa4fa5e784e50c0a4b4c5e0c5fbba931059cb17651723c3b9b8446f40a66225a2e5bd0ff907e1948820747d836

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

MD5 e7509c0974f418f9abc9cfbe6680c85e
SHA1 1b05ca39e4e5007eb16292ac9153dd09e6e8b491
SHA256 5dfeecb28f2faf93c24e4755b3bdd2d1d32bac448f7ec94ea3eab9e934a425f4
SHA512 f16b7a2ef1e574328a918c42a6291ba3bb8fb146104de2f10471228d122ca27cec21e06fe3ed74192f6b72f01895c6c527f2706a9aa6c582b8d270f4a58d7d42

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 63e1eef9846bc48339d85c16bdaf3ca2
SHA1 affaf2c22905436930259d5b8916866190f94d2c
SHA256 2f69202f0cd5612d5b2419a983b11ccc7a8c5100eb7674877af730dcba0cc21b
SHA512 b00317eaf043b46c22d9aeb8efff3e49149e00ea1739d428a4d898012767fe80f799db6d103103c624c5d562f9bd953c15778ef754043b98da250556d8a20c96

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

MD5 7a204d478c8dfe822bf86f9103bbd9b3
SHA1 7114b36ea1588d9372d730b2ee5dec7a3aee36d1
SHA256 d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb
SHA512 f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2dc243bfc153ad3ca9296422ed2697ac
SHA1 3f8bf79b4155284a24d18e22dce75887ec5f0b6c
SHA256 27ac27a1787673075420205afd37fefa44bef7af75abfdd60d1bd23520115a83
SHA512 a69368e06bc11a58747230f43d5cdb9ecbc50227bff70bb390666f0a1e68bad724a03798412eeed84ad46e072bdc7bbb6a363cc0055b192d5e7a1db4882df9c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 2b9776807df1c30ef66c45ef60237487
SHA1 17e925fab39688d0d907687da86f566e283ee63b
SHA256 58a7c2031d7dbf5bda9614b64123996aa3bfcb5a783f901145baf087066c04a8
SHA512 e67162fb491ca513627e9fcb69a5db19a15129856ea3d01c2f0b5add061811bc5a0d4b6d8e53e4d7fe155b3bdf4a786cff697df5165368616589b411f8fafcf7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 6db2d2ceb22a030bd1caa72b32cfbf98
SHA1 fe50f35e60f88624a28b93b8a76be1377957618b
SHA256 7b22b0b16088ab7f7d6f938d7cfe9ae807856662ce3a63e7de6c8107186853e4
SHA512 d5a67a394003f559c98e1a1e9e31c2d473d04cc075b08bb0aab115ce42744da536895df2cec73fa54fc36f38d38e4906680cfacfbf4698ee925f1609fbb07912

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\storage\default\https+++www.youtube.com\idb\3653176471yCt7-%iCt7-%r1ecs4p0o.sqlite

MD5 563a9fd8cbad09f94c0e5f894f5c56f0
SHA1 f6d8ce18b1d6e987849b416a5c84fd633c9d889e
SHA256 0831152749ededf9c8336deae5223eafc14f130063760495704dbc8bac3e3f62
SHA512 23b24a04ef0bc3cf9d380111838e1f7f02ca4a60e66b64faf99b8d6f9c3b3aef24cd70870e65449caf8450dc04ef5db98972c4f682da85598f8957dd2dcd4c6e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\storage\default\https+++www.youtube.com\cache\morgue\69\{e3e4acfb-3b5c-4ee3-8fee-4ca8bc549145}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 716590913e4b56c436180f7d209ff86c
SHA1 444fa30e280ac847c5d539bfc0feaf99838d7f58
SHA256 8a80f4ed64fd2f3a88d7fb86bb2bca168080f9c51b4900834c10f3c24350c583
SHA512 0238f6c6f569eb9b3426790d4e721b6795be7e1adc03fb428f9f945ec2e3a6fb999e2a42bab457cd8d6152ccc1f0ee517f3bfcae11bfc7e184a1f3bf3b5743b3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

MD5 a22dfd7855455a80685b020e3e7c7aab
SHA1 97d659d8d2cb8853505b3f9c17c18876651211e3
SHA256 bee6d7b627e121064303fbd55a2e94b71275866fd7b40988e8652bc92dda6e08
SHA512 6376c141d2693697066b05e72859cde483ddab7d501080fbd9de103e96a747bc27f7824ba180191d39bbf2e438eafd8133305523ca14b53ca3ffe6a338a0759b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

MD5 f0f0a8e3702ac5b5fbfd773e976c30aa
SHA1 d2411aea483e74e200e581fe445b1a75ad0ccf36
SHA256 cfbec4b67a19f9026a938475545ba7a03fcc3fb9870090f0360016d21e34acb6
SHA512 54eb88b711d33052c2f68edb456923943bfae74e45ab891c8ef1f604bce603271dd02af03309fb5d1d04ad777de21ec9b337127d11c8fd8d850f62edf5a2cedb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 dc3b8c50e8c0eb3efdb4f61a11b07f95
SHA1 d0ff754f54871d9d06fda35d7ed84a396473cbe2
SHA256 fa158e2b238e5515c36f41e294701218c9b1c9908aba7382469b4a82820c9b35
SHA512 50c7bf882fe3e7e42078ca3c2b720ce87d450fcd4263f984e47a126d914cdb314ee6f1920ca22e196e9487df4d8a863a66c4590565b9d7f8ff7aba25e40c1b2d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

MD5 48a1f77ccf0f523f5c2864f20fc9c4e6
SHA1 a97d896b97804750932a9e8444f7a65cfbb295a2
SHA256 0097fe392f2479647d8c9f3840c7ac49f8296b1908bf0e99722a86f223037ed8
SHA512 e89189bc54043bb14f6535b55ba9aec1f27cc36defeaa5274e5f22acc50854bd9b34073a41649a4cbd66abf456bca5b1a695354bc4de3569c9bba9a494e05098

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

MD5 26009145d15eb91da5fcdc138770618b
SHA1 17c5dff4b9fc5e5a98f93cdf35ceb5ffa4c2f8e2
SHA256 85cd6bf80a72139a65e56632c333d648f0ebcd9bd8c1fd526557949f93ad7e8b
SHA512 187744cfdcf34bb94c50e175873a35e48a937ca816e6cea13870698e00b4edcbecb2a17f79e5f5f0980de4e0f7fe02327ad4917a10839c4e69bde5b791979696

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 00e4719e921c916759eaaeb965fb9b6e
SHA1 f0e7c979c0a1e85ac78d9dd231502fb425b18cd0
SHA256 5026526565cff03c7fac8772152e339d2161d8b473c2be9f2bd85937a47aa6d8
SHA512 b67fdeaad9acbe718c8713b6c4ce3dc7c4d76726f94febc6539d245e47b8893c744c338d6c2b18c5cad99e9d0141d1ce514e53d67dbc8d1d825e5eb08c5a5781

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 769287d0597f2baa517207a337bf038f
SHA1 3db7e68e2009f19907d2287caebf99eec0b8287b
SHA256 5e930a1c171d4599bb6daaf71ac52b2b50eb0f15e1ac08c0ba651fb27dd06b0d
SHA512 f504f98bc5550d19e1fb186fe35c0c9d67411259ea37e87404d503af6c04b3a6724959499f2be17ef753fed53bf892f0c27f6dc11ded18a7d22eb6e3c28d7d3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 468f56c49e928f7324bb12c425b1028f
SHA1 e62a69dce5978ebc31f113e66c8a298cd812192e
SHA256 281f7992219e8282dcc55a27a46c7b7391381f3b17e23bfd859804051ba46228
SHA512 ae9a65b88d3c9868245d161547f4759b58c16935a50c3e0b4c17d966b302ef7253c66539b14c6897f2eaf53da75848ded6c7c4086cb48f2a2d6b9eddab45209b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

MD5 a0fb6c980d43a693277dd0bc8df5759f
SHA1 fe59e9e6650763377b0c023ae999155fea6d3b97
SHA256 796054998da779383e891691a364ae203d24e409ccc3a8ebcf9bebeb6889a394
SHA512 7ccb64e2756a4f35765b63e6aa8f2a15b3c83e6f4f2c68f2fb2cdc4e9e54faa4b48f327c140b1d84e8ed83702d0c596f8473b738ecca642e155179f057ee11e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

MD5 ab580eb8d3fe4be9597afbd006cf33bf
SHA1 2d6ec78a974e4e58249463f7ec678393b4a51dd6
SHA256 c612b5f17836107993b7a04781c01c70278e97267de2a2cd68a5b07a537ee373
SHA512 7b0782fcf81ab0f1f90aa2d2a629f4175439585afbd87a573349d1272d995a2a63a8ff05b2161bd7c9e773b3eb1d998681c680a6afcff62734de0503f8032175

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\storage\default\https+++www.youtube.com\cache\morgue\143\{5d1c3787-faa1-487b-9bfc-e6fe3e018e8f}.final

MD5 5b0f165bbdb71faa1bb5b26c4f022e96
SHA1 704bbe81e0d8370e675246e1cbb347bf8599aa45
SHA256 b95a445bd9d295276e8423f1ad3fc50c740512a634f2115364217544bc87d44f
SHA512 6c521b2c55135ec98f79193bf9c62b73cfb1801cdeed03a9871878f677aacea46cae165a4290682768ca1c1192dff2e87b63c39228164d72d2c7abbe732f8d20

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\storage\default\https+++www.youtube.com\cache\morgue\89\{c504b8bf-f95c-4870-b0ce-f8c666ab6159}.final

MD5 45e25bb134343fe4a559478cd56f0971
SHA1 79f18ad0b7e3935c3231ced0edd8ea3c7997ca93
SHA256 dae4dd8e56ccc952312b3b238a1db294d4d7ad4f532c31cd1c2e5f9dee881678
SHA512 9b32b125c4183fe992630bc6ce9a511157959556fdce53f8264aba2aa8fb7b0e53b408b505da2cc96cdec771470927e74cba3bbd6eb71a5077e9f933cdc85292

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\sessionstore-backups\recovery.jsonlz4

MD5 577a0c589f1cb713bb89ccb090772032
SHA1 4699acb2497414b10e510c337a905dd454fc5ba8
SHA256 f41425a846f4a9d2057b7e99ad1bef8dac6e75da9a397647f3ad2f9ba90fa5da
SHA512 61141ffc37b00303cec1fa2c70e18296930099294de63b24d2a7bd56798ed408ea52d51e022932c3df8e91f12bd7d29ad27927d9c6d6ccfc627839fdf43dbe2d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 931c57336f3cbca808b958f91483122f
SHA1 5f96a8da6196f3266af6cb1de36670786769c51a
SHA256 8a0260bac11cc7fa90d8cd62c1ebe61bdf6e031f703714402795c06c6be5fa9e
SHA512 6f6d0df5d38c768b90563281bfde18328d3d13dbc9ad4595a742b65b2ec593f79c5b6bf4cd8d4f9ef519903fa12ea2ea93705032dd26548cf262290b43056ace

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57a5b6.TMP

MD5 57305dc5ffb1a2f652e3a4236c68a298
SHA1 1f204d81571ddd769a586eaecc23952e47bcec48
SHA256 a470da2bc1a8973856d04177395af7ff9f30e423121822ed1f0c9a52d341ecc0
SHA512 02a170ae8f4a1495ca87b9b4e67c02b878f59c197d567f62daad5627abb2f4159cc453e0626181a82e107695320568b02b67e352de6183966e66e1afe316d720

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 583dfa6498fbf8c0133c65a77b71d386
SHA1 f268da20324a7970aef8288d140da0b5d708385d
SHA256 311cd1765ba26bb96941f645442d3f17faaa74c18abf147665866b8320712bf8
SHA512 704533f3fbac428a0b7c98c71e31b5abb4b7b0f40227d0fb30c5c40e3ff579ae81a57ae8e7dc97cabac5d959eac038594fefa4fc6b1d7ef1fb78c3e8e335466f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

MD5 95b4805836c6d43c683adbcce74f6ae6
SHA1 455ea152e5e6fe6f462b337a431333e18d814396
SHA256 1501f48d09b189e7f0214954ea507925fcd0ba80cd8ca2ad1bcccdbaad9072e1
SHA512 ce96567484ba89afa0777a5780c853f1f3d1a0e75ce6aeb72ee3acaf778b62e528026748d19d3b8ac2e04e79c50998bf2260f2514ff5c053fc0ae278fffead1b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 52e3650455ed1e8b0082f25c97cdb011
SHA1 166f958c0fe41a2290a14e3cd87d232c1a40d124
SHA256 490d69ae17d33da26b0c5b3482fcd82340ba28c1da3c304b1d15231c995bb0a0
SHA512 e76941aadf028357dfb90adf8f9c8e512587c0e36b1531529326413a529b9fe60a2e77559422e136d6573e13962b1ee2a8b651d23d53b682be551cc78f387cf9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 c4e2d66e47bda4144e3a0d1820dbf16d
SHA1 470d714adbeef902197a06a779154cd89fe4644f
SHA256 887134f7b4f9dec12272dbe75ec9641258077ce0e95ce66501d78363be09cd2d
SHA512 5b820f896cd6c20bb056b6b726b52b2184e48ec552e6c75d4d430a3594ab4c7a42827a8966177bba37906fdfe72485c9420f470dde0f2fdbf4bb20c919a82f8d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 36f6cd0dcaf2c7035d16ded620da0f5f
SHA1 d3ac75a52c2468c15a3c2022947289822ea24257
SHA256 0b7a4c31bb27eb4d3b55ed120afd2892174f401c678ea3d6d6bc19650ef5888d
SHA512 0c15a3f141eede91af387354e8e0c6fb6675ce0a9b1f7f9009ad8f252ce120ba0da93c152f3549d763e3c9d9a59b092ce3504ac1edd982ec90e003eac77abeb3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57a875.TMP

MD5 0c09017725154586507b85d782385384
SHA1 736af0aff4eb0b598f07d555e1b65a21d574c882
SHA256 6a4c9cbee531500c818844f661c5d0894e6313434106bde95fad50eba726cd9b
SHA512 c5f5f7ac8c96127bf77c5c42bdf0f197bc7fd77a0ddd707cafbb8daf28a39c18d74badd2a34c52bb78446ac91ba7f90119feb5797a9cf575f2c39fb80d488076

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

MD5 fb93192c4418a5ef561d010d5e96923f
SHA1 03b1113ec25723ee19113640a0beb38ebd22694e
SHA256 eff284b18bf027d63a4c5895d730583592d498a47fb25c424f2a1ea434c9e9f3
SHA512 0f1aff2b4d9e14ba8df528b70fc1c57379fceda73e0e36b434dae65579afc8f5dc1ef1762093a400641594f84a50054725f28bee9c0845bdac9c38c87b95641d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

MD5 28cea5a1d7bf4f5966fe4a63efecd462
SHA1 81d1f7a0b7b876ecd54abf08c70f627deb18a7c2
SHA256 684d4e01305d0fa16738135dbddf4015e2bb1d5961f65252f97174b42994164d
SHA512 90ff690c378fa9c70cbf0667c7f0e95bb5310dcf5dd7e2d9c17e2a4613f796ef313cd64aeac1b85555ead73460d8b84fc6066311a903a499942c2c82dc67261b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

MD5 a6a6429d6a40d519b8302ba85468bd5e
SHA1 8ba0bd85761c7fd2efdd2cd79c95644c6fe17976
SHA256 c307d54fcee53c212a0521ac00f1d0fa08fb0d0ad8a7e1211add81b2b6cca4be
SHA512 693e4c4ed5fd047b06f33a592a69575d3db3ff5fc2cc7645bc06d6af42765d053121fb524b8dbdc5e41a9f72305b84a4a0dc996424961aee3dc0f5272572869d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

MD5 a13854be8b1279e60e2669f7ab99e0e8
SHA1 7f7eb5ace9f64eb67b098a46315a552b1c579283
SHA256 6083c23711188be745507a906257d616f073369353290615e87f67d682c9e6a0
SHA512 06c0dec481df20d71ea55b7c42bb7abcfd546f02b48e87fa17c0d341321afde282e698ed647ed7b1d49dfb90141c314435e73bfded3fe2ff937df9fc249bf313

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\prefs-1.js

MD5 9dbe128244c0cb5786208c01092f7035
SHA1 a265f7250289318ab59d421f7acd6421f7603ca4
SHA256 093699f81d58da38824a403a1d1129149c9a6e7dc83830aa41d75c6bc1fe2a73
SHA512 f73f93898d48cf9cbf4bfbe0f7ef786862f4f62be2f65c5eb8eba0cf36e5709cafd31894282283f1f9ac42c1d5f3813a42786d4c7b046f4c49de31de9193005a

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 31db97ff42a94205dd91e618467b22ca
SHA1 517c04e10819cac0bdf7e9181ca8977bfb2352ce
SHA256 569dc134ee8ee3b535f41c54ed33dad57fab2d5a556cadc0b1fb83e09e435f7a
SHA512 0c8fd7fddf4833122afe5bb532e9d5a4050b5d5ae06e19d4d8e4abe288e0dd95e15e7d8b17c2e3587a12ed20e3c9e2e3b2a98162e25d02191cab3e334198dacd

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7e3c68f840c7f2d7ac4a8c6e575bf9c9
SHA1 f979c4498f7880d5ea373f9db8b8fc8e6b3ffc7d
SHA256 d9dd4e97d48f2dbf94d3399e0595f34086e791af044dcfbf4579cf32e923b048
SHA512 2d09da21d6007ce7197d863dc5cb7bc9153c8bbaa4ec23a67cd25de88256ce11caeb0b938275e295bc7404a5af6b159dee280e09a4a4d152ae554737bf117280

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

MD5 1ccfec0095eafbfadaed6121bba85a50
SHA1 42138a9ad0f9100933ae9771a0570b388886130f
SHA256 233c7744c658121611b9a44ee51a360c515567f912caa14a0c23d330ca1156d4
SHA512 e707689cf462b6f89cb6d91acdf69ad1de4e15698688cc2697affb9a2ba1b1f45d12835d9fd76203f4d17265b10b4e3ee490e9f86514ce648978115a035afc27

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c

MD5 40565ae77bdd56c5065c3040f299cbd3
SHA1 326505677956a0caa2d8c422b300e510a0c44099
SHA256 a366a1cec37da47e00204083349df8c8ab365b666391bad9298ffeb692539ad7
SHA512 630930aff08acd9b76e3267597fbcd35cc74f4faf0180d8b164896b8ea0fa487f92cd054f0ba3382dfcfafd8a29d7b202ba4c291c6be3f2900cc4f64963d62c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

MD5 b09800abba264700a099ffc8280a30ed
SHA1 e7b45cb04557361f4736a7bd63533d87ca9ed3d2
SHA256 3d568a4aac6779408397cdb5aad0071805fdb1b9fc848058bd757271c3f5c8d9
SHA512 fff412f8c8ab5fc5e097a1f9a4040f68863625e96f11923aa4dbe8f65991db90bb2aa1e8d50a85a276edccbc370b8ed6baad08ec90c59c147c152a4e6f91de21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

MD5 c9365d9c2fc80267ed9a8e35fd7de29c
SHA1 05904ccddf60ece380b41beb09506d995a93437c
SHA256 e4ec74a14c01eae12976a9159e08816cc8b9e37f8f65c7ad0a823a0e3b5177bd
SHA512 ec7677614e9cb9586dcfe13d72c33d7d62f1de10d5ea2789477206ba63fda06946415c1ad37224fa22baf84f80067b13e16bae0ed1765887424ead5e80108fa5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

MD5 65fb8a888aba88d641452f3b4722adaf
SHA1 293801b04e4b67d724fb7a79ba9db9c78de1ca7b
SHA256 e0b5fb8efbfaec63d04ca1e74827dcc2a9c14d5a9c27558fa2580ffb41edf1af
SHA512 f5ea62f82e8a443d34202abfc80480a8c9c6601872be4f41218b9a1a8d1e3e139b756880a1ea99620d4792cb09c82119eeb8e4e1b43b62b1469af2269f927ea9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\storage\default\https+++www.youtube.com\cache\morgue\70\{e8f87cb5-0863-4caa-adcc-abd0b2ff1146}.final

MD5 d0d1672cc7d147f9f802ebefdb01e914
SHA1 22ed7eb147f695ec1df8ae6f43cb7787dd0ea652
SHA256 62efa98b135e5ef8779b99489ab8200b60026a5b1000ff3c997f3be230febe2f
SHA512 7f8ef8af3f57a6aab90ccda6ab1079e43630de11d14a780786a1b0f1ab057d7cfd5ab512b53ecd8ddd1bcc669fa56a0c260b2df421db64e3855dee7d63251a68

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 bee380e0dbcd72fc192f6af53d167429
SHA1 887312a46f949d4b2126d9598cd1c11932c593db
SHA256 8c0fbfd10d9c20158cead18ecde270ef3552fbca967bc0899b04ab5803514e59
SHA512 5bb36b3dee1627eed62708e6345182c630ef2955471b585f49764747c5cc53edeb1e924879d2353789cc2292dd5a103f95fa7ac22e3f17b3b088c1d42e1fff23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c18081b7ec2ab1d5429a3d75755dc954
SHA1 c33b8db1c6ca66cd0d0b362499fe99390a742f13
SHA256 a6872694ecf84fe4c30a02ae92e2c6394cc35f1aef05182728e9bfcc7b47b376
SHA512 93e6342d156f07d8710ef2e03ca21180122ea7ae70207af7cb651cc1955f430081b27ee7a5bdaa4610968a1574b83732f10aaceb530c88f2045325b25b2cb6ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ce633b88b98d71a86152423c84ea148d
SHA1 4e79db4e5c979ed7e1affabc260206388ef9940b
SHA256 d5ddd139b88698897a413c2c5d68e62d1baeae0382f03952259034f0fedaa2cc
SHA512 ff4a850c0c9143b6e9f9eb23d139befbc57d666ad2b93017ad0f8799724b8f11c76bfbc5b1459ff7436b5c854265f58aa726711d02f3d85d9c0950f93a6cb07a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\b5ec4b88-ac4b-47e9-88c3-84eda206c930\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 dfe10305e0303f33823a639566e4903c
SHA1 1fde814b5080e2f814caed7a3c991ecc709d9eaf
SHA256 38b1b2db0009c6f473f4305c29989a664d5f0fa8993491be92536fa1474a2c26
SHA512 7c33d0c0f4a857333480ae9fda52c24be03f412055646df263faf719fef40b1f567b814759dbc2923049451f2876a4ed0757b96edebd4d258c22226bbe8efe3d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\prefs-1.js

MD5 f421d600ac485b78e37e0b2d1136180a
SHA1 25a643110df5b85095bc1a0e00ef67c0326100af
SHA256 3eb326b4a2aa2188a4ecc0a0d70270dfbdb882c771d6e644a1b3670735985a45
SHA512 3784993047fd220b28dbfc9743272ef9f1e40108889854f17dc83a4d98a9d62839310269f430b81e18e1163855f2e277943408e2c04c48ebd4d3e2f756c719b3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 25114053378233f6ccd7dbcbaffb4cce
SHA1 18e4ac67739246e2c39e5e003918e6a6b5ce3be2
SHA256 ecd566f5d851f6e08e496a34e8864365a868900ed8e1672d316d0b32a589266e
SHA512 a450db1842062b0fd39d74bd84962936ec760242dee81310ffa45dec43aa610f6a06e89940d515265182be8277aa461e462056f0232deb1f030e63ccf5173d56

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 fff7d49a8aff5c06dacdb6d0f85da121
SHA1 47031f0685941e9aa197ee20f2f4d4f7765a3069
SHA256 553731640bb7a713a6d2f5c72f47c8fc17d3a69c8933ee73020c846afa644509
SHA512 06930fe7ed6fb73048c19967806f9870acdf755e7f6b00b07cd1de60a43d078e8b036fd5e9357d3cd95fa7b359e00f7ff31da9a5f5fdc491cf866b3969964aea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 87a588f4a13f2b575ed60556b6370b51
SHA1 881e4e65ad7721c01b8834809b89f22d266e847a
SHA256 5ccb5fd187aa1f3cf8d4de8d081033192ded03b7916b40483bb99c3013c9acc0
SHA512 9341c04bbdccb0bb342ca7a8e1fff8756b04a2500d620841e075f46c467b20096a98dcc23212fca04ef05c66fc9445cf62b1ebea21349a3d16530c50630eba55

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old~RFe57dd50.TMP

MD5 32a7c62b9f76fc1070fe60a2fa12ca02
SHA1 bf87b0f9f095980436be4b54d1f008b33f6ab170
SHA256 95158cc40540fce21c7f413c1d747b9af6b4db0272d35d63d43537f83bb7a38a
SHA512 3a30417691e1b7c94775d5947a181b83684757139beb5e359bb3e0f7eaf39a0f4d27ebf109f7b1b7943bbfda6b3a7326f8dc773c14dbd5a8b38dea13e133b1ce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\sessionstore-backups\recovery.jsonlz4

MD5 52cb0517d6714a1d8ea3823db244fa19
SHA1 828a0b8f2221d7624bf7034cb2f31a4672ee09d6
SHA256 2cdc4b69945027a7638d64e5cf619979dd147aed05e88d832513ec12017a3627
SHA512 d41e86aac44f0fb5b1928b931f92d77324903697a0c4f598b026fbf6652b842d5cecabc6f597877f31b4993a7683ac995b8199e9382d8bbb7cafe6ccd2a3c336

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

MD5 81ac05c6d01d84d913a56c11909cdc7d
SHA1 55f6bd5429c5a35ed53caae2cd50d856edcb7883
SHA256 b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5
SHA512 0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0af356586a3f1a9f1583e067de72cf5d
SHA1 3157473de946c8751e90d2bbc8c2314f76ce7fab
SHA256 dea10873e57ae24e0d609a8c8d7524cceb5bcf27b5053e337b7c92d1dcdcb068
SHA512 e104fb914082a5a70aa911f317de7a23c3dce533d52cf771709c41007b95350a6360e1e14d024f04843747a2bc7aeb6ebd3357950500f022db1de47d5561f1d8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f

MD5 709f7544bd3e74c424113e6853948595
SHA1 a8c1d9e6c8493091727f0e303e45ab92b773343a
SHA256 0f2a35c8b824d54b483d0b2ea10964bb7af8eb6b1c86d40efbac4c55e1123a2f
SHA512 c2ed4cbb5e48d04eeb63c94d7d88acec5af101c2da003a34379023d8454d810ae357d0b4265da7027af38889fe307ca597f815111295ed62520f39aabeb2020a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

MD5 7378f426d93d2f806b536db7d5d1ef37
SHA1 3b7a025816a583f4d77e2d446666cec3d280143e
SHA256 d40eeb6f1bcee392df7288d7ebb484b3e8fc769fa52d13a41804d59573799087
SHA512 44fbb6d3b806dc28ad340c33163649a12fbae9bd70823ad39da45a36e3325efaea3e4d060702d0aa08f417592b7a512b967610e361b08101e7f981bb9cedea5d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 bdef917539966ebc126e3b2fa768c959
SHA1 147a25e186988a076ba45877b559ebfa1d306a1e
SHA256 dd24ca48ec40a910b2662511eca2f29e72aa6f2403726f89e097e0e0ce579f80
SHA512 ff496018389ced0d90b1cf784a4c6aba7ce100ab672c0a46838ec955ae904e69485f12b17edbf621a9f01348c2bdc66543e69a9517e5ea30b4a3f5ec23d49fcc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 cd97983cc6b8848b19ca1cb9f0d1d624
SHA1 2008dd87bc7b9c0dc47854a089a8730f2327d538
SHA256 4c9711e2ccd88bd2f1128d0bb8a972e2379048ad90327054258690736afce75a
SHA512 aace37a992283fbab4d91f485f69b80b9d9d0e19672f8401a086e327749535e8a81f7a19e712a34ef2b1e64466fa63e9df2c31714caea5d8b7285ed8082d831a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe580068.TMP

MD5 91a65323ee494b5e7d7c8671ca65a25a
SHA1 4342d9978024aec0ad538b2a1360cc92f4abf5bb
SHA256 8d011be731c104fb020e43fe5684b29261e0f35d452083f131e521a1eea952f9
SHA512 d5d53e81774cd7e01ed32d9d04a9591a0434487b55f3beaba75ffd96b3890e4cf25c7363ff80f73aa9bd7cf1da161cdfc68d56e1e719a4d8e489e10ec6a9a3ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 526b212055ef41aa09a2d098c78648e3
SHA1 4b205f0945881897241b044ba586a685b751c8b2
SHA256 adc568cb0d1c92e19ef75852dcb554aa78b363854a218508694492332bc3cfee
SHA512 1fa56f4233fc548e598f5dccf250a26572efd486f822456a8fc36ff6406b88c1593e609ef0e4d9d89cdf76b0c4a5eaaa1648d4039822918797c99f8441a46616

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 11d014407ad885210b9825300bc1b299
SHA1 b809930309aa9bfc848e35848d7bdacbb381d191
SHA256 52dfb9229a6563cc8685a77bb004649db12b8df1aa47438e2f2fd391d5c8020f
SHA512 2cebe418ef3dc9f0c6eed440c1c55aa66073eb393c8f8e2b04c9e13b8e645fd11efdacc9472d2327fa5e7be04db9eb94ec1bf30eacb7a7613751e7537b7750d6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 86eac13ae042c5838d20274274d5d82d
SHA1 a1edc2336435162d57edd8e9a4a2b7ce2d693fdf
SHA256 2c700f68f9355697fcfb8a1be428158cc2937d2e0d01c0afbaed92cb2cb0c125
SHA512 313452f845e01faa3b45d9b37dd7db8bd1f2596684762d9affd50c1479c73592f06160f459c1fb11e4f7f38d185208b9c86c373f1abf34349daa3314382e337f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 4c44a4c4705e1e7ff214516345726b38
SHA1 c50da19ec6fbd99ee4c4f305e9ece188e0d19233
SHA256 7202e097880e3d2f06bd216cc9277332b95ff8b7d3a676d3ce89b869eebed990
SHA512 58c1de9c2d940b1d6195d96320c3b15030439ab71b1bf6a0d9e67c88213a3d1d29602a3079fbe4ce9cde6e6879020c05c237e1a7517c942b6c26f9da681da979

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d70e48b017f0542e0ab6387e16d28274
SHA1 9af73dd1f817207aed461e862614805b0edf58e5
SHA256 2efcc035631ad4cfda7a3da42ecee2c137a8f631a78478cbc09f528a7a7e06f4
SHA512 42de08c758b44dab53a92c09adb937cddb82221a849559036be63f644a7617421332260022af9d29878fe7d8e498e4fcce328a4e5dd7118c0a25ec6a230d1f71

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 5429807a254cd29647cdb9b91be4241d
SHA1 e8a04831bb2a59a5dbb4039a32326d1aeb3abfa4
SHA256 19fe806f4bf4192bbacadb3888eaae62154dfd1bb85f9c69847b6a46bbf67d28
SHA512 a723014d7e5bf2129e984ab6e866a2e1433cfd6b0b79d7dfe6e00e4f485062cb23a041c610eb75d7dd785db7764f7fdefb4b66508502827a02f3506a48bb5d1d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\sessionstore-backups\recovery.jsonlz4

MD5 7bc92e77586577775c7a8b46a23896ef
SHA1 52526017728c1d5f8d68eb1cd338c2b0fabf5add
SHA256 01353c47b79fa11bdd1231bfffc462bfb27eb63248971ced4e69b32738307f39
SHA512 d8ca052ff8c34ba41033c609ab76894f8e20f300fa22a286694b12736ffd131bce1a6fc28854850469aa8a209bd5489eb5cc1360f63d27669d7b1802e4816a84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 f6d1f5919873f1f75cb4e94ebf23e8bf
SHA1 30c8d4ad2178efa80a5de36b7f5775245ae57ff3
SHA256 8a8e5778d30ffb7222bcefb65cb0cf23b8bde385448d1bb7bbed85982aa19dac
SHA512 ad7cf0f55e89f3722068be0c2d232f66cd7a9fe51eaff753ae4f775c615cf86f72a3f08b31dd6721c7accc83a2d9ca08aed302cb55a5414d45e6fcf66fb5935f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 3967e713f7ebaabc26d9a198deb7e1c3
SHA1 944da26f23a0a5ae93a29d128055cd4745903367
SHA256 452ebf6f1c99fd29a0f015f75fc02d502d8d07f27ccd4ffaf3f23b209ae09e9d
SHA512 6693da33a72b3c2e460efc6cc36bf4681c7a89fcf5a3e72da73ead632ad8020e2a061d8d5e2a9f4f8bcab5ca17d72a329b916935aa9d0925544dfac961b6f757

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe582e20.TMP

MD5 de2760411b11b459b038e3a49810435f
SHA1 04b24bb1213a5f3d49d02f3bc7fa69f39e489bc2
SHA256 2ae14dec6549c28f832ae9dd7138ee16c53f91ff22a237c79a5f95defc947d3d
SHA512 35c2d5c871bac16f734f40d0000c2e140bdf004b094c6d063a089de50470f3d4c995d858c71eee6bb1bde49ee6fa7c3b9d88b56cac9ed463edfad4ece484315f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 58631d8451851b3ba85c15bcef6b2aec
SHA1 eb5cb1e75d9d6743e715b9426a470dadf8d8a77d
SHA256 8add56de995747d37e3192cd8fe04093cd94fa79f28169fbb93b2f99dfe6cb13
SHA512 3b9b4ee73be8cc92e6f9ed83d081426b56c9a66fc29a28d239780f7481da68edfe37d5e192365cd402a7e4f85a8ff52234e5976ca60259fb56416986208630e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 532e01a93436ade4a882a6e2b7cd2db5
SHA1 9c2c18eed6fd357ea5b6f7c208071d61db6aee0d
SHA256 35a0441a784d48cff448a8579e760185e5c9dc7d61ad059ff89e6be69553befd
SHA512 42763558983c6d4b70b7c0e188820c7885afb583ec46acb65b61dd5a6df8f70060806d4e8f297330f83861345261e92d63c06970e58732f8453a6386a2336b98

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 1b1251d8f20c50784acbbf033a11514e
SHA1 2ce308bed3e671d8b50247c77a80501877928cca
SHA256 a00cc3045240ab0c189a66a1629fe3c9e9256268ec3d7df3b3da3daf2987db6d
SHA512 7eeded95a8aaf3e94cb94458863e3617d787e6f0aa7725e898c6195b4043db56c02d027f24a9b1ec26554cbc4389efaf76324fffb76c15b3631b1be31bd96b75

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e95c7cb9006ab7b0d18e51ba3d58278e
SHA1 d9737cf5fd0a1ac1cd5407d35bfe3cbd23a319d3
SHA256 75f8d534b3c01c0181098705994436b224b2486bf9cf45e0faf3d8bc4a84458d
SHA512 453927e98045cd9649ec7f70f2397019df7eb9fb2453f5b4858a9cc30567d4252ab650c31bf0c721600f06db30f13828ba9246267f555a96cb56d9dfd19a5ed2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8a46c63f662345d66b1647be65c418f5
SHA1 966629328a87611eb404f8728aab37953d347a40
SHA256 d10a6661db41ce6854a3c5b81574dc54338835dbf45cab52830d14c951b940e4
SHA512 d3d3f103e2db915280c59842e7b053f54aeee36f44ddb98e3cef84299e79e19e6aad8f94d9846915df39823ff4b6fb41055f2b67513f4535698b14fccc0d686c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 726416626fcce0e9d36df6b6e567b4dd
SHA1 ac01b64202dc7bc92ae2b09b64e44bf1af3f5747
SHA256 b1142a78e86052db3889fb8ea68ba6eb8cd89a1798a781cb75d94245db50161c
SHA512 b54159352b4d18dc5ee6363153fa41f7019a97eba3335669ac2918a0e3ce602a8652b2a212d6e6240f7f97ea1a1c3a8526e1c8224017b7a6667f15cb034a5e41

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 e7fec48e6000d77990d75e89592974f4
SHA1 6edcc5e062c86fbc383859ae59081b7ce36deb1c
SHA256 7577c5aa2d6cff50867a0000a811b2e6cfd874688ad53a6263144047f067b9a2
SHA512 3effd89e555b71018d8fa2ded51b2e99450ee6626ff36d87651a262adf520c63c228aaeb3bfa20c6fceb263c528df5ade36678606b07c9ce767cd1334a2faf7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9e09a3d12e146e219f1b1f5eed283839
SHA1 80ae2efc520dc18aa20eba90a3eee30be820b5ae
SHA256 4c0a2f49d8e9bfafbc424404df753416085627c7e1713818ec0fc617d83e7716
SHA512 9ac2d886ba08d076f9301d25b503759aa63e02134f461c0349f1e39054f1cd063e9d1d2136ef9481a43ccf7f6a6add8f2e9a1f71c260d8f3df14b2a18b3fc40f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 d0900be3969f24485dbdea5cf2d6321a
SHA1 23b2ebe341d1b30aecb937b923217432165b0155
SHA256 1ba2a01f8f90db9a63c048de76dfc07987b78fdc2e1ea86dcac932e76d652052
SHA512 7f17b9e943e831fadecd2bdd4eeb7645b2f15bf3de90353b03cdebb0b0ab69d4be6a782f79a6e91b4ac27fcbab1bf8778a9389953add7b8fc952e4b5a3781b5d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 984911375278b5cbd1528f95e77a21bf
SHA1 65d695cb3dcf1fb0b4e52b17d211aad8dd0a7953
SHA256 81a9a22170c8a5375980875eec7b90d31c2e9ff2009c69db468b8bf1dbbf5637
SHA512 bd03e1dad7a7a0b885b10be4dbf94181d8b001b58d355ec84a1a349b167d20b6de4e6ad7030758d0406a55f397bc13d3c19636e95e3bbc927bfb79981012a288

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ecb78aa97a680df69b0e1185d0e6e3d3
SHA1 f258694e75f667bd20c7e68aaa41aa9b68f33a27
SHA256 b54f36ff422d3760e43f8fb2154973976b41165ccfcbccf2f79785e03e92d148
SHA512 15a337a92ac323404a2c28cfa242d7848087db6cefc2013550dafa3fc10560ef80279ff3a667795ee54f620c2a1dd2a9cc2a7d6d39a6677631d4c9c22884aed0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 9fd28f61b0ead45af7ffd978dde5401b
SHA1 baf98182ab85f3992cde250df00f07e3ea363a1b
SHA256 ff592f782b6b686ff949f57eaa0ec927329d85534cf279414bd5c0a0bf4d39b3
SHA512 0afd9e796d9cbea3ee53c996005ae37ca1a4cab9165a52895a7575d6f1ca81491ceef0e4d343d0ca44548d8441d06c61a5f8285f9c11ed12b6246d23f2ea642c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 88345b4db4c3a4023bbc06730fb0b945
SHA1 f45aafd76482eb78207361f4e6783f66cab96400
SHA256 84a48ebace103823107a3d451d8826ddede4ed599d6e2e3c2114166cb0412e3a
SHA512 2f8a4137336a3ca37fe923fe223b9470ee54adba8a9ceacdc15b84ce1372154736eee8f84210976fd39fb7936ef2748a093fc70da97dc18d3e6b6256586c3eda

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 399192555137a5acdbb0c22141b4d55f
SHA1 4a9ff1ca63697f73af6fb39d881810dfb0065a60
SHA256 5631f89cf3790c144c749fec2e3e10525676fed9f2193c501f35eb8ea1410de8
SHA512 520a317cf33a9ef1589ca5aec25caddd17df9affc45cfed84fd2afd6e2e13ed962a83571ab934eff02581c5a68558e04c8fe2d37a61a20575e156f62828d79b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 ad140312efcc6330e38b986fcb6977f6
SHA1 19eaa9de1095a18b44cde0012e9f21c35ee87cb6
SHA256 243e1ea32ddb4346ad1b4e41088e0a3068ea4234e4a106513b038b29c3330c07
SHA512 8d49acd355ab71ac7a6497d2681acd06f6446ed12c78f712794c577d60c58edfea752a9198b852844ffa3fd42643c7a0364b28d3f41317a291f8e31b175db36b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 89305cebf4aa22258ca525c797d79c10
SHA1 d4a500539d0d3272d958cb0aa88080e880b3b80e
SHA256 d302ffa5191c5b7b8497b47310a88e05d26c3f574876e5e42a3611ef64e267a2
SHA512 7045f982013f20b01e33e8b5a4a7ea4d278728822c73cca0700315e887681c307ec5322198e4294e5a91edabce29a9a50985701ce734981ec6e1fb340eb2afad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 b2398f18b9f7ebf6e93a6b04e992dc0e
SHA1 d646dd12044bd78aee292b5aa0b5867963752223
SHA256 a346999d56e25213c11c046ac4a1acfd27762b94183b1916ca3b448e74433db9
SHA512 effd67aabd8ece920a2c7d2a6c03d229c10acfb668ee6fe1e7cfccd91f162c942d368ac53307a87d20454885f7d7e6a6fb414180c4ec27862e74f44b6bc7e512

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 bac0882454bbd5c2814cbabe3f578e94
SHA1 d1763008f5d07bde19ede6034255d5f517d64c25
SHA256 90502fcd5c801041585cf17ccf0fdd24689050eae398b2a36557a8ba91ce534a
SHA512 86972a6fa4f275e1f24a7e9b88f039961046234fcab3f7fd10eb08c1811ff5a36d1531c4bca2ab375aebc6853be1d4a504cf8a535e15cf23b3241394102198d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6b74b52b3c0600b520b870d86b42d79d
SHA1 837107ed6c7667a326f474971dabfa790cb8bd43
SHA256 530bc19879b2e0adce839a14ca6b707da009a95fb3caa5e6e2848539b29efbce
SHA512 c08ec56360afd59a5e54c8aa5eba9beba32b04bd6ebb919942ba724907e572f12627435cd12fe6a334730ddf1c048acbd6cc4d6820ae87e4e5247b7f0f59f5ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 ce83a703c313ec3a506a54439f74c483
SHA1 94e7115b521bd265a3dc0480dd3ad16935688c89
SHA256 5bd3a76c0500c9d85ae63f746f447adc97d22c0c92fcb06c601b2cc202308e15
SHA512 6f3c350f0c13f72c582fee572d80c3e4f1de971ee4f4865b48c75fccb2a8cd00069363254411e765a7beefba965f02f5701cfd876f111cd9fccce93e814595c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

MD5 649469fb57d3a2bd4c5b07a445cf7346
SHA1 f0bdd6db4fdbaf850fa2014cc804c031640d6e3f
SHA256 553ebd7aac6371637ebe709d6ed9247e9d65fb06a79dd536ae093123a331f3fc
SHA512 c35482180788985217b6e356e5d6cc6cd0cc62fc106cd515766959ed929295d464b24bfc085b0692ac4760b4fe8f8982ca1664107a58d5665d5a09e8cc36f223

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 cd4bdad2017943a1871ec1f7c2e203ca
SHA1 762975b9e3c5cb8cf8d8f9100a51d4a07ef5173d
SHA256 0c2aa15ebe661cf1c0370fcb9f3046e6be8798f98949651e12452c4758b222cf
SHA512 af503713976838990011a6f0291c29920bb60711bdd6faaa0cfe34991385b02861a68f55ac38904486fd1951122d4aac99f0aa80a9e320c1e3168abcfd40ae23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 3512a408d3e6e081b73ba3daf2a73890
SHA1 15ed8815256a3453a66976c41fcfc236ac81631a
SHA256 6464665121cdf63c3dfea91f1efb744c074ad78d5dcfa150a5eff9255376b895
SHA512 9f104d6516136eaf93d73acd0c50826d71b0dd465d1971e4cd70746c2118222a819d2140282ea7de3d7e8b96d9b9734ad6f36ef18e6e9c08b1f609d1a96c5752

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 958ac7558cf141c69361ce9d906ba039
SHA1 761c2777bd9f329f899e1d7da626279e2d37e5e0
SHA256 21b5b4d06c943070225ed9ebc7b9c9a6fefd35f090b5d1999dce7ae7be3e0316
SHA512 5e3d3265dbf579b1e835456499553a07b789fe43bfa189f3ed00eb3bb4ff01994cfcd991f72d4f277bef0a59a027cf454a14aa9f2ee35850364ba434e6fc2b45

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 77e0a62d1f8e4b5842fc8db02fb0cf33
SHA1 4c2ad12038219ea9ed367e6def6797653e9decb0
SHA256 7b8d15ace50f54963e29ef6b866e60eb86d94e609ef97af69fa4c26f3b08c71d
SHA512 d41454f77f5dce620dd170a8ea9be134f0e614dc1471545db5dedc9eb6762a7f721571d6b9770da8568967f82989ff9299ff34b43acc09f2f81e0c828b640325

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7f1ff997a670dc87ffe0442b181c60f4
SHA1 86b2c6184d2e7c68b097db08f7fb8a4d5c6f405f
SHA256 f871e7c45949cccb4d8c540b60bc22ad2b8e0e8d5be48f8145ba7fe5ab8ce785
SHA512 706efef47fc600af363a35d2d8ab005e5d6351ccae6a1a0e418cdf926989b71e42b59266026c6523516d4d0c61e4a859bc6e1fb259f072b972a84da92888d9df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 11c206a98e2644cc4600dad8bae53474
SHA1 c255535d15df8cb108472e880be1471b8da70889
SHA256 c9f4ed9eceee64ea574302421303121dfe78a1013611444677e0ac749044b907
SHA512 10d0d83b349e98685e471aadb4d6658537ba7a16fc6cf998facf65d1da19a5dc01cb01058a978af087baf53e3711699d315371d9f15d668d1f81887b8e09ac9d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 9e72ced9781300f269194ca5dcb2e581
SHA1 a522cc2e6894aecad9fc0cab57b8739bbbd0f4a1
SHA256 d40b7660c4079845e5b6154d6f05d30eec4f17b77346da9f55494c0794f2f3bf
SHA512 14e91958c45452e3ca5ebfbc5bfda4aa936dbd9795a9b6effb742c7fe7014147b40f4fc24eee124129aa282d340c9807ef0e50200f80bd4bf45d739936580eb8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 7d0faa37a2dd2d3b1ece3ae300c41237
SHA1 d6f47879b86c80a2464409339dc51a414dd6f9df
SHA256 f004d1de886601b294fb0cabe98119e62d2da89e2f0c34656ea62459090734d0
SHA512 1f052ac0d87dfb4358c4e634665121e5dfc25d2491fff4dbba4d012957d49e4079284191832af5ab4584212d81b422061ecb0035b981cfd0d13a445686974b0e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 40339af3efc69ef717c91dd9fc9f8edc
SHA1 137e186992ba2df6a8e9d2abb8e2c731fa465930
SHA256 fbe7b0bf4bd3466ce6a104f5801f6413be325cb49cf007839560fc24b5154cc0
SHA512 958afb56bb03b2abe9973a466ec7a291d1697919c036ec11d2082772749c26be6bb1949de6d8ebf8adb2641a7af7fc09b466c9d96d27d216248b2f5fcec97afc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 3bef3ed94d8b79766a87417659f0b4a4
SHA1 93567238e29be84f779c29771f157f3c6f2e7479
SHA256 7bb58cf457eae6edbacf5489ae73a13022468411dc0fafa04d8cd3e91179f104
SHA512 cc6a0fea1a4ae11cdf2b1f7efa5aed6ec133aa86648af4887d433ad9e0903c81812442344b15901d486fdfb31199b585a6f1bcb2ad16d0f7cc56908cb8965ddc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 cee0567f10597efbc5195cc568a9467f
SHA1 dac5c12cd1d0f1d4375be9a8ca8b3fdd62cf6976
SHA256 4bba7fc8f0e8c8a77f221b102e025d8dd96958368b774947c53328b2c768c0cc
SHA512 a8a65fea3b8b8ff1fc19d1e6196a9287862d2d700669f15d489174031488ff10ea4f7f48a0b4668c35cf33fe4e46e1722a484af6a3222d8a747eb5b1658b5fe9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bb573a8512a5756626392b969c139a8b
SHA1 68985a864f57eeec0dc8205d5d465f593cc4be40
SHA256 f2a8469a7128f415a42c7438c8c0e4e84b9ec8cd3760492f319bff03d9a62541
SHA512 1bbeee7603a4a9f12cd353630e79201d172498e5ade744e769ef5ed3a78c4b6a916aba31eac188d039ac3dd97de5e3476b3a1e35da0c7b26790b05e91b690b0c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 01eee2b7e8cecf95b84ca82657e7a8e9
SHA1 d39e404f6b4907eff7e4b0756dd78b488c1b79ac
SHA256 d6e03ae1318456623162afd0079c51ccde44538f5ced10aa1ef7f54a1c418e4a
SHA512 5946b8eaaa5c1c6b214780472bbe499e89486d0cf20e6f428221fd6a437dea88d86d92d44cf8793a64083fba181c53e399482817b4fb1a1223a33e2b5186123a