Malware Analysis Report

2024-11-16 15:45

Sample ID 240219-qq8e1sde5t
Target c285eb3563056fc4e2ebb40c076eb2ca.exe
SHA256 84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed
Tags
google phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed

Threat Level: Known bad

The file c285eb3563056fc4e2ebb40c076eb2ca.exe was found to be: Known bad.

Malicious Activity Summary

google phishing

Detected google phishing page

Checks computer location settings

AutoIT Executable

Enumerates physical storage devices

Unsigned PE

Enumerates system info in registry

Suspicious use of SetWindowsHookEx

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Modifies registry class

Modifies Internet Explorer settings

Suspicious use of SendNotifyMessage

Uses Task Scheduler COM API

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of WriteProcessMemory

Checks processor information in registry

Suspicious behavior: EnumeratesProcesses

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-19 13:29

Signatures

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-19 13:29

Reported

2024-02-19 13:31

Platform

win7-20231215-en

Max time kernel

45s

Max time network

149s

Command Line

"C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe"

Signatures

Detected google phishing page

phishing google

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (data) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 1082f6af3763da01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000969d72c3e5a03a40a0257479feadc03a000000000200000000001066000000010000200000006076a9d2f08258a3bf3e9aeebcbc2080cdb013e4bdafbf30c4f767f4db45bb94000000000e8000000002000020000000279f60d7f6bae7977119906906c46c633c37e51a5e951b0405228bed14b6e56e90000000021c34a9d842f05958fe26c3b57c38ff1cbc36ca22be979ec564c3d72d970a22e6eba8b69818f5b52a11122a46d9e9203f35865582c855ec443804ab4723c8480ee974ce02a6d9f1d34741752193fa49b139f899817cc13c90a6d9189755898c594ed9dfe173a4c9e5b20dc068223a7cd9e236b9f4479849134a4b85af5beee06d43cbd831932799a234ebea48ef1f9b40000000cd1bbb2febe9e60dae7bb45571262de04937dbe8c43c3cc4d211d4c60ed674eace37a8211c434c7fad965fc9d6e96c1dd52ba3a0ac23f8e568f129e4ba921390 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000969d72c3e5a03a40a0257479feadc03a00000000020000000000106600000001000020000000b579861eff78539512e73f3c4d66b4e4d53a7bbf81605e2d154ba88316a59c57000000000e80000000020000200000001dbfbfaf27b8b35f9502366d4d808b35f42171e869c344b6df369bc97ea4f64c200000002353d4c891b4b3d4b738fd64ac33e8599024caaecfebcd6b77cfa0cff36d03ce40000000b8073adaafd30c4b2bb830faf2c5a395ae63cdb4a09202a4b51749947a765f6151dd1bc977bc26df91ba5f37cb949a703ebebdab284758640d61d0e5ae188060 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\DOMStorage C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com\ = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{DA57DF41-CF2A-11EE-9610-464D43A133DD} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\DOMStorage\facebook.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{DA57B831-CF2A-11EE-9610-464D43A133DD} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2476 wrote to memory of 1764 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2476 wrote to memory of 1764 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2476 wrote to memory of 1764 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2476 wrote to memory of 1764 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2476 wrote to memory of 1700 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2476 wrote to memory of 1700 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2476 wrote to memory of 1700 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2476 wrote to memory of 1700 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2476 wrote to memory of 3016 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2476 wrote to memory of 3016 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2476 wrote to memory of 3016 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2476 wrote to memory of 3016 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2476 wrote to memory of 2664 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2476 wrote to memory of 2664 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2476 wrote to memory of 2664 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2476 wrote to memory of 2664 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1764 wrote to memory of 2332 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1764 wrote to memory of 2332 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1764 wrote to memory of 2332 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1764 wrote to memory of 2332 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1700 wrote to memory of 2720 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1700 wrote to memory of 2720 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1700 wrote to memory of 2720 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1700 wrote to memory of 2720 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3016 wrote to memory of 2584 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3016 wrote to memory of 2584 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3016 wrote to memory of 2584 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3016 wrote to memory of 2584 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2664 wrote to memory of 1636 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2664 wrote to memory of 1636 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2664 wrote to memory of 1636 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2664 wrote to memory of 1636 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2476 wrote to memory of 2408 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2476 wrote to memory of 2408 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2476 wrote to memory of 2408 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2476 wrote to memory of 2408 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2476 wrote to memory of 892 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2476 wrote to memory of 892 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2476 wrote to memory of 892 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2476 wrote to memory of 892 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2408 wrote to memory of 1760 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2408 wrote to memory of 1760 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2408 wrote to memory of 1760 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2476 wrote to memory of 1268 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2476 wrote to memory of 1268 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2476 wrote to memory of 1268 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2476 wrote to memory of 1268 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 892 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 892 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 892 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2476 wrote to memory of 2864 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2476 wrote to memory of 2864 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2476 wrote to memory of 2864 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2476 wrote to memory of 2864 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1268 wrote to memory of 2812 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1268 wrote to memory of 2812 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1268 wrote to memory of 2812 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2864 wrote to memory of 540 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2864 wrote to memory of 540 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2864 wrote to memory of 540 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2864 wrote to memory of 540 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2864 wrote to memory of 540 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2864 wrote to memory of 540 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2864 wrote to memory of 540 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe

"C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.linkedin.com/login

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/video

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1764 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1700 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3016 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2664 CREDAT:275457 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6159758,0x7fef6159768,0x7fef6159778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6159758,0x7fef6159768,0x7fef6159778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6159758,0x7fef6159768,0x7fef6159778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.0.1887713156\666565486" -parentBuildID 20221007134813 -prefsHandle 1256 -prefMapHandle 1248 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f34926f5-bef0-47e4-a188-71bfc1db79e3} 540 "\\.\pipe\gecko-crash-server-pipe.540" 1368 10bd3d58 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.1.1048296916\159674601" -parentBuildID 20221007134813 -prefsHandle 1552 -prefMapHandle 1548 -prefsLen 21610 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c1241146-8b0b-4e7f-b54f-c3304c6faf68} 540 "\\.\pipe\gecko-crash-server-pipe.540" 1564 ee4058 socket

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1092 --field-trial-handle=1184,i,10176959685475085287,9168113538067006570,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1548 --field-trial-handle=1372,i,5465150004888359407,6128183975937664691,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1516 --field-trial-handle=1372,i,5465150004888359407,6128183975937664691,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1072 --field-trial-handle=1372,i,5465150004888359407,6128183975937664691,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.2.443530383\426290183" -childID 1 -isForBrowser -prefsHandle 2088 -prefMapHandle 2084 -prefsLen 21648 -prefMapSize 233444 -jsInitHandle 736 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d3ab50cd-b33c-435f-8f28-098b723e90d9} 540 "\\.\pipe\gecko-crash-server-pipe.540" 2100 10b5e758 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2396 --field-trial-handle=1372,i,5465150004888359407,6128183975937664691,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2248 --field-trial-handle=1372,i,5465150004888359407,6128183975937664691,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2240 --field-trial-handle=1372,i,5465150004888359407,6128183975937664691,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1456 --field-trial-handle=1184,i,10176959685475085287,9168113538067006570,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1140 --field-trial-handle=1164,i,18209571546815396699,9368645648849182611,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1416 --field-trial-handle=1164,i,18209571546815396699,9368645648849182611,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2772 --field-trial-handle=1372,i,5465150004888359407,6128183975937664691,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.3.275335017\199509758" -childID 2 -isForBrowser -prefsHandle 2792 -prefMapHandle 2788 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 736 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {07b67678-aa62-4b06-9ed8-f399a74c7e31} 540 "\\.\pipe\gecko-crash-server-pipe.540" 2804 1c783758 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3448 --field-trial-handle=1372,i,5465150004888359407,6128183975937664691,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3672 --field-trial-handle=1372,i,5465150004888359407,6128183975937664691,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=3756 --field-trial-handle=1372,i,5465150004888359407,6128183975937664691,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2548 --field-trial-handle=1372,i,5465150004888359407,6128183975937664691,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.4.1808846951\1543444917" -childID 3 -isForBrowser -prefsHandle 2980 -prefMapHandle 2680 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 736 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1a7f3d4d-ed8b-417a-ba3f-0452a0185747} 540 "\\.\pipe\gecko-crash-server-pipe.540" 3796 213a3558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.5.1409480047\774645963" -childID 4 -isForBrowser -prefsHandle 3904 -prefMapHandle 3908 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 736 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e95c864d-a69c-4f8d-bc57-3b74344f5444} 540 "\\.\pipe\gecko-crash-server-pipe.540" 3892 213a6258 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3820 --field-trial-handle=1372,i,5465150004888359407,6128183975937664691,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.6.723854040\1266620497" -childID 5 -isForBrowser -prefsHandle 3928 -prefMapHandle 3608 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 736 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {67b5a504-52d5-4c51-854c-1ff05020618e} 540 "\\.\pipe\gecko-crash-server-pipe.540" 4172 220b2858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.7.1825898891\1762545507" -childID 6 -isForBrowser -prefsHandle 4160 -prefMapHandle 4072 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 736 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e111ed44-a529-4ea1-8b73-c28a7ac12162} 540 "\\.\pipe\gecko-crash-server-pipe.540" 4060 2179d258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.8.975379722\1983326551" -childID 7 -isForBrowser -prefsHandle 4376 -prefMapHandle 4380 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 736 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d0ea88b4-9849-4a07-bc54-f5ba9f1a6107} 540 "\\.\pipe\gecko-crash-server-pipe.540" 4464 217a0b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.10.728602089\976243204" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 4684 -prefMapHandle 4688 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {775ef9d6-0676-4099-bec1-2a035fab3d70} 540 "\\.\pipe\gecko-crash-server-pipe.540" 4736 2369b458 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.9.267021489\1500478653" -parentBuildID 20221007134813 -prefsHandle 4700 -prefMapHandle 4640 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6ed911a1-9198-4a90-82ce-9acefccd6f92} 540 "\\.\pipe\gecko-crash-server-pipe.540" 4716 23485958 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.11.1055046656\799827339" -childID 8 -isForBrowser -prefsHandle 1900 -prefMapHandle 1896 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 736 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fe24f738-b26a-4a49-85d8-139c4f5adf8c} 540 "\\.\pipe\gecko-crash-server-pipe.540" 4908 e5e858 tab

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 216.58.201.110:443 www.youtube.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
GB 216.58.201.110:443 www.youtube.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 static.licdn.com udp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
GB 216.58.201.110:443 www.youtube.com tcp
GB 216.58.201.110:443 www.youtube.com tcp
GB 216.58.201.110:443 www.youtube.com tcp
GB 216.58.201.110:443 www.youtube.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
US 8.8.8.8:53 m.facebook.com udp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 facebook.com udp
US 8.8.8.8:53 www.google.com udp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
NL 104.97.15.51:443 static.licdn.com tcp
NL 104.97.15.51:443 static.licdn.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 fbcdn.net udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
US 8.8.8.8:53 fbsbx.com udp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
FR 157.240.196.35:443 www.facebook.com tcp
GB 216.58.201.110:443 www.youtube.com tcp
FR 157.240.196.35:443 www.facebook.com tcp
US 8.8.8.8:53 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 216.58.201.110:443 www.youtube.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
GB 216.58.201.110:443 www.youtube.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 44.239.198.133:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.201.110:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
GB 172.217.169.86:443 i.ytimg.com tcp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
N/A 127.0.0.1:50125 tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
FR 157.240.196.35:443 www.facebook.com udp
US 34.160.144.191:443 prod.content-signature-chains.prod.webservices.mozgcp.net tcp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
GB 216.58.201.110:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.200.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 142.250.200.10:443 content-autofill.googleapis.com udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 rr1---sn-ab5sznzd.googlevideo.com udp
US 74.125.174.102:443 rr1---sn-ab5sznzd.googlevideo.com tcp
US 74.125.174.102:443 rr1---sn-ab5sznzd.googlevideo.com tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 74.125.174.102:443 rr1---sn-ab5sznzd.googlevideo.com tcp
US 74.125.174.102:443 rr1---sn-ab5sznzd.googlevideo.com tcp
US 74.125.174.102:443 rr1---sn-ab5sznzd.googlevideo.com tcp
US 74.125.174.102:443 rr1---sn-ab5sznzd.googlevideo.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
US 8.8.8.8:53 accounts.google.com udp
GB 163.70.147.35:443 fbsbx.com tcp
GB 142.250.180.10:443 jnn-pa.googleapis.com tcp
GB 172.217.169.86:443 i.ytimg.com tcp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 172.217.169.86:443 i.ytimg.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 rr4---sn-ntq7yney.googlevideo.com udp
AU 74.125.109.169:443 rr4---sn-ntq7yney.googlevideo.com tcp
AU 74.125.109.169:443 rr4---sn-ntq7yney.googlevideo.com tcp
US 8.8.8.8:53 rr4.sn-ntq7yney.googlevideo.com udp
US 8.8.8.8:53 rr4.sn-ntq7yney.googlevideo.com udp
US 8.8.8.8:53 rr4---sn-ntq7yney.googlevideo.com udp
US 8.8.8.8:53 rr4---sn-ntq7yney.googlevideo.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 rr4---sn-ntq7yney.googlevideo.com udp
GB 142.250.187.238:443 youtube.com tcp
AU 74.125.109.169:443 rr4---sn-ntq7yney.googlevideo.com tcp
AU 74.125.109.169:443 rr4---sn-ntq7yney.googlevideo.com tcp
AU 74.125.109.169:443 rr4---sn-ntq7yney.googlevideo.com tcp
AU 74.125.109.169:443 rr4---sn-ntq7yney.googlevideo.com tcp
US 8.8.8.8:53 rr4---sn-ntq7yney.googlevideo.com udp
US 8.8.8.8:53 rr4---sn-ntq7yney.googlevideo.com udp
N/A 127.0.0.1:50137 tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.234:443 jnn-pa.googleapis.com tcp
GB 142.250.187.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.180.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1---sn-4g5e6nzl.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.201.110:443 www.youtube.com udp
GB 216.58.201.110:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 216.58.201.110:443 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.35:443 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
FR 157.240.196.35:443 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp

Files

memory/2476-0-0x0000000000820000-0x0000000000821000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{DA5556D1-CF2A-11EE-9610-464D43A133DD}.dat

MD5 7ea1c01aa0242b779973e31f338667a3
SHA1 f2ed83a6b920a6be1fc95186cffd5c247333affe
SHA256 3af23646c05e1fce61dfd787d4d0505d6bdc4840841a20844c03564ba1d053f5
SHA512 14566f1204e16b7fdc959d2aeaeab1403d53e3a7012dd801730127feaabcbf53165d62fd65d70e91c2fcc9c81396284c8e06d8fe44ebed8adb5145856a21f47c

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{DA57B831-CF2A-11EE-9610-464D43A133DD}.dat

MD5 9580a268288cf173c1e23cdb6fe86f83
SHA1 8efc52111eca81cbe71433d0ed189c55d7ef7695
SHA256 8d438c9944e593b01e6e2ffd249dd09a548232ddf20fae0c924c05c9753bb75e
SHA512 8386be72b5aad46f731f5004602d78005bf305ddbf5eefac30248c437b237b077288d8bbe35b0ecce78078134c9a9a13779a968d8209574095f2c53719e3ed55

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{DA5556D1-CF2A-11EE-9610-464D43A133DD}.dat

MD5 8cf923c859f7bd81e9c91d696aaa1852
SHA1 f2677d1ee84274d8a1ec7b918e71f623cdbdffc7
SHA256 d3c163703ebe0faf08eba57aee1168fa468a5380995687ba1de2f4d856818029
SHA512 f4dc15d7c3a89c43ce4c11c0d71d647b7f9e54bdd93448f9cdfdfbb4cc88052125910144db7eb91c525ebeef0ef42f841b9cd29670924b1801cd98869ecef066

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{DA57B831-CF2A-11EE-9610-464D43A133DD}.dat

MD5 ece031a056eb233203f5f538a2a2e16e
SHA1 614a83840d634e1a53af1f40d2f274393b8ea6f8
SHA256 e4073a6e17b913103b4db2b18eb7908a5e238d9e4c9ac231a70f84cc20917105
SHA512 40e5e795aff67cc2a326810f54726f60bce992d9178ccb57dc38444b2c92746182f339d5081f0a2031036227a5254025deb8aece8369e9f710ee0f7f213a0ff9

C:\Users\Admin\AppData\Local\Temp\Cab2D57.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\Local\Temp\Tar2D77.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 49ee2fdfc004b842fb5709f961fd91ad
SHA1 40f2db2d5f2ef51c108e3602b74190fc3a6ef84f
SHA256 d1466c6da3315319ae33abc0798e6b3d5c05fffb7445423e4452413e9e616943
SHA512 55e0210a70c6c23d553bf29b00b692a62d54bcbc110e1058cad16441ac940222b0a1e4e3b2affd6e39d25ec2df5df67d619703b87e6b0108b06e0db176bf70a5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 0de9ddc694ba9fa864ee2e028c3139c6
SHA1 b84d8dbdd05a52c97b1a7752f2171ad481693440
SHA256 9fc767fb30ea1bbea85345e4f628dcd823fb17558ba06236e57e3f9e6c1532b2
SHA512 b0e9f99c8c8d74d20c49f85fe5d9fc6941d853b885c4fef069d144a119225f1d5f248bcf8f51c0c02ef93383db146bbf4e23247ba331187467f21731b6c164ce

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 5b1e61565370ced4389e1fb9cf2eea34
SHA1 b3247b7d4a124b21c5acb430f207dfacf097f1bf
SHA256 98c2b007222adfaa8b008a1088da7cdf8f49a4edea94dda5913549eb607f0f74
SHA512 c9cd08e193323351b5b6ef9e3ad5062e1072242a0d4380e7d6dec73a7ffa23a0283eb8ef5595bfd86a4d87ba53c0c5bdb8a83454e856160f42dba7c7f92ed362

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 903de8f0df8203b6c02c3e588614dcd1
SHA1 8e8f229ebcd07a1fb960924e80b0c6a7c0204a0d
SHA256 a4fc171594306cce6e15fb9110cc86e47874f635f63b6f56965e0d46760789ea
SHA512 7ef2ca79cfcfff07df691f07b00862460a7450072561101f7768643fc839bb2576ee1f1881c239dd1b24c806b3d09748b998a1d5ad1706a1d43ae0da83c0acfa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 453abfea59b20e20044406879217a627
SHA1 b15269ef7acc7374178d655de8aad2284e687f3e
SHA256 c23d775045422a28ebff365d185a9c0837785bef989b171fc5037a2aecd38795
SHA512 5ef5d472db4f5596bc5233b8a199c07f39244b5f07e9223dc2e6526393d3d5ca8223cd2229c8237848a0a14fd612467138d51805fc5d94846bc97af11e61bc9e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9b2962afc09b88950b21288245b30012
SHA1 2d12a8336aa6fda92c08bfabb1b7bbd443d0b0fe
SHA256 78cde4956f188647385d261f728494c53612badf494cc7b5bfa8cfb215c4d490
SHA512 ab2ca4e9ca2a4fd3a2c1b4845edbe322e69068b5854d3b1685fd5ba0144fe63bf42f72ef346f6b6225906c8f6a970e8d94d29aa51053166a6c90f81f5c9db2cf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7a4c88860136891778d96b57d8742b2f
SHA1 922ec266a67c878532d6c96b8f07286a9b6a64a7
SHA256 02f2467df5ef38290a8959aea61f6de037a9bd1326b5a1b23b71648df62168df
SHA512 a91293314cd201c4ee0079ffe63b937fb4497b36d41a88e4dfa29f76dfd59e10a552e80679dfdc0255b8b6fd9eb84b7742cd55341ed351fcf069a2be08c85317

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_520FA7AD0A5B7A5300910F5BBDCB6D0C

MD5 0d475a764f404e231206bdbc20392613
SHA1 08adab374d681c8a2e385dc1aab1f8814a646d0c
SHA256 dbac3ed47e9109bf3dfc043aa2051749ec60abfd9491abda7dc840785121907d
SHA512 49b63bf4ca2f0e5fa337d1b1cc257690bb14388c19476893ac4e490e3eca9ab1588fbfd1842ffdc550c72decb593950643017813070c0fe7a7f685e2254a9775

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_520FA7AD0A5B7A5300910F5BBDCB6D0C

MD5 aa4ccdeb37f2dd75cd7bcd446b25ae5e
SHA1 688a1d99193731b6d0f84337cb93eae9e946ed56
SHA256 ef101eea358c52b1f3506d885d082703c4650d1bd31de40011315ed9d7461c4f
SHA512 68d7605e590f6ac6fdc9a0f3df98dde12e7cceec69c6c722f6aaec97df9cabed6c30c0c92c443447a80fe6dd0845b719360436e0fc71f319f9e69f085f8a51b1

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\05ZIV8W0\favicon[2].ico

MD5 f2a495d85735b9a0ac65deb19c129985
SHA1 f2e22853e5da3e1017d5e1e319eeefe4f622e8c8
SHA256 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
SHA512 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\02cy2i9\imagestore.dat

MD5 9aee85c3ffccaee6e7eba21a865c6215
SHA1 7ee75c1304d227cbb99adb033a9fd5c68c8425a4
SHA256 823c48e46b5af45c7e211f49a6e8a39aebf9324c8aa4a30f0704f1cc90aa7a2b
SHA512 7d212e0b9de18f5ede9470c5e59622708cf99a1bc111af64f1a564424105172c4b36696a8dc2b041f8c20cd7c9b897600dc0325f259463966ed03f4b961d8f96

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\0VCE3UDL\accounts.google[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\BZ91EPR9.txt

MD5 b687725ad82390bce7eb567e0ad187af
SHA1 94c9614e6cb5cd087355ba5a8d73f63f83a7a60b
SHA256 2db4fa4209669da2e60560995659a1a70df7a323fd6d9d6a9e97e21758d32404
SHA512 a6ab83f0cfae3dc98ad4b00086b5cb617c8de101645321b46a541c15e597aed63ea39a26fccfd0027c7b27a67ec96d8ad845eeb105485edfbc3576ef8cfe29f3

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\02cy2i9\imagestore.dat

MD5 94ccb7674087161aa86ac18494819e02
SHA1 a58230ac99a489f7426eff2d38c6ff4cf311b87d
SHA256 a64d3f46c07907706b03b4578771aa27623bca806ccdc3afe6ff6ffc3eef1c58
SHA512 2760e3cf354e71c3646ddf9148685363f9a279dade313dc9785d3e3ee8936eb1727fbabe420f91383b94555d565bcce8754ad908c468747c76f9290bb34ecd80

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JIH1AB02\favicon[2].ico

MD5 f3418a443e7d841097c714d69ec4bcb8
SHA1 49263695f6b0cdd72f45cf1b775e660fdc36c606
SHA256 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
SHA512 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\02cy2i9\imagestore.dat

MD5 2783b561f9f3b771b244ceff7bc1a459
SHA1 425ed7afd80352b0ac57d091b90626dfa90da403
SHA256 3dd978fae3c4c2b79367fa72ccf82d94796f3d142cf709749ffdf03f95166005
SHA512 ec5f1647c1cc61fb4c8d31043fa7c0f411a756d651edd706f58fe277efc51b9274a98fe7f0e6d89070be22ca169d9b83bde883d871ccd35638dcab57600ed9a4

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JIH1AB02\favicon[1].ico

MD5 b2ccd167c908a44e1dd69df79382286a
SHA1 d9349f1bdcf3c1556cd77ae1f0029475596342aa
SHA256 19b079c09197fba68d021fa3ba394ec91703909ffd237efa3eb9a2bca13148ec
SHA512 a95feb4454f74d54157e69d1491836655f2fee7991f0f258587e80014f11e2898d466a6d57a574f59f6e155872218829a1a3dc1ad5f078b486e594e08f5a6f8d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_77B1CCFAF3D0516ED1D1368847DAC1ED

MD5 a3cd08eb3bdead5bcffe5edd8b78a445
SHA1 0690821870aabbb491ebbf25ae7707de62336f3e
SHA256 e0d5059439d49458ddd35af23f868747e1091aa6f3c685d2a72d88d1558d2ce5
SHA512 df398a4dca12353bb87935f5861ede5cae5da3162e7690337e81c9aac6c6ba7394edf46bb4c87ba9f3bd1935a601c35cce1c25dd077e29303211e0b35b9b7ff7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_77B1CCFAF3D0516ED1D1368847DAC1ED

MD5 001a4f368f4091a0fb67b307f810a34d
SHA1 fc55ff430638bf1510cc564bf1dc9b3b375017e8
SHA256 e169f3792bf4d4edfceb23faab8d4a0d8ba62bfa4b94614d0a752b77f6a46a9d
SHA512 809e075184a3352593491b3906c6c7ec87841d9788ae1352639c89feaff72af4922e3c45a740a027b06ee3b887b3bf9e0823a074ab0222a60c73ca9108816d5c

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E3F2LH07\4Kv5U5b1o3f[1].png

MD5 a81a5e7f71ae4153e6f888f1c92e5e11
SHA1 39c3945c30abff65b372a7d8c691178ae9d9eee0
SHA256 2bc7a47889c56ad49f1b8b97385d5a4d212e79bb8a9b30df0665a165f58b273e
SHA512 1df32349b33f6a6fcb1f8b6093abd737fa0638cdd6e3fd90a7e1852bd0e40bc2633cb4e13c4824fb948d1e012e5cb9eed0b038b121404865495d4e57e123db69

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\02cy2i9\imagestore.dat

MD5 3bc992ba3786602eece1e68d26336450
SHA1 5ee577f007b38e7c56069ab0e16323b7ca0119c7
SHA256 ea9900d0a7c231f6fe9ea6a981c87e91a7031a6e1b6cde7c1c96432c4b9991c8
SHA512 06213d1420fd9ab47641b411d6bdf6f601b31dd0eee991ac10c19bd2360c5a6edaf8fd41e67a464e56b475919e78da871fe863e223f63f12665dd53b7c96c288

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 79f609d2f3d805cd384b35163fd9b36e
SHA1 451dcd89d7694262b47b2bad7861f85aea6ffcbd
SHA256 6e4df85e65a5551c4ffaed7942eee1d3e1a49a7e729fff8e712da8b20c00e27d
SHA512 f3c3a387904d47a137c4ac92b383739888ac443a9796231893f02bcb7b0c91fef88f6809b469ee73547742a45f17453c0ab399c1d6b6f2ddaba2dac1564bdc3b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 13a0212bb6eb37db26801e23795cf6f6
SHA1 a42e600db976a7cbe0a3082ef780af3c1b82d617
SHA256 8cbc3ba9b594e80c5673c28f74ede223f90aee81147e62078ce77db0e006d4f1
SHA512 f68dfc1d2fe9357414dbc10331b6ef792879a27d5f5b4274e3a91accd0fa8ec8938b35724c09e528d96d57110c3ed86dafcf078840f1709ed5524ed82fc24431

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a1c299283f8aabc0705ff52a65971ca2
SHA1 779236217a3d153d395ea270643f862f1ef7c240
SHA256 846a95d0d0eb8634a87866b978b58059aa0f83e6ab46731765cd1d18a598188c
SHA512 37d1ded0a23dc4d7f33a39b020f970933281952610a3a9c183b94f2634fecafc4baf8d347dddde71a1393d591666631fadbecf72326e2b494a98968cd3fb659a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7e51042c32d48900c1b21bebea282207
SHA1 a0407168f3156f765d2264d61ea0f00c5753415e
SHA256 e686922b7c26168be4d9239acd5e6d73779e56616ce3ffe901fec04fe887b7be
SHA512 f466059e99861959b793f9d39834d7d6e7dc447b4df67d4385cf371b35ff304f031843527b152531a8af5b9af43227db473584b8c4d5c348d138a70b35708bb6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4d4f7efe5a40dedd09cf83eef6b57beb
SHA1 dece1f400bf5e1e6c16a046b6dd0fdd4481aaf7f
SHA256 a13ac0d9de6221812870b0f4533eeb01e3546462723cd30cfdaedc62f99b0f47
SHA512 ac146fe795916fd08e241579f70dda237a92aa1efc530bd0a919b972e6b364ed5df03a11738e4e4df15201fa1f7e4d53bf442f09fb05d9d1328882facc1c1e4d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fcd4d7f02b94dc2583ea2bf5c5f73a84
SHA1 d9867457078e0914ff5c688930a3ddb6ee4af5bf
SHA256 f7d4aa76ce75bfdf316db863c04629992b7cfd0176ded056715839db172ad19c
SHA512 aaf08de2eb45f45b296f2a725ae8c67859bdbce6767ed37daac295cf8d7e51fb7a2bc78b1ba50d876eb133897a5f0715a8e7b2c30d7dc616c89a3a84034ed609

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c85917204d612852f5affef440b05e25
SHA1 dd8aca0494d380c0d4410c0a5e9a6fbbca767216
SHA256 3ce294bf31a3400287b71675d09336c1f4852903ab02dcf87d0885ee41040450
SHA512 3df83a2ad1780384a02e3409ae6e44d2ac17c0fd61b40ab15b58c94830bf18cb33f9373ad16a16bc6be9fa4d4cc8032c09acb2e03b4bb06fc7f3ab22d5545fc4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a76b44b91b1de1aa02eb3a18d087f1c6
SHA1 c798bb87a3ac2ba0045c7f34aeadb5e8b37262fe
SHA256 e9620501ef65a4110591784027723ea9d6ff76ad514d6e3b9f752bd03b2949ff
SHA512 0891f85c669becece5a56cc14fe1c61c03ef7b0512633782d59c0487d0e312e81c6635710f498379f109a02077fbd3a500c4e4e152c82e53c04c14fac2168b0b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 11d2dac913fd7e5e7ad88a72a5f9ed4d
SHA1 295960fbc1a3ee906f7bce72fb5e34f604415814
SHA256 e1bdd08a1f2b932592cc1252552985bb9e2ccbc330d7e7613df3297e7e97c5dd
SHA512 7008585be5f872c23169717b922db8796f2fd5131ad02a3f2abae6c8d253c67407e9ef08c92ec7aa6e25db391d0538ed192e5b7a6bcc4e2785605b5496fe06c5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 92ebc1ac4895e3c60a6fb7c60b404fb5
SHA1 65d69665fe1dbef08c1d97dbf58929f695116be7
SHA256 43515c4de060b214e425b44e592430d049bdd4d6363567879e03c0f0a3ecf040
SHA512 0397a4b7f6d3df1cab9af0626862a43c4b0bb3ecd24922a5de81f0fabef1aab16a7b2ad1015530037c5221bb91ffbc96d19e57b72ef34f68f1be7a11c375d671

memory/2476-825-0x0000000000820000-0x0000000000821000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 f47e890b4447a4ffaef3ea52bdcd0bd7
SHA1 9ee3172de76a6579b4392c1d8e2162ce1f6d12b0
SHA256 993cb26ddcb4f560d0192a962cd11edc0298dbc861b5944961acfc587a991565
SHA512 b827ea7d27d114112ea927bafd81f2c2b5b35c17ba1872091c1f0d8f5e46d245dcb45e436b9bcea42a7f8e8ebc5dcdaa56a2620ee51b36d189cbe028a85da9ab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

\??\pipe\crashpad_892_ZPUFAFCZFIKEMUPC

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 8549c255650427d618ef18b14dfd2b56
SHA1 8272585186777b344db3960df62b00f570d247f6
SHA256 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512 e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\d06864a2-fa40-4de1-a845-bab2a606710a.tmp

MD5 84da0225d0a6a8796f700c06ace40dab
SHA1 417c7ab5d145d6af210a3529425d8c015c607edb
SHA256 8694d21157afedb028b42fec034fb2ce076c7a3c4e365b527fd4e071f69eca9e
SHA512 1b616f199c83b9c5b03bd98ee4f3d1a81c22448b9bdbe3f4ff2f010810ac7d97ba25b0c13a8c8c2cc792bea85dde2e5caa72eff4a5bd86d09640c960fac4ea96

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 bc6142469cd7dadf107be9ad87ea4753
SHA1 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c
SHA256 b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557
SHA512 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\d5daeffa-7a49-4bfa-826d-25c1fa264b16.tmp

MD5 2debd5aeaf18ca76a311cdce8d251c5d
SHA1 284bdbb7252eed11312da558f9f619fb806fa55d
SHA256 a18fd85f3bf152544aedc8e242fa7d8be490aa8a1048b66e33067384f5d7fd34
SHA512 07bc5a2fb219608bfb6baabe14de21a70d887982f931720df9cfd990e18ad394a5fba8ec2d04e913688a8cc5f9a54490c1ac45b22b143e6c80e50fa16460844d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_B88EBDD1C39B7C1DDC0A20A63167EC66

MD5 c28b317f409273fde133bd50a9fe4e4c
SHA1 d1d3fd7223e8a9b52c42f12fbb3de1e0d39f0ff9
SHA256 e29eecb0814d74fe773f9856fd20323533b274197a1781de036caa14086f5235
SHA512 b53681b8d1be79a64dec020444a25b7bd2c3044951a5a17a7bb5b98ff1b31f3bb76d906cc4a0826a18c2c650a9184c509fcfe78008e944987299b1cf8b5aa885

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_B88EBDD1C39B7C1DDC0A20A63167EC66

MD5 daaf7182af211be8f390d775422b8d2e
SHA1 9e4264f84dda5954d6f4b26b32f7bd9521158a60
SHA256 4a7d6a6338a938a9f5a309ce93a10a365a9aca10f9788cae9aac3de804ada89d
SHA512 70909b4ae7567002b16b8bf650aae3a690e4dfd3f6d9ed01958bccc9cbd10b97273b50c01cc98bf0771096f98c9375649448746cdb195f4f0084c291848834e5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_213A1FC67444E3E9CBD41E0A7B4B61D5

MD5 2bb163291d180858f6e5a033e17b51f7
SHA1 920a82eeebe4060d8d0e1d128f21fa8949a76a11
SHA256 d34746f42a10f4b2483d7e97868e729ca95c607a6808968b8fbc988b45588fbe
SHA512 a0861f5192533ab724c80f01dd48c04a34e9fd03f97477c7b0753a43b7a04ea037e5d9f5eb0628273912fa873f6e97ee29949b8a604faf65c9b0c2ab4693ca78

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_213A1FC67444E3E9CBD41E0A7B4B61D5

MD5 46654cb5ee7772b9f0d43c226df85b4d
SHA1 2d10832dbf011117c1e8cfa7efeb77b440ef148e
SHA256 b4b506c0f3ec9a2cc4e23cf157e3109de34916403949c9063de2d62f0de4637c
SHA512 5e07bd6f7bfef0d3bb370a860dc5e14302f8ea5a419508856f0304b4278b4978805296bc4540fc380523e48b70470c4219745f41d7f28625ff98aa03a8274bbf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 41723617c7cc6a9b945a2784edfbb614
SHA1 e21fddf97de22ab5b4d60ccc2d71f932a6a9008b
SHA256 0cfff88bd1a5aecca3e3e9a8e2f41178e0523dcb1e89298ea4a98da9bedff507
SHA512 b1497b7f77d7609d4be2b11e0884e71ef53c8011c3715f2583bee40f34ed3a8f21498301cb0a083922d3ebd9d01c23178ac26de81a71cd78400ed3d801e3cd5f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 c1072a0e8a2a97d1dbbeb0e0b6948340
SHA1 d874f35be13331e2f982b16e3d011c5ca8e88d86
SHA256 2fa028d776cb66da7cf1beb7adbcb93a5491313e37320c573afe51307fec57a1
SHA512 443c4cf4c2009087d8d21146786e115841f765a5f595074394342264d6814720b7621c446f73aa342e16f2f20032196fbe4aca44c475dc108970037cd7f04f19

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\datareporting\glean\db\data.safe.bin

MD5 74be81f7077fc4d42fd730074cb1de48
SHA1 767d37f0de145a170811ad8a1f9762a319b69350
SHA256 ad830c828eda087e2255a04279d3101bf52ea95ccb148151ff50d6ae990bc593
SHA512 1cc206027a463828d4d221721aba4ca325a4931f7c6dc4e2e9e25ca0b4275c355b1b615ac73355d8be2d904fe6d1c44b9f75c931c4e9018fd8fd4b0e1a425ad6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_8F986B155B6342EE1ACF678AFF6889B0

MD5 dd0e7a365e693c451036b8cbd84d6351
SHA1 2881d46eb9175b41aa73038a95bfd09e274d1b65
SHA256 d97d69b4b62609977dac8c6d648af27ce3dfe5acf67b1d6c3e591312e6ec33e7
SHA512 bc85fe30e03470bcf94afd12195f7e3c134de8a5a829005ed065878863cccdc0c0de7fe3e07976ec23850bf957cf564503aced31d32794dc3666eaa3bda00cda

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_8F986B155B6342EE1ACF678AFF6889B0

MD5 2d8ec826e6527e96641d696fabb6641d
SHA1 b3cca6975892d91ba4433d45da66576708de2858
SHA256 0d28c78d0fa66954d098f1f1bee39bf7bd65bdbbb7ac40a1b1a795cdb71eb7c4
SHA512 0f225053c0ba35d445d1e0f312f40e211e7212a52ba95d7d116927144e5338a64e7be3b2f8c86e933c96af2bde208a90abf398051d7353f53cc58b9596d645e9

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\datareporting\glean\pending_pings\69e84fe8-3221-4c60-9a5a-cb7475300e68

MD5 5efc95adfba4ff1a93e10b0d2e4241d4
SHA1 d1d8cdd01283ec90a41ab61615bae015df5bf0c3
SHA256 ada0a15b65cf86e499a867972a5908f24dd3f8dcd63bdd384612a1ec73cb0cc7
SHA512 ebf85c2bc06cdbdc3c2d65f7aeb1f829343540956a5f79802bfadd5074626d1ee5f9bc0246178d87e44e2e48f35e88eac7c97b61fc49eeda1609f89789eacbf6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\datareporting\glean\pending_pings\553c5dda-6246-4e6e-a7df-606cf9b2d11f

MD5 4598182db9ee06cfd5c6b82d04d0b9ff
SHA1 58324fce94cd50cc7c52882f2a0755ecc8cc0fb6
SHA256 bfe58c9a9bf9edb23a45533a45eb18b371634a0d3f86b0d2054920243511f161
SHA512 4b5622d85d38bff172eb2c3c725251fc900793ce63dce8227fd7761ff7a43b2240f6d82cf4630d0895ff1c8fc2cfe81f0bacabeb5da5c7138dc4af035f3b1ba7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_520FA7AD0A5B7A5300910F5BBDCB6D0C

MD5 8c96ab1fdf3e388e77317086a5b82f3c
SHA1 3526741dfab2e1757358d0320837c7da007eedad
SHA256 c93048afb2b6625af9c22b46513709fa2e1d7f09b4d75106deda87f5e0add31d
SHA512 57e71ecbaa9f821c21da89fef5419b27113874d93d8ed0ad4285746c16d705da5705feea508771bad2ddfe6e1ac81cd8fd652e62bab14ca6f4c670a3b635e5ea

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 830182a1d1f31138df0870f94d5658fd
SHA1 6ac5574e71672a8c5e13600d8b669e8d61674047
SHA256 89f2518b214c0fdfd7612ca69fed0244705ea6e71669ab8657b69e101a17d739
SHA512 1ad0e6566de996f732e09948d622d76f52ec6bcb3163c6f66912b8f9ccb25a8ec94b940b20a54df46d8204fa274d045bb8cf72f6abe5acbd9ba894870e4fdefa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf769dc5.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 d2bcc4e74c514dcba4439fd275cd5bfe
SHA1 231821fc79e9fd3a1f35083d8f714d69e97638a6
SHA256 67fcc0364ea77b1227c7524d63b65b7b18115c0d9711cbd97fd749611ffffc14
SHA512 1f123906f6c79fdfc6879b7c7a213a3b2d1d60c5803ab8a65dc49cad3df4f841096e324e0b60ae07cfe76c9f165109e0bd2c510721d8a200582ed0b54f7b18aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\prefs.js

MD5 0c8ac9a0a0b163aa23b9dfcd935ca739
SHA1 29e890dd4321a2ff768072daec8129fb653e6680
SHA256 65447bb720a8b027b669a6369a3596962bdb9d4f431179d4a693e85f751f8657
SHA512 70a63d9b8b60cf2433d14a851f978de36ff2d6cf8f23d450b1bf3280dd403ed54033355ecb9f63b107ed73913bae67562d825206e5edfbc2973fa2f703ec144f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\sessionstore-backups\recovery.jsonlz4

MD5 c63c9485d5d08b61b3dacf99fc9bb047
SHA1 16d5266e241fd6b19b1de25240a66cc85f93ce3f
SHA256 98d004e7bcbcd8dbd8f277529a4bbac59b5d24bee51d8d691ff6f813ee9c0987
SHA512 a360cd2607fd1caf00280f299e23c66c224b2fd6064f8debbdbfecbd2c9dc67c6c3c9df7f5a7651f5f39afff32cb4340c2758ce01a291aefa602d4e4f58081d3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F2DDCD2B5F37625B82E81F4976CEE400_FA6E4B522C9C404D38E1A6F1BB26EC85

MD5 1b85c8f2433f4ae29b58605cf23cb634
SHA1 0af9f2df5a04d58507e7701fc5faf74d0c127724
SHA256 5a64c38116756aa01d2dfa90fda17b7f940c134417267ccc41c18ad399983ecc
SHA512 73d5ad7f6007233629bba27a38ff5ad6abb0889aa78a88fa5ba4e25c0489cb2b74fe4961c44be6f235d408ab42bc5887b648792a8b03e12bdfcb66152d688d8e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\prefs.js

MD5 2ca6d57179cce0400a772fa5d4c7951c
SHA1 dd4a8ff5323fe06bb90cf996cb0d9a55c18e62e0
SHA256 bba48ae9f29fe8c6746b052fb23c8de95538844fd169bdd6edb82c2113f9eec2
SHA512 9cba1202aa8e45aff798228bd6d24d04e5c687d49b88750707df9e69eae8fc66ce12dc403d9a2c59ae7e41d533e4b116495a15058ececd34ac1a8ddd3c19053f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x7a5o34y.default-release\cache2\entries\B244729BC80B4AC34542A2CF7ABB28C54E8B5AC9

MD5 8497430e8f6f16559504eb0a62a6ab0e
SHA1 ecd94c103cd0eafce486322525c284efdc3c6646
SHA256 0f2f7a59f3ff3381ed56a9bc1f3a69acf17cdc1ae88efe65d58b5f9a037758f7
SHA512 16d79b380780fd1c2dfadfc041507c0680ea3ded6639c5b8686ebab758d109a48d6980b8e98a5e0523dca391e971405c2f66b8a7c3554aba29a62952472e99dc

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x7a5o34y.default-release\cache2\entries\5386253589D09F6437E215B7DD9D35AC8A9667C7

MD5 5003874b883f51c3285dfd6b488d3097
SHA1 3b347eb4f545e4fc14ef0a37a9aa62e59f351ef2
SHA256 66812b772486a8bd6079b590cce72533694d47da7c44de0f69f4fef2874d3315
SHA512 6429d069d69a9ef84e0c42a8ce55ba3691bc216ccc049ee01a9827a9a9222074b32c380ffa3589a2e6bd8d09895191560a17ab538b6ccdde5b45431340183d24

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x7a5o34y.default-release\cache2\entries\70F9110B15BE4CA3789C4E686EFE371A84369C0A

MD5 c296c5620d8e574be1dd117ea02dcfa9
SHA1 df44ce840f5b9431e859a182e430986c3251b83b
SHA256 484d2f21535d65d99fc2596ab16091b1249cbd769e304cea0b7736a0a78550ec
SHA512 3bd60c91a32108fc7395eb306beced465574a40f1c0171e72a11beadbe543e48ee116a79d5713c950c638611e5214ec09169eb573c03b63a3cb4f6fe5daa8114

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x7a5o34y.default-release\cache2\entries\DFF427F3036CB4FD84301A0F4A7459DEC961B2C3

MD5 2b64e25f94d547fd30ab23b95ed5f8ae
SHA1 c480e5ef144ad3c96fb7eb172f97f1e6db6304fc
SHA256 2c4932720fde11f692f8a8ddea386d4fcc2cdc3b1896b4fe2da83e7f85a775b5
SHA512 01074177b184bf7d2abb3fd5464e5ff381bdc390951b4ac29ffac101d6c3bffd018f4b952355d4cc9fdcd3ab3db48df1afcf2854a2a8db61d4deaa755ea3e039

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\storage\default\https+++www.youtube.com\cache\morgue\37\{f5b5b03d-639d-4c3a-ba12-7bcd90c69925}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\storage\default\https+++www.youtube.com\idb\796396047yCt7-%iCt7-%r9e2s2pco.sqlite

MD5 935b1c65821df336514d664fcbd35b8a
SHA1 4873919884da306b7235dbbe9cc8bc5fe216fca8
SHA256 a07cd8950c78559280beb0d03b661f4cb31ce9af4c6cc39a0222615a723601fc
SHA512 9b9022c44653b19c4024206f72d951dde3536fbf8749f480f64ae8da1b6caaa076a8754cdc7c12e47b7b19121d178f9a8bcdd7d873cebd490dee8c2a45a30231

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8d33612e84189a62fd64d8e4b8dee41a
SHA1 f49f1f0da88249b491b52f6fdb9a5de15707c688
SHA256 f7b944b125c73b1c1e4c989eb4a8cd0a3ebec8c1a93c3e14ca6e1f63624c9dcc
SHA512 bfc78d208890bcf0bb918e71297e7c6145f14288d574fe32970648e9566b36ff97f84c52e320613aa65bea44f3cb69f32162d23c6db7f5f1db590d67eeb26c87

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\sessionstore-backups\recovery.jsonlz4

MD5 e6da6199224d09571e92f6d727cbbbe1
SHA1 b884bdba0fa58cdec9b4582add97eb4474915559
SHA256 090c2837d840c3892007a1fa8b0bfdfe0c9b752059cebeff88761b7229246b58
SHA512 82c2a3fab47fc5f0994d9c9607db0efda9e0192c3a737cfc168425ac3cbd5cdb7f4c2da839d3f09e6a020302b6146ebd0cf48a8301c704c251bfa29b22911b6a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b4cee3fb39491a490368596bff5fcfaa
SHA1 3a9fb1f88215308a7a23e786083e17cb1ec71302
SHA256 ae57eb16e08bffe65fb4aa11b0bfda9e4eb7deda3fe1718552259d0744206156
SHA512 f9a9ce7a02f249aee30ca8b60a5e9493ed1516b01e454f77dbf02157d6c1392dbfa2a966ad31f81cbe0b3c0804b593476544be85bac4c21054cfd4edca46af0d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\prefs-1.js

MD5 b18274c858a9ca4c2336a25c75fc11b2
SHA1 3dd410b7953dbc8c8a97cb5327efdc25059e09e6
SHA256 2e20d482bbe5626475f1d3d3c09890aee96145776fc1ac564ed972957e3738bb
SHA512 311ea677b52f976354154168883bc77b111538a2d2bbee49c9c6e3c84b7b804b8485cde0546d14c8faeae5df035ba7ff0891ad439e2ff8dc3f959e6bb1470e07

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\sessionstore-backups\recovery.jsonlz4

MD5 4e1508cdf6383c520b79382e5771c32f
SHA1 4e76ca7c9f9016f1f828c4e44550d646d588e2a7
SHA256 51befc8882b7da424922e55acf30cb85311e9ba0b18e82310e94b472ae031e84
SHA512 8f8c812ad73233b6fc8d64b610845326984f8033b31444dc1ce7e8aeb353ed8c9f247815783b02e7ac26936499e9a3df75bb17a6cef4ef5a8ac07854b4bdaa37

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 94f64d9f0ed870e6e20efb72106638f4
SHA1 5c3cfc37b748f2cc23cee5cb39f265cf7115c0af
SHA256 3d4c35819f4216346cb90e0299ec6d335f64a36690119d0b8845d9d8258b107f
SHA512 a6950839b5f467601d0b11616856f458c6e83b3febd71df23775be4a6a875eb2dfbf88cad4f350e20fbc8a87d9d03ac7269398550d936f86930728289d83f938

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a9b9b9a1c75f5e18c13dbc246d98468f
SHA1 66eab50c3c6dcdf70e179e94ace20b00f4a6443e
SHA256 4306daf740ccc49f933653116a9664e0b9441986fb12f2e080f8a4717a213db3
SHA512 4acc468c9c0f9abb3a1478d013e2270c723a6d8f2aaffa6604f916bced110d01bf14d7ce830fa8cae9b247edbcdeb978ced6dae2fd914e08f6c4c107f41b755e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 3272553475ab57222e469294a8ed3e1c
SHA1 d68d9c0b5b1475255e6974d6927daf11b8a25728
SHA256 fd26679ee435cf0ac757fd8afd954445a0ba5dcd3e74b01e009962e49a8116a3
SHA512 8ee332c8a6f50a7d40ce4a365f109189f7eb35875e22d6ea8f24dc9c225c232a3a03454695e5031612a419f251651ebddf914d3163efef3b66c736c0ee365137

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ffe55bd15efa70b9f5cfc856cd0b359e
SHA1 d919dab1d0fa287a6ae14346917ef203a3f3b761
SHA256 95cc673b01bd2cb8ed99b8ee22dbfd5d0cb82d0ced359ac044a5e30c93181305
SHA512 7ba0828a6edad27259b37a6feacad11bd6b3c94e156296e5850d0657f1a62ac8008b58db5516c61730c9ac3085634b279c8b9f6ff28ea730482c49fc97463302

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a5aed5aedc8db2ca295e3737fe1fe45e
SHA1 e784c2bdefb654f475b06ab7c146a3aa4a6cbd83
SHA256 eb19099fa58e079d9920718391c069833ef5dc7fff2bc8c2b00a8bd29610685a
SHA512 fab531378035969c6f058bd38366b70d4e4b0c254cc5bd94f0e4d39aad58e7db76cc0d0032a02bb00c1312b6ebf01958d7beccd750bdc2a701300576fa1e4faf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\c0617094-dd65-423e-a23c-541096b54aaf.tmp

MD5 1fd491d94de31b45fa3b8f4c969c3da4
SHA1 ccd4f699154f3ca307291743cac2ab7e6a6ee8ff
SHA256 77f17e75090c23f2cafcdb288ca5cdd383f461ddb2db176417d3b1050e73ab79
SHA512 cc6e07ec9a9da8899a00f2f4332dd4e52cbcb8bac9f2c0057110dfa0cb7d11d827d2b56f4025f2a415abf4a8cf142291659dab18f94a612ba8cee47b5cbd35e7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\prefs-1.js

MD5 030dea7b581711d830780325115d7b82
SHA1 e894f309c1cc68fe9b9d6a6a0701c79914abc296
SHA256 1edf05ba0d5509fbe9421c26710d2bdbc3969fe6653ac1fcd84155a71000da5d
SHA512 d92d75d4202ed0579141aba4a4d51ab222d8f38447dc4ef13aae20abc71d992505144f1b8738db2b97ecf4e95c04b61e40aea720d3dc94ff4fccc4f55d5a3221

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2d161db38954bf859db81859d303c697
SHA1 e060ee2347d5f89c9c2858ab9c77a6b9a2b12b0b
SHA256 0c2ab67fef3eeb138de1aaf554422985d1523eb410c7459164d01b469eb7dacb
SHA512 4319d1c0fd67575a5486b59a99aab448dfc2080ea1dc9ea815cf0c8de262a3641eb722c1bb6cfc01b5f6d4925cf36fead2c786b1656ce638b0e612acb25bc147

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1145c2808a867624f80b7d945ef4b0b5
SHA1 dc04b8ff831191898fc743aee75fb57dbaef282a
SHA256 c60d1c3acdd922f07a9f0c745ef55261b08c6922c3a8b4d83d189a1a2a9eebce
SHA512 f6d6fa7c78efb6936621b7090260b5cf5079e22b386f170b40a35d253448a68d51ad0c0979f533e3507b8e3dcf01c768f1746cb74a23b3ccb6ad549bfec74758

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e13fbf482f04fb38eaebdc63e71f2225
SHA1 7fd2279617ce734213d0803fb973a895e3ff65b9
SHA256 094f6d732ee3ea2faca1fec7471c826e69efd399fec16cfca17ec6bf3d8a4950
SHA512 52c1009b6e34bc72929bf35964076a02e36c7400ae65a261915e7b2a49dd845df3c5c20da55e6ac7e68ddbe91c18153ef8ade9e873f7b59c2713db21374441bb

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 99c65e3ee8ad51fff71f1d2f13629fc0
SHA1 97cddb4659d1b53b1b3759898201e7f70f4a9c5f
SHA256 70649d66dc7ba37a67ddb448bdb304b0c8f53e61b1988cbc91b49bf9f203c506
SHA512 30ab4106ef37b2611afb70a77f28c4b9c37f5c71acd9de5c48003f5b545ba2205b9620fc3ecf25aa1f6f62b87c2f84628878a1c627f2928e7646d1be87ed1d19

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d842f05a791c0c62dd87c6a5e7c4ab56
SHA1 d33efc50a6157621cbd43f2868d6f83fb3e059af
SHA256 4734317dd87e14d9b08daa92636d2e58b0dff9e17748ea559ff2db8e8ef13f8e
SHA512 a346d11ad5ec20cc7814db8e96fbb488f9aa8496be96be6423ffa7d688518d7adbbbff6a1fa6e2a3620a056b0819e994e9cf093ac2ff4098c21661f87af79625

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 83d936be7038ed263d6001e41dc0cb0f
SHA1 6e8e78e228ee5bdb8248fa5280a22779b5a4c88f
SHA256 e616b534ab2e6a4e921b87b6d8ba44d0f1ac325b01767f1f4d5031fa29b6c8fd
SHA512 7ad96d23b42417681810a121d53495dcbd7daf811dfcabb6b4373d0bfc1e901e8823e64783f9cbaa34a92c618707cf813889bfe7555705464e081d5ca8c3da1b

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 e341e1081e0cc91bf1efde3e4a479e96
SHA1 69ffa0fae89d69215a494af2cfbd8a25629a99a3
SHA256 c46692791b6d899f52c31f0fffa6a45af154129afa90c0822139b981ffeeea5c
SHA512 49b8f72810255e143cb561027cc58bf9d4601f4a5fdfedef7dbb39930c45dda099b63152b3da215e67ff67b26312ddaf3301ea0bf213b98892f8b2947d82f86d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 414012d1945a953764667bd22cccd875
SHA1 dc0d6f1cbe2405374baf5c6cb1c06c73d961ab6a
SHA256 c71f869da25e7bd5e83b86df922189fccd74aa6eeffd9a6afc070fa9901ed269
SHA512 37279e45b03fc8d1a823045a4fb64a9366ff0fd161def4c93d03a6ab1949f9963e711414c71888496642d01e3c855da27dfa7845dcb105fa86c223630a26909c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 11f27ef5d1b614ce0aac723d56164cf6
SHA1 9abdacb4bd7fb8fe73c9c7c405594b0c9a6de992
SHA256 8a1e395fc8d4fff915c40606cde01f9c0a8480dcc562e1448c4986a5622627bc
SHA512 5598536a219aa85d02b963e6be35600c121d24c66d53f6bd9d42bcc0ef0f24ea0fe7793bc886bd1ed662da69ad8a4d322a295c9c8ddf237d7252d24f4b5a3edc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d3e8ad450cb3ea349dcc3a9d91a0a43e
SHA1 913c54288974464d38cb163e9bb1627fb38f3171
SHA256 847b6ba020fcb6f2374a0975c64a29fbee39dd5a974aa09363c204f23e2c5bd2
SHA512 fd65608f9dec09663babe2a7531c461b03201da98582a0489023ee9845066f4a46a57144ae73f2a91fd8393b8f5467275258acc7eca5ba6ee37693e39f53e920

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 e0eb838968df76fd91c0522153256c1f
SHA1 3b2b3aeaa4ae192f893d9ce0f24bff1fd2a10fed
SHA256 6274dba9288b45e50f4bab7c61b2b57d6f6a70e0d1935f46233fe8c151e3f2e3
SHA512 2d8696ac6fe644ceb5723768a0f6a6c847000f867dbd959f94c7144bc17c7f6d28cb1db1c8e0ace44a6af7cb51a03d391db54539f61666b39368e2b540b4deef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bc1ba25769d86304173bfb7958e8a3a7
SHA1 0127b0a76df7ea7f60198956a208df2947377e68
SHA256 039718ad0d41d6693806a284344fd391f11dee83e9a06fdb7e18fb9b529e46e4
SHA512 e137b54f3837a411b458cc16ee810ff395d2bbe544a490107fe7a21f6b719e3538225762439a78d72b74c931c0439d31dcfed243bd6a36da9e9a59d5ba6c2345

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a87f81953e1b202d4e2b95e0d107f444
SHA1 48d71ea0eacefb95cd0d01323ab44af480a26ca6
SHA256 bdc03a2a6cd9269427ca65c4e134e19c8a107554582e4748199415e5f7d85c79
SHA512 eb09f467c879af5698e43bd53b9e39813886c4e2e40c96801dd2984f195032f17d62bb98e20c40bedfad5134484b0df866b4e3055a5a4cb1a6c469f35666eccc

Analysis: behavioral2

Detonation Overview

Submitted

2024-02-19 13:29

Reported

2024-02-19 13:31

Platform

win10v2004-20231222-en

Max time kernel

150s

Max time network

150s

Command Line

"C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-1168293393-3419776239-306423207-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1168293393-3419776239-306423207-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1168293393-3419776239-306423207-1000\{1718EACB-3E19-4908-8FE3-5E977742EB80} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1168293393-3419776239-306423207-1000\{C3BFC099-2F38-4C77-9CAE-4B5637099A44} C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2980 wrote to memory of 4864 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2980 wrote to memory of 4864 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4864 wrote to memory of 3980 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4864 wrote to memory of 3980 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2980 wrote to memory of 1676 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2980 wrote to memory of 1676 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1676 wrote to memory of 1660 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1676 wrote to memory of 1660 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2980 wrote to memory of 992 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2980 wrote to memory of 992 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 992 wrote to memory of 2092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 992 wrote to memory of 2092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2980 wrote to memory of 2944 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2980 wrote to memory of 2944 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2944 wrote to memory of 3156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2944 wrote to memory of 3156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2980 wrote to memory of 2752 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2980 wrote to memory of 2752 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2980 wrote to memory of 1212 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2980 wrote to memory of 1212 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2980 wrote to memory of 3460 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2980 wrote to memory of 3460 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2752 wrote to memory of 1192 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2752 wrote to memory of 1192 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1212 wrote to memory of 5072 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1212 wrote to memory of 5072 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2980 wrote to memory of 4340 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2980 wrote to memory of 4340 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3460 wrote to memory of 756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3460 wrote to memory of 756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2980 wrote to memory of 3884 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2980 wrote to memory of 3884 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4340 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4340 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3884 wrote to memory of 4320 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3884 wrote to memory of 4320 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2980 wrote to memory of 4196 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2980 wrote to memory of 4196 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4196 wrote to memory of 2468 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4196 wrote to memory of 2468 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2980 wrote to memory of 3896 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2980 wrote to memory of 3896 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2980 wrote to memory of 2164 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2980 wrote to memory of 2164 N/A C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3896 wrote to memory of 4948 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3896 wrote to memory of 4948 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3896 wrote to memory of 4948 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3896 wrote to memory of 4948 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3896 wrote to memory of 4948 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3896 wrote to memory of 4948 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3896 wrote to memory of 4948 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3896 wrote to memory of 4948 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3896 wrote to memory of 4948 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3896 wrote to memory of 4948 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3896 wrote to memory of 4948 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4864 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4864 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4864 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4864 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4864 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4864 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4864 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4864 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4864 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe

"C:\Users\Admin\AppData\Local\Temp\c285eb3563056fc4e2ebb40c076eb2ca.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff872cb46f8,0x7ff872cb4708,0x7ff872cb4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.linkedin.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff872cb46f8,0x7ff872cb4708,0x7ff872cb4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff872cb46f8,0x7ff872cb4708,0x7ff872cb4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff872cb46f8,0x7ff872cb4708,0x7ff872cb4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff872cb46f8,0x7ff872cb4708,0x7ff872cb4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff872cb46f8,0x7ff872cb4708,0x7ff872cb4718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff872cb46f8,0x7ff872cb4708,0x7ff872cb4718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff872b59758,0x7ff872b59768,0x7ff872b59778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff872b59758,0x7ff872b59768,0x7ff872b59778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff872b59758,0x7ff872b59768,0x7ff872b59778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,1940109332054951601,17514225995432711463,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,1940109332054951601,17514225995432711463,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2244 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2156 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1460,6250927631379927113,17263525390689540382,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 /prefetch:3

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2164.0.66112126\117531161" -parentBuildID 20221007134813 -prefsHandle 1852 -prefMapHandle 1844 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {07fd4834-f0ef-4f79-a9b4-50fc0ce3a372} 2164 "\\.\pipe\gecko-crash-server-pipe.2164" 1948 20fd95d5158 gpu

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3956 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1888,888797017111105844,5406255307181821310,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4248 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2060,14492453795239958769,3237186490405771856,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,10712681416430349737,905103335884893701,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1888,888797017111105844,5406255307181821310,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2012,4634648533130630736,18200032295879780150,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4384 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2164.1.605508675\1233500236" -parentBuildID 20221007134813 -prefsHandle 2388 -prefMapHandle 2384 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {96ba9dca-4bbf-4a96-894d-5db19a6603f7} 2164 "\\.\pipe\gecko-crash-server-pipe.2164" 2408 20fd913c158 socket

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4880 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2164.2.1491428403\1013146803" -childID 1 -isForBrowser -prefsHandle 3064 -prefMapHandle 3084 -prefsLen 21603 -prefMapSize 233444 -jsInitHandle 1160 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {815a49bf-d960-4899-b756-69e73210222a} 2164 "\\.\pipe\gecko-crash-server-pipe.2164" 3364 20fd9562e58 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5804 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5600 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5972 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6172 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1956 --field-trial-handle=2344,i,10329145181911326610,10796743711996423305,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3868 --field-trial-handle=2344,i,10329145181911326610,10796743711996423305,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3724 --field-trial-handle=2344,i,10329145181911326610,10796743711996423305,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2748 --field-trial-handle=2344,i,10329145181911326610,10796743711996423305,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2732 --field-trial-handle=2344,i,10329145181911326610,10796743711996423305,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1884 --field-trial-handle=2344,i,10329145181911326610,10796743711996423305,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=1792,i,3418629425957958059,6051874220774081489,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1644 --field-trial-handle=1792,i,3418629425957958059,6051874220774081489,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1928 --field-trial-handle=1992,i,14966438802359292181,9355564019372518938,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1644 --field-trial-handle=1992,i,14966438802359292181,9355564019372518938,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=576 --field-trial-handle=2344,i,10329145181911326610,10796743711996423305,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2164.3.296839513\720677616" -childID 2 -isForBrowser -prefsHandle 3300 -prefMapHandle 2880 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1160 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a47c48e7-bd8f-4f41-9f5d-718fa18ac501} 2164 "\\.\pipe\gecko-crash-server-pipe.2164" 3024 20fdd247158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2164.5.418839854\1810630558" -childID 4 -isForBrowser -prefsHandle 3812 -prefMapHandle 3808 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1160 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f274af12-5e21-464f-ae71-bbc6df8456fc} 2164 "\\.\pipe\gecko-crash-server-pipe.2164" 3960 20fdd261958 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5004 --field-trial-handle=2344,i,10329145181911326610,10796743711996423305,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4864 --field-trial-handle=2344,i,10329145181911326610,10796743711996423305,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2164.4.691369181\1594871482" -childID 3 -isForBrowser -prefsHandle 2888 -prefMapHandle 2884 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1160 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {97c358a3-4f63-4239-9611-10ea23033542} 2164 "\\.\pipe\gecko-crash-server-pipe.2164" 1580 20fdd262858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2164.6.1598291255\1348097006" -childID 5 -isForBrowser -prefsHandle 4756 -prefMapHandle 4752 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1160 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a680f6ab-d860-4cde-9127-37d9155ef4b4} 2164 "\\.\pipe\gecko-crash-server-pipe.2164" 4768 20fdef81e58 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6968 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7364 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x500 0x4e8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6948 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6992 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2164.9.1977772689\1121915197" -childID 8 -isForBrowser -prefsHandle 5820 -prefMapHandle 5824 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1160 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {880d49d4-dc88-47f6-807e-e7d3f4fd589a} 2164 "\\.\pipe\gecko-crash-server-pipe.2164" 5812 20fe03e3958 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2164.8.1159079711\2051162030" -childID 7 -isForBrowser -prefsHandle 5612 -prefMapHandle 5616 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1160 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {00aba31d-1166-4c03-a8f6-1195e13cc883} 2164 "\\.\pipe\gecko-crash-server-pipe.2164" 5504 20fdfe91058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2164.7.284468078\668877896" -childID 6 -isForBrowser -prefsHandle 5464 -prefMapHandle 5460 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1160 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6c0714b1-4574-4424-88bb-72f3b009f81a} 2164 "\\.\pipe\gecko-crash-server-pipe.2164" 4500 20fe038e658 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8208 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8236 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6540 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6540 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=7120 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2164.10.1871160697\1315039157" -childID 9 -isForBrowser -prefsHandle 2932 -prefMapHandle 2936 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1160 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4b97092f-3a5d-4b29-b1ad-d41e5aed1dbe} 2164 "\\.\pipe\gecko-crash-server-pipe.2164" 5468 20fdd2a4e58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5368 --field-trial-handle=2344,i,10329145181911326610,10796743711996423305,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5476 --field-trial-handle=2344,i,10329145181911326610,10796743711996423305,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5348 --field-trial-handle=2344,i,10329145181911326610,10796743711996423305,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2164.11.303203205\583952897" -parentBuildID 20221007134813 -prefsHandle 6200 -prefMapHandle 6172 -prefsLen 26490 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3e1ed622-c4fd-49a4-9713-752ded340c7d} 2164 "\\.\pipe\gecko-crash-server-pipe.2164" 6212 20fe022ae58 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2164.12.1061120026\1114127186" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 6368 -prefMapHandle 6364 -prefsLen 26490 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7b60cf08-64e5-4d49-8408-e97adb7f4f9f} 2164 "\\.\pipe\gecko-crash-server-pipe.2164" 6380 20fdcfab458 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2164.13.2093157264\678040872" -childID 10 -isForBrowser -prefsHandle 6828 -prefMapHandle 6864 -prefsLen 27337 -prefMapSize 233444 -jsInitHandle 1160 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3ed7bf43-9a17-4c05-91c7-625165db5b65} 2164 "\\.\pipe\gecko-crash-server-pipe.2164" 6824 20fe03e2158 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,8529137469245552110,10418804604105424946,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3516 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 --field-trial-handle=2344,i,10329145181911326610,10796743711996423305,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 185.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 13.107.42.14:443 www.linkedin.com tcp
GB 216.58.201.110:443 www.youtube.com tcp
US 8.8.8.8:53 140.32.126.40.in-addr.arpa udp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 216.58.201.110:443 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 i.ytimg.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 35.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
GB 172.217.169.86:443 i.ytimg.com tcp
US 8.8.8.8:53 23.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 86.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
GB 172.217.169.86:443 i.ytimg.com udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 static.licdn.com udp
NL 104.97.14.240:443 static.licdn.com tcp
NL 104.97.14.240:443 static.licdn.com tcp
NL 104.97.14.240:443 static.licdn.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 216.58.201.110:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 240.14.97.104.in-addr.arpa udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
GB 157.240.221.35:443 www.facebook.com udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
GB 216.58.201.110:443 www.youtube.com tcp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 44.239.198.133:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 216.58.201.110:443 www.youtube.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 35.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
N/A 224.0.0.251:5353 udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 rr3---sn-q4flrnss.googlevideo.com udp
US 173.194.57.104:443 rr3---sn-q4flrnss.googlevideo.com tcp
US 173.194.57.104:443 rr3---sn-q4flrnss.googlevideo.com tcp
US 8.8.8.8:53 133.198.239.44.in-addr.arpa udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 104.57.194.173.in-addr.arpa udp
US 173.194.57.104:443 rr3---sn-q4flrnss.googlevideo.com tcp
US 173.194.57.104:443 rr3---sn-q4flrnss.googlevideo.com tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
US 173.194.57.104:443 rr3---sn-q4flrnss.googlevideo.com tcp
US 173.194.57.104:443 rr3---sn-q4flrnss.googlevideo.com tcp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 16.221.240.157.in-addr.arpa udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 11.214.240.157.in-addr.arpa udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
GB 172.217.169.86:443 i.ytimg.com tcp
GB 216.58.201.110:443 www.youtube.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 75.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.169.86:443 i.ytimg.com tcp
GB 172.217.169.86:443 i.ytimg.com udp
US 8.8.8.8:53 209.205.72.20.in-addr.arpa udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.187.202:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 ponf.linkedin.com udp
US 144.2.9.1:443 ponf.linkedin.com tcp
N/A 127.0.0.1:57601 tcp
US 8.8.8.8:53 1.9.2.144.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 platform.linkedin.com udp
US 152.199.22.144:443 platform.linkedin.com tcp
GB 142.250.187.202:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 144.22.199.152.in-addr.arpa udp
US 8.8.8.8:53 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 127.144.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
N/A 127.0.0.1:57763 tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 8.8.8.8:53 155.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1---sn-4g5e6nzl.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 78.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 102.11.125.74.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 18.134.221.88.in-addr.arpa udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.213.10:443 jnn-pa.googleapis.com tcp
GB 216.58.213.10:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 10.213.58.216.in-addr.arpa udp
GB 216.58.213.10:443 jnn-pa.googleapis.com udp
GB 216.58.213.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 196.178.17.96.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 14.227.111.52.in-addr.arpa udp
GB 216.58.201.110:443 www.youtube.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
DE 172.217.16.131:443 beacons.gcp.gvt2.com tcp
DE 172.217.16.131:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 131.16.217.172.in-addr.arpa udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 157.240.221.35:443 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.35:443 www.facebook.com tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 12f5ea17522d20f57cfc7ed287507d1c
SHA1 683a34647d67a7f0db4b48c8e5ab2bd96b1ae58b
SHA256 25fe9a74a26f05364d78e4fef7962b5509f562c825da977bf6ee46a31e2392cb
SHA512 6ba3e8a3b7eb2fbd8edf13571a7a430b334dc86527eb4368ba3b8c2e7bcd24073cca99677ddffa633643046536bf7c7516076a9018f7b3c7c63a9f2a26de67c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 3e71d66ce903fcba6050e4b99b624fa7
SHA1 139d274762405b422eab698da8cc85f405922de5
SHA256 53b34e24e3fbb6a7f473192fc4dec2ae668974494f5636f0359b6ca27d7c65e3
SHA512 17e2f1400000dd6c54c8dc067b31bcb0a3111e44a9d2c5c779f484a51ada92d88f5b6e6847270faae8ff881117b7ceaaf8dfe9df427cbb8d9449ceacd0480388

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 bb2cdf82802bf69b297c9fae3fa48e85
SHA1 f26dbf7984929197238377b2b3e37f974447448d
SHA256 29998264d3f24068d6705e32cb6306f042797a0025aaebda57b3c581a49be0c7
SHA512 00535865805747cb5fe10f4f67872b52e94fd0ce51937f94a7662254027919b13df4af538557116cd4a8002afbeb295c601a79d5e64c8d2d2de9cf377eba1db7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

\??\pipe\LOCAL\crashpad_1676_YUSSVASNOMJYYWMY

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 403b316483fcd9ad417d61b017023fd8
SHA1 a1b494a310b0b91625ba8055e735920b8a81ee1d
SHA256 bc44c4839f2ada58873fa1d5c24cec4f453a0741f693fb4239a70caea3b44c72
SHA512 f75243a4740ae7af90b3c5e962f1acf6c71da738486a81099d57637f76027511f7ccd1b073343767368c495c5372b1aa96e6ec02d634c27028fb099610363788

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 383e0d419faaeb7bc37a98ae8ab8ffca
SHA1 c72f60d6360ad1563cf734dda017508c01631394
SHA256 e03a5dafbb1afe09601ab5fd04280c806be25ba2593c19d79bf17b806c6dad0b
SHA512 918b97ff3409396e3b5094456fa45b2006bf4769c3485768cdf6118eb55375f7aa7349e806d1d63a61f91f7ba0d24f1085d5f3fe8a93e736da6f18f602d4225e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 24256670ab09d2018b62e9d9c3a7fa7c
SHA1 ff311eda7e358d23f818b018c80ba14e8e4f9f98
SHA256 615a91e5efa6269af151070bdaba2961f9d3fcfc623e461ca78c66c0ef23e99b
SHA512 7f40d0bf599fe754a796d521bb2aa9254bcf6fdc30b796f04f25807e507162047db7ebb841e6c6ce8f1235efc4be3a37caaa5a1692bf3d0f341f0aca3419364b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a99facfdac2795e4dbefdc5ce4808e21
SHA1 8e9855efb313d79b3fcf4fcee84495402a1a8356
SHA256 182086d7d6485a715211ae7d95a49a73bc7e0151423c3db6d7d5f0f698aeaf3a
SHA512 b965a9913f6fdccdabd9d2d206bee2844493b7c1055cdd48ab390f3b481e8ddf08c14fa43305ecf62255b8fceec4b42bda8183ae8ff34308512886a23d1add32

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 9435efa57a1b64ff2feee446b34f56bd
SHA1 76320c62a20e7c74bb7f7e4cd0be94352377cf7a
SHA256 7b43121748db6596051890d4949f591d13f455598b9ac0708c355910f382ed47
SHA512 555f7521b5781d802a80d8c6e284b43d74bc106cedc4ac6f146913f152fbf853b8e7ae09831dd6e87477e11f5cd111754e7a0b450ecaa8620d0b0c6f7355c756

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6395f20911b5c743ba1fd864bdaa7c0b
SHA1 e12ba747ae769c8fef8e6d4496e09271c7e84110
SHA256 baab0ab2d7c90d82fa3c5a2e9c7984b61f5d11b5198c2d2bc0367fc4ad0d785f
SHA512 f941b93b2e82eea7977c1748584700f05db9a398d349d62f70cc502f913e37cb9e531a38bbd8ff230c0b9e39c49eb86721e17ce603f039f75fa2a508b6c5cd2d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\6c6e591d-9b47-46ae-af42-a0b2244daafb.tmp

MD5 76338b68969728f1a877c16cdfcdebc1
SHA1 649e10c2d2aabc95682a59ee75aac580c65d1e13
SHA256 2703925476b4acb9428417d7747076e373e33513f85e36e50ffd8acd9e10f1ea
SHA512 0f1650d51778ce4e901d2b9dbf648a55fe59df246a62a5798e36a944ce3bd6af30c01bfe55461bb9b7fc246a0296fb4f798933f9a7803af604b894e01561b8be

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 8549c255650427d618ef18b14dfd2b56
SHA1 8272585186777b344db3960df62b00f570d247f6
SHA256 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512 e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9c3c8b06523bcc3c04565828f421ca50
SHA1 676e1f34d4d1fa2fb8ba48eab360e54c39e39f3d
SHA256 a9fa33b78213868cc917c29dd7fb677cc4e1d1ab62e8aae8d4546bbf15269351
SHA512 31100ae6b480a710e66b8897509a501bbaeb2481356cca520346ea04eb9ebbc8b227bd82aac0b4f605d342893dac09181b52e1eaec3cd7352f47587f7bb2798b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 3da15daf9cc9f5210493be0e91085225
SHA1 4ecd5d673f9fa0399da5fc3c080ab3e978fd3d12
SHA256 5ebd7fbfa49a75ad6cfb055114d5c01c350ae23f0bf2ee243d092332c6030ad2
SHA512 a0cb13fa1b6b92b918c9ff777477aebeeefa7206d62ecb9cfbb49781a3ba0a7dae96a289d0e9aebbe6dc3196944153a168f6a07e5b9fb9f50fe65f6a37a8a823

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\datareporting\glean\pending_pings\05e11787-83c0-4984-85cf-59e6ad408447

MD5 2626e3e8caeeeb7b5474bb0b54b9ab44
SHA1 2f9208a07979d0e57df435edfebcc04b32ccf175
SHA256 97eac3599e327c47e300b57277730761722ed703b8c6248f7ecb2e5c12c5a72a
SHA512 f7b8c081849e73250b65a69ea7fd033cce91b2a1c6e525d1a7635f02335b02f27052e4b96be2c575f96a5779597afa7d85971d4972ede5b01b82a94266ec4c5e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\datareporting\glean\pending_pings\63c6b484-8704-4da1-a5c1-c6076057f871

MD5 9ab00815c7fdb75d0451545f594065f3
SHA1 c315888a6632c5ccf93ed4a6b853528b22b13938
SHA256 f69f08be5628602b1e40f8f822355b8e49722110164d4f6ebd6e78d508c42d3b
SHA512 b59f6da453b1f0de389cef13725e6600d661d710f6e913115101ae5524f8a43d7ae594a881de5e4d2a0e7193fb5d52b277a461b01f2d4a2b99e51701ebfd4d6d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\datareporting\glean\db\data.safe.bin

MD5 b89d69f3f1302d96b4d3b9d62be9d49e
SHA1 a0f45247746d259721eea3f02cfd6c202ed95d71
SHA256 1e97d2684224f289846776dceb2d090d6c421db91c7622f991eefecd9aaf63e2
SHA512 0f2506a5af4f0c56431273235077aec054b5257ea3f95b7a95cf84f35de5209ae50a8efb2799950d0bc6d8e5b596955f340530b9ccc7e17b3cb48b0542430198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 12073af823007ae20c7b3a14b70da94e
SHA1 6f38b90eb5ecd0ce2f3ecdbe9f18d7412e5298ce
SHA256 d00f5c773ce637e3514f0c74ef1d1ff11a371cc5be323fbef17acd3835e3c6e6
SHA512 91df4bf86a99a79e9e60f2db6a1107af73fafa273c9910adca1e804f63ee81970f5683b460e85c56fbab8230cd8d44e55c294b2cdd17f5ec61a31e900c3b9c38

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\prefs.js

MD5 6cb8b0855f610c1c27f38e45453a4639
SHA1 16475cdb53c39d9d156e17185335031e3f2d96a6
SHA256 55952e6896b5bd5d15c54a8a1fb33311394b015def823927019298facfcb5fb7
SHA512 14f41fb8a3d463308a94347ac18c3d1be5c90a20799de97b8aaa003ff2c8286904364a600a063315760e4374a911eedd8407488b3078680dd952d835bec47328

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\1FB8507A6BAFF5BC8F514F29C6A248BD2A621CFA

MD5 210b8bd3dfc2268c249de007fcd0724b
SHA1 eb3ea6d4b3f83a86bcefbf5be1664ecde8585875
SHA256 dba8838f124bcf6c97b92fed239241cdaa2b3a6998cc8d1a5d4d8970e944346e
SHA512 bc156fb3499c0d685022e192e398268ffba3a1e8b730f76c98a63190ba30dc90769772d0c63f4b013d6280da6515b3423f5baf184874ee660e943acdca46de7c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 8aa70e43df6850a3057a8da2acaa7fac
SHA1 7c63539a352f4d5244ca1ee8a3870b103de27376
SHA256 867d8b19941a76166858f10526f3e574b7bf20658e8f4d8347e59e5517e0bb41
SHA512 318a996bed4670b49c5e7bee80ffbb9e46a4ae39ce1d5facaddb84dceb73bde71bc9ce7baaab79672056ee5693432ac5b1e2de179fa86152207ac8ff3f957082

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\011FB7291E053C941FD9E5081CBE9C7929562267

MD5 200d621da7cce8a0e2194ace0a9d0d94
SHA1 515d28290ef288d4e6d6c84cf4220a48e055643a
SHA256 b2ad5072d9011241400189e039abfc88a4de021286f256879a25e81af036dc14
SHA512 1f8b1430534e03c9b056e206310ca7a674eba50d245296c10e69f41775a667c2f848cf8241370e628e66deea361e17d26aaf121540bb9da16a1dee121b5231a6

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\FC3B32758B82C62C19A330ECF66C0834274CB456

MD5 a16a7db5b638db07cfded4847aace2e1
SHA1 acd2d0c5f8c48438671e8c530d6e057c1fcf2c93
SHA256 d7086d62d6d8e733c5729d7aedf9fc093ff22bf475d9c8289df8e436ba404dbd
SHA512 da2a286b9259284c445a857d7f303e80f86e45378a294e641d273c40e70c60dd4122f2ee57f45ad0717cc6a28d9e333fcf2c8f0d3cee1b874520f11a2e83d38a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 d15ed1960d420dba8ffde9a6d5808cff
SHA1 70f6731ca29d64cf3f921144635ddb471dda9c59
SHA256 54cca614e542204d4646dbac97a934d2cebeb53d37bedf7ac67fd1900c595662
SHA512 97defd91cdb55cc4dee5604410e04153b6a24d46fea71fd828c0422310297842834bcafb703d87b1c0a5c053c890d77f054aad6a81dc0105b0b3fea22d4e2c7d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57606f.TMP

MD5 147ff838efe80945b672ed073c9f9319
SHA1 260df0929a7209ab3e3877351f96b02422ddaff7
SHA256 73a01152b3d299b02fd4fff264961863e80e72978de6656eba95d184cb14853e
SHA512 28517c27a6bccd4937b599d0d4508e03a00b640c48de8a88107d6cbe12d83042fbc489872260b755a0a6cd66cc8930c470a3ef530846ca99176d93a2304a888f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\sessionstore-backups\recovery.jsonlz4

MD5 14114d1d0c571ca556327e30d29f9bcb
SHA1 b21e2580c0ee92cd84ae3a18ccff46c5ce9aa147
SHA256 debafbdcf3daf7091b027e2fba74ed4d99315dfeaa6479ffe5b3ead4c80295e3
SHA512 2c5261d7a57a9422bbdf18d07010fca34a7ef159952757f037cb95122c2745f8ab5c3de1b09f69d9e524b03787e858b19d18ea2e559f922f5856cc8def535579

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\103C7951EAC6E8B508FE2AFE0F8CADF80E5FF3EA

MD5 052210c65e470dde8299cca0c2eaa27c
SHA1 dcbb6391b1d1fb06e724cc71ef26f543f4962d7b
SHA256 8cccbfa9c67ed7c70ab5a0d6e125612c032dccb2850a5bb782252e15e423ff2e
SHA512 47e1dc3f373539a10ac75e8b53f51a9f17df5ae9abf0eb61d784a2d075ff098770458d852f62029121459063ac9e39bcdeacb02af8088e3d63e9f6a268dd98a8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\5E102989397872F912C77B1749BCC00D4C8933D4

MD5 98809b96ef71749299eb1df5bb940af3
SHA1 9319116ad2673bb83b2f45c24f1348f98801f8eb
SHA256 546bac2abcecd7d6deefd5dda26cab0fa83e4e45067b6ad6b5aeed6d8ab8c4f2
SHA512 ceab8c9319b66dd1a9fbc3990331a648c942723b5c853ff8c0d9032d2557572c574c1a3f2076623ee1b91c5c7ba1d7da47129a4eaedc67cd089c36a474d11421

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\8031D32F3350E9F73C6C0D09E0233FCF3F4DDDB8

MD5 bd7c2305065f514ae2d9c1af68753478
SHA1 d8fa1e756368e985f5e838580f4b8ca71b8dae0d
SHA256 b72d712f2262d88c78c311cfdf0276d57717b81cfc12617fe40b95057438ba7a
SHA512 5e95916710dd8b9acbbcd699e67500f7879f93cf6ed3b0ab282fcf7946e3559a0e336b4903d207be4b0cd8ec92ab0c31444ac7f7651845849735b6d20e0447fc

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\prefs-1.js

MD5 89d45fb31f0bba0f7bc26d15eece7325
SHA1 45e62b2b6928b497924af2afc8c0ac8166fed11f
SHA256 9ed4948c5742051a5717e09ad7a8565f58c8173e9253a2053d1155df72c99455
SHA512 ceef122bff07c0aaa88deffcd6cb132f4c7cbf7819bc27721b655e3f38bac4b4049a6023a41b22bf57a6979aba3a09f45c8807c82936fb40ece3eb627adb118d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 91f9789e26fa5627985b70e717da010e
SHA1 ce3ec8cb8d5eeb7465d117a1c516446e54d94081
SHA256 2802b2af82fe151702a1f1341809d85a807cddfab58ce9a4150f5df199e877b3
SHA512 3ebd06168c59d04e467bee1c629c6d21237965f662d4469f81f534a605b815926de662bf3d99ca9f77b9c966dd84538a3c785ad8c4dfca247dd5693e8db4b171

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 45ced2ab36997f9bf1a3e54bd06998b3
SHA1 35a719d549959520519eb19f822fd781076bb114
SHA256 f6e4584213a9676a54ed9a812ff38f42b9fe50f305ef6b66762e63a18a9b5743
SHA512 28039add7effb98c316d976dcbff6d883d40b9e5520024a0d9d7d88669148780c22afa54233f66b925299db9df54ab1b3aa600b5eeb463ca8e4e08f3a064cd95

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 3db572d4bcbdd77f684ba0f31d40b1a6
SHA1 b7f3213cd3b9cac20be66f9f3e366f5903450275
SHA256 c34f7f99127aab0a97d869c9a42e4fa39a1403c913eee70ec7b44ddda497aa50
SHA512 074785ac90b3dba813d31426a002cf4aee6f30c7a52dd7771a41bcacf3ac04e69658f52ccd582220c824ff8c28658f45bb89280ee77a533d519d21265bdf237e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a2cdd93d8a8f3a56dca259230084331c
SHA1 074fbb806a03586731fb8ad24338195ef48e53f5
SHA256 8099f219d0623211ce92a03d4cdd6ec5631187a64f9f1f19de73f222bc229924
SHA512 8d70e787652ebcbf991f960433e119f8a9ac8cf6e77af2193fe95296b84402404a73a4dc2733f053e0661c5c7236559e47cfb215d0db8f90eb134197c9a97da8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 1b1b142e24215f033793d1311e24f6e6
SHA1 74e23cffbf03f3f0c430e6f4481e740c55a48587
SHA256 3dca3ec65d1f4109c6b66a1a47b2477afaf8d15306a523f297283da0eccbe8b1
SHA512 a569385710e3a0dc0d6366476c457927a847a2b2298c839e423c485f7dcce2468a58d20133f6dc81913056fb579957e67f63cf1e20b910d61816210447cd1f1f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

MD5 00e4719e921c916759eaaeb965fb9b6e
SHA1 f0e7c979c0a1e85ac78d9dd231502fb425b18cd0
SHA256 5026526565cff03c7fac8772152e339d2161d8b473c2be9f2bd85937a47aa6d8
SHA512 b67fdeaad9acbe718c8713b6c4ce3dc7c4d76726f94febc6539d245e47b8893c744c338d6c2b18c5cad99e9d0141d1ce514e53d67dbc8d1d825e5eb08c5a5781

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

MD5 769287d0597f2baa517207a337bf038f
SHA1 3db7e68e2009f19907d2287caebf99eec0b8287b
SHA256 5e930a1c171d4599bb6daaf71ac52b2b50eb0f15e1ac08c0ba651fb27dd06b0d
SHA512 f504f98bc5550d19e1fb186fe35c0c9d67411259ea37e87404d503af6c04b3a6724959499f2be17ef753fed53bf892f0c27f6dc11ded18a7d22eb6e3c28d7d3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

MD5 26009145d15eb91da5fcdc138770618b
SHA1 17c5dff4b9fc5e5a98f93cdf35ceb5ffa4c2f8e2
SHA256 85cd6bf80a72139a65e56632c333d648f0ebcd9bd8c1fd526557949f93ad7e8b
SHA512 187744cfdcf34bb94c50e175873a35e48a937ca816e6cea13870698e00b4edcbecb2a17f79e5f5f0980de4e0f7fe02327ad4917a10839c4e69bde5b791979696

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\A858259C15269B8488E8006F0D0609FF19960C81

MD5 d5ab6f0d868822b5705edeec6936ce4a
SHA1 2b102f785eb3987a0a78cd8ac309f1cefd55cc33
SHA256 40fd8a69960308fad33b851aa9faf504fcb09c9aaff2c17215d2ca501a9d29fa
SHA512 60e13ac73f53a2842f0bee9f532c8a12bdc9b099cd374c00d9bd8733933a1726868a53a4d4d4006544c53f6145225202ee997fab890f737d597eadfa696a6833

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ed6f09175d768f74fb98224b58580ac8
SHA1 d38fe004d137a697b04df6d85c11cb24705bbd5e
SHA256 637c68784e882e12bccc6c159be6215242fa0abe8f95164a3f4bb0a3925bd6ed
SHA512 101dab9bb59def341d257be802a8e5d3bf25d2f0b1fdad36e8c94026b486c99d38e8953fcad944db6680ba3724bcc80c4152de9907d1c42a634af3f4a3749c3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

MD5 2b9776807df1c30ef66c45ef60237487
SHA1 17e925fab39688d0d907687da86f566e283ee63b
SHA256 58a7c2031d7dbf5bda9614b64123996aa3bfcb5a783f901145baf087066c04a8
SHA512 e67162fb491ca513627e9fcb69a5db19a15129856ea3d01c2f0b5add061811bc5a0d4b6d8e53e4d7fe155b3bdf4a786cff697df5165368616589b411f8fafcf7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 dc3b8c50e8c0eb3efdb4f61a11b07f95
SHA1 d0ff754f54871d9d06fda35d7ed84a396473cbe2
SHA256 fa158e2b238e5515c36f41e294701218c9b1c9908aba7382469b4a82820c9b35
SHA512 50c7bf882fe3e7e42078ca3c2b720ce87d450fcd4263f984e47a126d914cdb314ee6f1920ca22e196e9487df4d8a863a66c4590565b9d7f8ff7aba25e40c1b2d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8d65d193a9fa17a2cfb1eb2e03e0d042
SHA1 d981c0dea83a4f2f01d1fd8d4fcfbdc54c1a26a9
SHA256 9abe36c16eb09c72c8647a8c6f1b533da253d271f24b0635a5c9eb766af8c1a8
SHA512 4edd7ce31abc069d7845cf59580a4267a7c3126466c372013fa5d0e908190bec590d684a3661484899fe547b6c368735632f295cdeeae8f9652e78928861abf4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 468f56c49e928f7324bb12c425b1028f
SHA1 e62a69dce5978ebc31f113e66c8a298cd812192e
SHA256 281f7992219e8282dcc55a27a46c7b7391381f3b17e23bfd859804051ba46228
SHA512 ae9a65b88d3c9868245d161547f4759b58c16935a50c3e0b4c17d966b302ef7253c66539b14c6897f2eaf53da75848ded6c7c4086cb48f2a2d6b9eddab45209b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

MD5 95b4805836c6d43c683adbcce74f6ae6
SHA1 455ea152e5e6fe6f462b337a431333e18d814396
SHA256 1501f48d09b189e7f0214954ea507925fcd0ba80cd8ca2ad1bcccdbaad9072e1
SHA512 ce96567484ba89afa0777a5780c853f1f3d1a0e75ce6aeb72ee3acaf778b62e528026748d19d3b8ac2e04e79c50998bf2260f2514ff5c053fc0ae278fffead1b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

MD5 13466d8d20e89e35959827032e6d6a51
SHA1 e91eb48272d4eee7980247632c0c4890e1cfd970
SHA256 f1ce9f1e895d734c880328ab669716ab286e3ef107f1cb1fa54cf4a66d35ea2e
SHA512 0896cc5024a70bca78a920b54fb7c63cc147b64188d35454bb5e45b7ede3b859c6b760935971e69012a04b22e208fa4ad0f0e663895fe9a567ad296be19ece67

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 982a868f8e838477ce4dbcc61a1f1849
SHA1 65354d8e13a3de7d3e5b00e2e729838774f3715c
SHA256 f573fe49dd43a383adc31695aee816599d21b366f9fe7a539d916cb96b4fbe89
SHA512 f21e5ef9f98790f786eb12f94a01892bf7780a6022cfcb1637d0660b03c81abbe1c1c3c57e373727d7fbe046f798dcc5b0b46a36516f49c294944378de7215d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

MD5 426d8e217829ed1343ae4a592b79f6c5
SHA1 e444f83ed8524ce6862cb85e6a587215a2a8415e
SHA256 0ad7610390db0e850386726817f3755424106fa3eeb3a4a9addf7b0ae101d98e
SHA512 d9b5820223b2386a3deb57d46d7087591a39d14c8c179bc7f402c65b2f54254e006d4184172412823efa0ebd20e64a81515aefff39d65db307698cbbab8b2d93

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

MD5 a6a6429d6a40d519b8302ba85468bd5e
SHA1 8ba0bd85761c7fd2efdd2cd79c95644c6fe17976
SHA256 c307d54fcee53c212a0521ac00f1d0fa08fb0d0ad8a7e1211add81b2b6cca4be
SHA512 693e4c4ed5fd047b06f33a592a69575d3db3ff5fc2cc7645bc06d6af42765d053121fb524b8dbdc5e41a9f72305b84a4a0dc996424961aee3dc0f5272572869d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

MD5 4e786492c677f64e5a7b174003634f04
SHA1 9e8e95b8eb5b095ab28f40b191964c3cd209b295
SHA256 85eb24ed83570c11e6988d1988f8786456f39e7910ed64bb85b48f530462fbcb
SHA512 f6a885b4696c701acb30f5e741519ee3ccb354940f94ca3d7c718a7c156e137f7ddc93a1ef76facd1c6e87fa116df56b619c58932a0aa472971a2b938a61bc63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

MD5 82f1abb198df1f61f16606e55330f21c
SHA1 b6428a279be448da73792d52058601705871d78b
SHA256 fa54b15b2150d4ba39ae61143f402a518c9468f7da08361d492dd02ffbeed559
SHA512 27515c9734950bdfa6fe5490156123852dbdc22938fdfcfba131cd463842ce57594fec4fbdadd2016b12643acc132ee6b36dd283bedad36b94a65ad66a77a4c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

MD5 d28a8b2a61482fffe479ec9daad82b2a
SHA1 d63bebbd4f05ad58b31dca7f676b2ada83570c35
SHA256 a790e45c7a6149b4a0289159f413027eb763b78ab9448f7039dd953357460ed4
SHA512 edf84a59f7fbe1b80b43f07412895980347dda2e44f3cc04252cdfc3676925de593099164f2bc3fc999ef8a84fec5b803f5d6c37cbdcf159d7173a34b11f31b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 677fb61bef5fa1202a8f0523e4782887
SHA1 eebbb0cc2335618d37e61f73e957a107e4b2366c
SHA256 94f3cdddd62891402d55c6fceb813dab275d542ef664fa1a234bf0e0ce1d20db
SHA512 7c253d05f3aa6cd06d5ea5adde3cfc72f3d89aa19a161bfdf28744fe144f08f58bbed14f446b6c3b4aeae11b65c2ed6ea120a46546040ce7d76cbf173d3051e0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 2e96b7bbdb67a1a420ec12060c1b0007
SHA1 544759e538c9127088e38e40dc24860fde5c9686
SHA256 a66af698fb773ba7da889e9237b15e02a67535447a3606ae293080514ee7be48
SHA512 d12c6a52462478e4685749fc313d247be1f39ef62e7013c816dc585ca33618a7323d0247c9d9e264c5679aff79bf934e8d6e0876bafa23237a97dff75a97061d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe579a2d.TMP

MD5 e5650383c2aca4f51e85d4aafaa3a9c9
SHA1 35192ee1c205d5514ce4172152dcd4fba508012d
SHA256 6ec8cdbef59767150050c7013433965773c86dc166f5622f42743a992af3e4c2
SHA512 185c1775f790ff0eb96bc1a93dcdcb4978f1eb48ff8103c68bdb16081a79db417a0f473761c8480a26831e0a0859b036f9648f4f67c1e66f3b1207f8b5eed43f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a6c9430a-162a-472f-94c6-fddde34fcd07\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 d0549fe9921f066772cba2858f9155a0
SHA1 eb6c44a5ac7078c4e1f10eb3b1f5fc0992ae2419
SHA256 c472dc833d324d6ae706dd8881e9249e5ec3d429ec93db0a5c036b25cf7909ad
SHA512 8bdb79b8ec76ed41e1a2d65c4b50848c5b1ab768cc12d8f29b21b0714b96309a5b6dc5ceeb6c7295c1af2ade08f034fa464bf6a5e599a6b24ef10ddf9280b345

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

MD5 1ccfec0095eafbfadaed6121bba85a50
SHA1 42138a9ad0f9100933ae9771a0570b388886130f
SHA256 233c7744c658121611b9a44ee51a360c515567f912caa14a0c23d330ca1156d4
SHA512 e707689cf462b6f89cb6d91acdf69ad1de4e15698688cc2697affb9a2ba1b1f45d12835d9fd76203f4d17265b10b4e3ee490e9f86514ce648978115a035afc27

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

MD5 40565ae77bdd56c5065c3040f299cbd3
SHA1 326505677956a0caa2d8c422b300e510a0c44099
SHA256 a366a1cec37da47e00204083349df8c8ab365b666391bad9298ffeb692539ad7
SHA512 630930aff08acd9b76e3267597fbcd35cc74f4faf0180d8b164896b8ea0fa487f92cd054f0ba3382dfcfafd8a29d7b202ba4c291c6be3f2900cc4f64963d62c8

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\sessionstore-backups\recovery.jsonlz4

MD5 48671443b38c0cbb6fc7ddcd27d73b3b
SHA1 fee83d1478ede2ad1f9db1ce0f29d526660cbece
SHA256 1d16687d867f873285db1de17744f8e2c0286efa04b76ab6a4dafd7fe857cc50
SHA512 e48a1354b1c6316e92b37927d4d9a876b5c9a6b864bc0ea784b163e972a0704dc002fe7d09eb61f9d427bd871764958c89774b109d3a240cdaa4c9ad22668e22

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f

MD5 b09800abba264700a099ffc8280a30ed
SHA1 e7b45cb04557361f4736a7bd63533d87ca9ed3d2
SHA256 3d568a4aac6779408397cdb5aad0071805fdb1b9fc848058bd757271c3f5c8d9
SHA512 fff412f8c8ab5fc5e097a1f9a4040f68863625e96f11923aa4dbe8f65991db90bb2aa1e8d50a85a276edccbc370b8ed6baad08ec90c59c147c152a4e6f91de21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

MD5 d0a0970d29af305d4d11e05ba24c3e02
SHA1 6f8793f5cec978fcdccd8754875def10cff84bb2
SHA256 12df618354a6a611ccf70f07f89dd394d3c7775e5c54a00e0d8ddf83115a0b86
SHA512 afc00cdc3ff0d376f84aa5bee355abf4c799cb47dcdf8faabcb91328d10564c598b9f1c76089ebabfa1684455860090eadd4418d2beb636c0406d3d87a3ea04a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 0d1f54a88395e35fa11b8e30cfc4a188
SHA1 011d14bba978872ee81a9e499347f2b67dda722b
SHA256 82c462d658e46b63a7c392c3f1fedc368265ca9b906d491b968d0f1484423a7e
SHA512 7ec86e08a13ab274dd45df37ff243e1bdf1b53ecf6fcd75a86afef26a7937a5fa607e031dab5fd860ce2d389540a0f8721d61d0f89e1b6a9c451acb930259cbf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 e1b5ead06d382aa022079af323e42c08
SHA1 fa8f6b6b1e0d489f5a5a02ec91d6a3dc7242eb1d
SHA256 198614a03c34546c80a8097da2d039348f8372cb2e7c4fcf3317dc33b78c2848
SHA512 79d91ee04e8da3c00a299386718a21298202f066e2006f77d3d9a25d607de1712fa3e96c4767ed376d4b8603a9c51e604e779947d5eb154df7c0349cf40b516e

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 170c617c6dd285b2201d24b80f6f8a63
SHA1 814f9e94022369195edf4976943f2e71dba77510
SHA256 6aa6a7f8696822a079053a040e0a6a58fea68dc1f143264987949e18f9c34b7c
SHA512 5ff28c462da3566e92ecbfb5a3ccbda8b213d8defc804f4cbb685bc3a31cd8e7d5d88e4825875f331365c2bceaaaed8d02bc2172805aea0f0df7c1ed7c634aea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57acca.TMP

MD5 3714cd13900fb05dc8379e9d84dada82
SHA1 e4485b9a53d0af5647b55791267860e3c01d6590
SHA256 17cd95ec6031abbde3252b554ce0f2d3f9bafa7b13851a2192d0b6b95807346f
SHA512 bb97b298d01e84a05acc79f09aa1705f6bc6d34f535b73a8651ded5c3ea7382301d7dc58a436c83536b09cee322621f74b18741e5b257e8d2a47a8e6d61d52d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6ed5acdee64312785451b9ef89fe12f9
SHA1 641a7b1d044986250d6b598a355fa1105a2de420
SHA256 c6661086ad2ae8649ef1022268252324f2749189a4f0060fe9c92dfcd005bbb8
SHA512 115a04e97e3fd0fe3bf77ef8323d6f97f5ab05cbb2ebff5768325ee08956dee53fda99b6ce1536020cecdaf32ce2282d05c450dd861eeea3bbcc1f4fcb3502df

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\prefs-1.js

MD5 db57a1d8fe6c9f4ce4e77009fe40d645
SHA1 3e7ba8c8b2a0b181a2cc192d313e67ba60f42690
SHA256 e9e4c0d1c0c4932ad84ec672fa1920d8f3b6f00c95c1094606583e74a86acb6f
SHA512 9ae47931cb1a6beec02a06bc777b073b139c30906d56570565b2c189328de4c50bc925fbfd9b7deee71b98dac6d5e56f7264f1535240028404423027df9e2c99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 409e76e6c29e200121fedab86fc0440a
SHA1 6a11f4ad1c3f3da139057d370050df1f492168b8
SHA256 3c0584b4c06959e3edd000806a8a0efb01d4de737cfafeb71398be16566fb18b
SHA512 4bd233ffb4b10b96a5465ca9fdc6a9fc78bab3f12f465d4c8faa0776d273065faeae63994caa36ddf8fcf929c94e8593ceea11d535362b5315a41d834852e343

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 32d3afca877216bc3019261dd9f88922
SHA1 d0d67b304966f979482ee1f52f9332c188ea2d72
SHA256 bac028ae171d1fcecf9aead3c253e0863bcf7020353176bd530c7643a9bd6bdc
SHA512 a89eef4cec3e2b9b7479285d0c94c9cef2704e632831efaaada9586e90c537c81ea2b77a1d165d5c1572a70649f14790aed6319a56814acb9dacc04ab66b2f72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 1394c1a4d87b9d7c3e1e533b45d5f677
SHA1 1813e60ca1193d87613aae26f7e8f677c0350238
SHA256 c38429a4565092b1aec85267181152bc796087a6c5f0eb7e01e97c40d47d5bda
SHA512 26523dea0d22f78db56cc5f05e9339147bf9dc006644f0a653500e38807d0abe2e0b70709950728b4892b696e59640e6cea433983f33d8a18c43be71e3b39d48

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 6a95500d925fa2c5ac58a7a61c1c82a7
SHA1 1ef4b9113b565969991123784d5cf391d31b12c7
SHA256 c5f89c47463a37f6033da5995b2124dbdb3459fa6f52164e43d48a45e8276d5f
SHA512 2bb521f65c0039d922071cf20ea044d6620ffd2257644e09bc8dbcbc250382eccf94bfb388dee2220b260020f825c682c3114312bd3f3c340d0987b2d891c82f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57b3ee.TMP

MD5 9e6583e7b2582575b4a7718ef04c1bef
SHA1 2630ddfa1e64b42579bad64fee61af3de804b678
SHA256 99966405edff08292012a3e102070aab97b6b63debaa81e7b63a660ff0957ad0
SHA512 6da746587ed8eeb8cff483fd01c48866ebba1a1b1926166f506ab65d0ab783f25a7f2fc911abc7e00816e198e73aa190c92e9de5d18159bf269f4fe323ebe061

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 c9be987d9ea0464700069a67ed425fb7
SHA1 72f6b0581a4301d62961d1a63d805716de8413d7
SHA256 6e45655c67771262e9625abf3dc60362acbbc49c1ee66be14d62d8596ae82111
SHA512 7197bc091acacace0dde0c98dcbbeb5da2951dbb6b9b762076adb53c2c7e4f85c73c8a141947f68c80b005735dcd7aa7b3dbbfcdd366be4db09ad550f37dd8b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old~RFe57b517.TMP

MD5 0b5f62a091345de3bf3af38e9ebe7e65
SHA1 900738ffe0527610d97d92b173e582fe906ad87e
SHA256 ffbedc1eb92fd738244ce10ed5f1a68a2f39f3a3f1ebbd46654f2a5a33d296b3
SHA512 2fe946639c6051c3b0de3ee36185032c3ad7269a65e434b14138047c4dc2a386b61965f48b4ce1127ed9b184430404dddc8990fb72eb8a33be89f28c7000d795

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\default\https+++www.youtube.com\cache\morgue\191\{7743e379-d6e2-4b24-8a13-3318a16429bf}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\default\https+++www.youtube.com\idb\1478466679yCt7-%iCt7-%r8eesdpeo.sqlite

MD5 e063af4a99b7b973074c70efa6b2fe36
SHA1 162018ea18ec329e94df5cc536590878ff22b551
SHA256 b5267682a321bcc4979792f3e5c2ff50c3603ebfe3bc649c81b8c874cee0466e
SHA512 de32397c1d7fdd5b3d4bc9b1e51d2b176d2d625f2140e48062674cfe059813f8cf6387da6ea89459243bc75febebe2fb2389664efc5ad24cd60a84df778a60a5

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\599ED0EF31CAD4FEF69926D3A322C3A0364B4B00

MD5 a76d44edc2ae431657d27cc5c23e76bf
SHA1 a3f3f1f5e570f7676683eb209d5f27e9b847caa0
SHA256 541d74017c497ae14bb36c9a939b33c81ac98df03eddd7920be3cf9021b82d1a
SHA512 2489a8c2165ceca8d730a5e5a77cca9223e42eeb9bdc4755fec5753f78e36b53c3841135153884698fe9153c7041e4999a38436dc9822c807cfba82fa7b56ad5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 29273568c33c6690dfbb6edb329644d0
SHA1 e86963abcec135ed01f1cd9c16e2b6bdf9cb39bc
SHA256 96f2aa18b0e01e876b645b34cc247359f6486ba4cad0945c8d56ee6e747ec88b
SHA512 d564421037298d71d24e9ef2280b3dd401b1ee2fb6b299cf968ac4241c9b62c953ff6b610939a728f99424af21771a75a82cae38dceaf43af41df57075f539ff

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\prefs-1.js

MD5 4d14a65869af630f704867f0a267e12b
SHA1 f9908d6b7cfbfc6da5111943c66dfb74665e947d
SHA256 f6cb739ff91b90ce5ab08a0b7497ebb7ddf75c10760faba9ae1e555c84e235c2
SHA512 6cb048f17ff079d5b94f1155a158ebde2f055c60f9fc0524993b2882be13f041ad0c45654b8b3a5adcd4b07c1b43caa382bac266693e1fcb75f3464c4d07e9c0

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\E76FD7CD12C9FF691C8EBCE71B3F71D1A3DE1AAE

MD5 b83244a1384ea576994da0528d4089d0
SHA1 2406c518dafa7af604d35ffc502e5823a567775b
SHA256 9edd20358f0b2b41e816bc358081e9e56272b1bdd44b999184cf9b6d3f1529b1
SHA512 16d78c3344379a21b921072192b579e43e2cbacc83c7124f1734df471b0c94893c98c70a5fd0ca62701b969fc263ba0ab983699e50c1e3ee59bd9b635d8f1fdc

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\03658C4EDAC1F91F015B90400D1BEBB97C097333

MD5 0e6fa54cb4213eee099b14bee5b14268
SHA1 f4e26eeabedac5f2a2fb0ffde1d791054acd4096
SHA256 3dbaca5dbbbba29738a24f9a828a8160137149311f8561ba4265891f9f963f8c
SHA512 7d816db48f36f1a7c6660ee35f523e74e7847b359277ac2c58d1985e9b2a9ac0d06ec30fb623a9d413cf7484e069046b7f0ca850f6d07cccee2e58d3865ad031

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\59d790d8-8a32-49d1-ac4b-0eab6252d747\index-dir\the-real-index

MD5 e532e90b2fe22b5f9423eaa2cb3306bd
SHA1 5202839fda70d3389b8b122b80e995df28ca7066
SHA256 49bdf2324757d78c094879c3a9eaf5be758e774dc299da6c05b146386e63b40b
SHA512 d003bf60abd32a6d052719469e209d18673780872fc9d8c56bdafd1d932ef3493681fad16f0b51b42ea3352226b5f7eebde44d5feac70d0099db95a6d2511e35

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\59d790d8-8a32-49d1-ac4b-0eab6252d747\index-dir\the-real-index~RFe57d6e7.TMP

MD5 6841d1b81dc56b71c4b5bef97335f96e
SHA1 73b3df77beb4caf35e2a670de3526b58a4ba27e6
SHA256 df1d8f96158d5ff776f85411df949ded5b539a1eb322e0123ec417d9c4f5c240
SHA512 989b5d506b02387126f6b63702426140c0301a00870d88f37b7b13d6e9f87a5b34c49f006de34847519d3be4af245b96bc610651151db9ae85233ea0b15d5bd7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\sessionstore-backups\recovery.jsonlz4

MD5 f2affe52e85b001bc76088715b3762c3
SHA1 31ca46b01a6c7bd203cd9bc5ed6a17e0f7a4c37e
SHA256 3dff287a1f0fede697afa93e8e3af2436e9fedd6b96a28e6a5a5b636f2770609
SHA512 b13637fa7039badfcc971362c446ce5316416dc453e256ccdccb0945deed5fcd145934e73e99b532160977c5e88981e4678120a542da7ab5a8a5da48c8fdf647

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\683CA43433CEFCC5CC18B5213DE25553D89C3D65

MD5 f90d93f19544c54fefa58a309638fab3
SHA1 aeab68dd4e52d1c635b9bc3aa88f1abb7bd369de
SHA256 ba46833296b6da4329e406cef430f383224cdf81b4ad6b647f87499baf54db76
SHA512 718e0fc38b00bf9d4d8ff33f207acef1da1832ad002744be931f8b3ccd515b721f54f5208ef4ae30d1b6dbd4edebae3ff6da5bf325bbd5af3fe708ba483a203e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\BF82884BFDEB030A321F706507399E7727CD350D

MD5 e7fe0caac3bb11aa3572bddae20fb712
SHA1 33b9863759eab675fb878ed63bdb3cd3f61c96ce
SHA256 a74e077eb50a9b48d1463b1880933435feb3b1cbb6ddb630371d6f51d5a9acdb
SHA512 f94628c7bd0f6d11a6df18afa65d945ae0bb925c08ee8ef93b4a2838363600f14fbf399961ae0b8bc10c55c53944e317479ce6f85be90f64f001ac8e3c8dcf38

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 b5309f3dfac42d557f4404e0a79d411a
SHA1 0d849f03fc38aa5a0d887bb973b4d821cc999584
SHA256 4bde4c44513405d9f915f0115f548523aa36ece7da7c0d558ff1c8564ba56e21
SHA512 c1ae3c342a54a246f0c4d696f388ac0aa53cacfcfcdca9e175146ae21de4202e713dbb508619e6fb5ce695963d21ce5d9895c329714524d78ec3a4e4268f7a86

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\E3BE7E4E391798709F59E4B2A0E9457EDE4CC9A7

MD5 aec85620e486b5b3e2dbb7d67518dc6a
SHA1 221e4cc973e2a18877447a8c8835f07ce14072d9
SHA256 11259ad547302ec44259211823df4422b99ee86ba42754ed080325f8ec9bc453
SHA512 d2f3119f8b1cd2c056085da8c58e3ef80dd521b264aa464b81b0fb172abf9afd5f110d0dc1439e07122fe6c21a4b22c7b80280bd55d01fb0a257ef30084b4393

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\default\https+++www.youtube.com\cache\morgue\111\{c9a011b5-d00b-4505-b72f-98e7865fb56f}.final

MD5 45e25bb134343fe4a559478cd56f0971
SHA1 79f18ad0b7e3935c3231ced0edd8ea3c7997ca93
SHA256 dae4dd8e56ccc952312b3b238a1db294d4d7ad4f532c31cd1c2e5f9dee881678
SHA512 9b32b125c4183fe992630bc6ce9a511157959556fdce53f8264aba2aa8fb7b0e53b408b505da2cc96cdec771470927e74cba3bbd6eb71a5077e9f933cdc85292

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\default\https+++www.youtube.com\cache\morgue\78\{ccc9d2d9-0d30-4fef-9e8b-e9da9758344e}.final

MD5 5b0f165bbdb71faa1bb5b26c4f022e96
SHA1 704bbe81e0d8370e675246e1cbb347bf8599aa45
SHA256 b95a445bd9d295276e8423f1ad3fc50c740512a634f2115364217544bc87d44f
SHA512 6c521b2c55135ec98f79193bf9c62b73cfb1801cdeed03a9871878f677aacea46cae165a4290682768ca1c1192dff2e87b63c39228164d72d2c7abbe732f8d20

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\default\https+++www.youtube.com\cache\morgue\236\{5f46af98-fbc3-4f8c-a46d-ed2378eee1ec}.final

MD5 51bb0fe00991a2ae6707b3aefc583918
SHA1 21ec201ebf41ad57faaab02f7961ce5a746e6dbb
SHA256 97dc140355b2b45b54c3dab1ac66b951afae0bc742402cbc342be117f4424e0a
SHA512 41863cc0f1252366a5514dd62a06f4bba493029b8c7a35e19173b6d7f9114e7098fa35d284623b6641d28f7d7bee1ce99064987afc985dbf0354368f71f9a39b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 8bff549429a755166674691e761c4aef
SHA1 0bc925d49a0df68b01c11c6e72718ded6cc1e701
SHA256 93dde346b25e343c6affb4f6dc4db963eb20d1f4b75a50118d16981b6bb5c340
SHA512 7b95305953b112bd33cbd0853957ada3bbb80c49616892977c89e31842c0caea280044dc4dc431c3b56d518ec92e9f9765ba71e0219b8cfb73f4d59129c25151

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57ea6f.TMP

MD5 89e9a654fd12a28bd5ad24cc3060ce32
SHA1 bf2e71efa845fe41cf2ea6bb4aaf306f7f9d4ae7
SHA256 f544d0ef150b8c8f44d8ba7cc82cd6bde41c9f299c616ffd621ed2e84926431b
SHA512 953344f9846074d382848e8c28b966fd5f4d6510ae5f4d8b7401e3594b202c654057093c8f7d89a56fec9895583df03e40a2169386bee04dc81f5dbd97480f64

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9dd1bb209f8be4cbe96a25c7a200c05a
SHA1 4771803a82baa4aed2966cbf38eb0faa0223230d
SHA256 822153d8d02922a14c1b3073ccac05a2db53366c71e3979568e50ee2e0d2576d
SHA512 7d765cf2bd1208b30994e8f59c65c0e0ae9f25f210b997ff549c8154f3e2173735fd4e6b1a5eba7b96f27fee6d13e5d7cb8ec105a1d88c57782517f4dd352c97

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 83c4d097133b198a1e20a96d5ea4b9a9
SHA1 e0a477050c33372dfed35da6fe90d765e73de7ca
SHA256 64d2d0c919596258e79d2fd81bdae3626d9f28dbf013435ce2c0399e605b5db2
SHA512 d407555c837578db7417b6b92d6dcfd591724be3c5fc49ee3d18f647b06df908bdacd5762f2f6eb768e0ca585d2160cde75c09732cbe8a4d8dabbca4f2688204

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 16d8b7eaad7a0563b4cfd4eb02bdc78f
SHA1 dbf16b057e7946a683ab8ed19a91f385495c35d8
SHA256 b27385b283364716faff7fba22fbaab27d10a2444f08f26ec8738fe6eede1ee9
SHA512 55eb15486b82d6508b7a7d5c4f10db8b90107f108880fe9278212f0a79ec06fb38d26b7189d7c713a987bc025cd3eeae743cef691d47654e57f4722a5d753a66

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 3d0918111da1116dcd93ce0f182f1b11
SHA1 cfecd24edd430befda34a3a5d355b2fbea27ddd7
SHA256 6d6ce9298e986ea95907abf7f37dac02ff8518766aca4b9de9e99f55390c6904
SHA512 ece3bb1082365b7b0c60fa7c4ca42c99dbd819e5daf39ec86b8e60d738d5935ca37f3e13b4538b64665119f4716c5c92693f3c15cae66b222e0889d9e723a2c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 115aeb1ca6bbc6add6626d0d03633dd8
SHA1 c076aa8f0b0fa0e582a186ad6dfd97d571e6ea73
SHA256 cd4816e269979b2e3b05b615bf067cf7e81c3ee1644631162e31e7998f9a8b70
SHA512 043e63ae6808e9847c5651bb4136a53162d986701a054cfff4ca3da29113f6b96520295c0ed483a3453078ffdfd49c60e32850ca7e2fd4d659df34e85f967d30

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\sessionstore-backups\recovery.jsonlz4

MD5 56fb8aded6c67cca5cd07d64402fa3c1
SHA1 e0d973cbfa591b1091d132ba671fbe84ffa24e6d
SHA256 133e060532c1d313e622761da52c4c2b1d42b83df41ba0f66e9658f5c6eaa3ab
SHA512 39377a99b744d93e233c0431f2ef1ffd844dcead12e90bcf4de47b738b4069c96995ea8f19252a4465a7eda67fe92f3248443a97151992c758ab7cb52268b85b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 5b7d4a1e8ca4bce742923d4af478104d
SHA1 5c7ceb1f92860cd0b327c77a1e85daa275a5b5bb
SHA256 5cc2ced4749796ef94482fbac6e00ed4857788ffe40e609e4402a917a1ad7f93
SHA512 db9017401108b94dce63515c1496388c5da9c0254210fc785dd7ba86a09d0acf53f3eac0c38808236ab8f8efcb8adada1b38075330f321c91a7c181b7b8986e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 2c1f315bf51240a880c17f431e863c25
SHA1 ea93d96e92d825916a3997975e931680e70e6366
SHA256 a52c7dc00b2c794872a0d2612c25b70c5e160e14adae25bc7c14357595386410
SHA512 058a96401ce9eed59f8f34aabf38f72d056e9cf098e93cc7618a5ed890ae47e296784382532d095d11014e265a176a4d255cf8dde5d74071abc8ff3ab7ec6718

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1d85e436ef46be9df289ae5a0cbad527
SHA1 448a5efd0b5fa479c45ab599362dbd8cb6c1a598
SHA256 97a501beece6e804786949fb8718cabf0087a0c282ac8d6452af3816c2e787b9
SHA512 5803c467a903466e6a8db81f61a6024d346acbad28c33e122ed8ccf38c10cecc0f35a4d5c2528d78a557b9c3008c782c7ad18cbbb4a5a77d3f3c7330d7f30d01

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 364c57460062ff2c8a9f8698a59717ff
SHA1 42d508a903131b01193f463bbd47e4f3202ca2ed
SHA256 9a857b072b3e493f7eebb73f24da3be5c36828513693b7d171e43e485ded93de
SHA512 1952e9e9e13d4a946f46bf9eb116790434268869f2b1214ac9cc6b9e6d38616515aa8e1f46d888bbb69a1cf1e1bf8385559ded18c6132a53c69afcaf3641ad30

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\fa373ab5-3e3b-4ada-82ad-7f15dab843f2.tmp

MD5 df45811ec1acd50e2d30830cfc651ac8
SHA1 5e074cb7164f9f99479e61aeb9bfef2a86929b43
SHA256 f208da0c230f8da3ddd93dd3bc8d9d4a08f793569f73219656d5c3d4401d5bdb
SHA512 86f6ba8bca3527bfdd88d9e15a5273236be2141e243b8604c6ac792afbd03d4598231c9b2dd21b0a8bdd25f981990464fb2c8bdfe7fb8cb5e5720ba5256bf858

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\sessionstore-backups\recovery.jsonlz4

MD5 eed3ec9b0df51f150bfaa6c95934afc8
SHA1 bf9b3e88f806495f7cf08d6a51dd9d73a9e85a6b
SHA256 9baee4355b1695c32db259841045db00c3e5dd3a7d43a91694dd8bc9ab143f14
SHA512 f7f3de66095e8a95d471848ce791db00af1d29b34f4a44b6426e21b7b8d7f8f2e17f058a68c30687526f8ab63629fe729fb23860bf41dfbe13fdf1a30a4f0f44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 9088a0f0f067a55a642816ae56e527a5
SHA1 6aba31ccaa764346b5fea7db5508d7445cfd01c2
SHA256 0b87358a1bb65a0931145b551c204ca032c0cf7a37ceed01760c9d76b41efd2f
SHA512 82e6b514b981c48aa4456cbd8e4c7291d025bd507025e228d3e411545d273ae9152bc7a07591f118d4058868015022ae90f6af24dbcacba1dac29573d8a5565a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 adb80a19bcb7f6ce46ce2e7491792998
SHA1 197cd6878cecccd743363839c2ddadde45514494
SHA256 d8f23470d1d5b992fd8ec25a3b61a79c66be5a8567ca4dca77282972df4e1d6a
SHA512 a9e94118e29df11a1da711db171195fc06f1291a419e6f365f2f53218f74f19ed0c474d4b5af3c0abd21ee1485ee29071110cf5caeff916d55295f5c328f3ea6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 683ce2262080fa09623fb3ff0d305a6b
SHA1 1f4510223b7561f3f4805fef46ac7b1c06834351
SHA256 ba1687da8befd61031d083f099a4b1be965c2614f676237c1cac254c4ff7e7d4
SHA512 4b5af67b116fc9aaf777fa8cdba5aee2f8e44d5741808c458ffa19fa754bef2cbe991cc7ccb5573c3df5c532eafde033d2ded59d8d0e86caed6182dfee708c56

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 f3afd075f9775501ad8439a954f76582
SHA1 a72b749ee16cc6f3621cf6a7873d3c46b92b92f8
SHA256 7c35b281784a187611e3e4255cdf43c5e740de76b46fa533a1bfbe536d134b2e
SHA512 b1ff9ff44147acc44f944b4121afac9df02878481c4c482be837b89ec9634fe18d22eb4a3a997d521c85a9e04b054f146e1fae520edf2e46701d4b240d1e4bc3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 b0a812463d3d01ce147333c87e0a8059
SHA1 c6ca1d9f5d0a6434da0e23cc7b1c543c9449ff47
SHA256 b5da36521f57793be1e85ee5274d5eed09381679d7f8d89a1100bb3fb1e00925
SHA512 d42425d1070c934e77d280739afbe1588483def27336ce4c236412a5fd0bac6babc10fcad26f5779c49f4276143a473799bee435b754b8d558427f3911082ae9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 f6215c28f9182a6fbb94b6a23feeb64e
SHA1 4748ac1386ca7acef59704203a8569a6615685bd
SHA256 6e2bb34cca9241d941ec8c2ae94b33aec38d6e19fce07a7a0a5445d259fcb3ef
SHA512 dc360e947601045162804676674081d62d1e8b913c28e2a03d8d8dc21ea21399a6d2a0215555f96d7308407eec42ef36c25608285e43fff73a50895f94d88e5a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 c99a777a59701c4f44545c902c52025b
SHA1 9923bf1996527a2ce7217f2039e6738243dd418b
SHA256 1c8d6e9679e5f455f2c21337aa08e9bbf46314624becf5a2c9c3d902501569a1
SHA512 4486528940bc04b7996a70effda771d36cfa1f2ab66566dd21d01f582e0e8e7a579edca88bd748226d86816e8713797c0f0e1aa74eaec115ea91d8a9374e6357

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 ce3b11ae769d7fcdc0f7880b28c257f8
SHA1 b79d73754f0c15447dba4d44e479723409d8c74d
SHA256 3a624ca45378f1d5d9009cdfb9ecb61554abfb2a2e98f3363456e042fa5b3cce
SHA512 71eadc14f5f3aed325ca4fadab79d219f2b7734fa193738e2849aa7eae7eacdd8c114748859876a470b2dc91149fb927e0c8d34acca9d2e5c8206459552a8c9d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 8f92df952a3e6ba44b8249994524d962
SHA1 aac0cd71d9444c17efa0f9acf717a24d6aeb027c
SHA256 7597713e39ac4f9af488f45df67c59a235901a095b3f9e4ce43b460d7fc316c9
SHA512 f82b5a40b5b50c553cd07b7edfbc48e242ba9afb746a9463723a0b164742d1d8ace2ade2d74cfa460ca3d6ee99912c6e8f6af061ff0ae61e8d1a994fefd2d562

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 bf3dc91b4001ed6b563a1ea1fba0d906
SHA1 22b8b849f7509df5c2d193afc70d5ba958f363f3
SHA256 7e469eae368d9b550480b03a1549e190e273011f4fff11a657aa2d4d3b422693
SHA512 170ed929a3ce3624021f18d9f081db438b0f91e78ae191958c571756966151801bdb2d78e269887b649e620173e86a81b08ea2e716c75e9ec63577cd13bafa8e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 d88fecd5e528b3e18e2bddef9223df7f
SHA1 3234b123c718bdbcd5715c862236d490ba3ce4f5
SHA256 5a139895a9c049050c8692b23677e0c8d093afb307d69cb6b5b253f006dac5af
SHA512 e7f1798142a9d06b43687acdacb6c695ca811ded93348c4c94b2cce9549dfcd020a0dae4eb4484e3ffdf5e337e11d369b1d429d6442bb4df59f70afe00c82142

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 18b89f2b96692daca619a3a9c40439fd
SHA1 96b3c80ec6d495daae46dacc58862a5e3d71200e
SHA256 66209bf74df11e050f547b0d95709eb43641d91100f8392ec6542792f2051095
SHA512 befd8314c70ace541014d4bc8b4be937e4740e7955a3c6138c011449bcbac186d3f93fe88a76fcb9f552a6baf4f9723892b4f8c3d6045baca2021bd0d49e8509

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 efe1f86c9241cc8f9074f39b2e29b25d
SHA1 f24417af32c92450be49918143f30eafb37b9cd7
SHA256 4ff1458a855006afa8f80d7ccccff257a7c3eee8428b6aae31773b58dc0cc714
SHA512 e7319c006999df0befbbfe51161cd12db72949dacf68b078c834df595aa07e49ad0164728d6a2884701aa64ddf67e7767d1357a67cdc0d2d3367c850a5ec8817

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0b8c025a6aa41f564eeef85720444329
SHA1 f787cbeeb997acc4f662b7ebc98b040b34382d16
SHA256 6afeecc8c0e0ea03f1610bd10a62f37bd8d9fdf1fe2776b852ea6adca9d7e373
SHA512 7e8a1ba074197e19b87b102f32698efc49ecde833fa6fc3a2fd9f28ac8786ed0857249cbc3301bce83e80e3546e96fca0ea93bf68ee5307e634939ce77ccab61

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 dd8223eba0db0702d97f64199cee3125
SHA1 af268fa6cacbf352d7e2cd93f61f06793992abdc
SHA256 fb289f0c993de59250ed362e553aa446d819d415880e7d6a8d9b7cf10bce3366
SHA512 854f05a6f60e68721bb3e9875a289c696a32fcdda8da42bf92051b27b7bb72efe0aff7d919d35bae11b6c4a86e46ee265d560e8860199ff1cd7ed5751da7958d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 ab477bd1bf39da29899a6591e9a310db
SHA1 ed195ec30263b3faeb0a5d8320e1acc6dc48a704
SHA256 03d705aaf32dfd778c929aa7bbd05c07a882bfb3f3666461ba308ec0b7b4d0d5
SHA512 a6748384c8f4b539be6c3a986489e7eef53762b9a35a495e0994c0c2b322fa800d1ac28d9b8739e36a5b35f8c4cedfa4d13432e3b5546835e6b70b28b5c8d508

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 cd5a40a6f62c0b9d65470b855ad81d2f
SHA1 645cc97e6ce478aab226bbd96cd943a23f75fc58
SHA256 3a6eb843d7ad49cf697d5e0533f32fccfb10838409d6c9bc693f36baee3805e0
SHA512 ea8593adad5cdb9718fcd5a30265afa53e6c46342e4a09691e4b174f8a8cd7e2afd53ae704b84d27dd31ffc98f1d1e5ca7877dfe8a48eb7d4619d8e6f33c7cc3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 abf253b3cefd8795012eefed34995855
SHA1 31995d1e873b48633aa5c3f6b1cbb04cc4656940
SHA256 eb453e2f0c5a4198d09c2773fd58fb00984e975f855a8d60b8b81dca61c88706
SHA512 b03a1524822f26e3ac3eba0c0f54554ca5d2c6df2a58c522c45dcf210fd900e293805626a564fc080e6f549c7b6901b260a8339dbf2b594509b23f56c0f4cbc7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4a81434f870fca81f65b91bd26bbf8df
SHA1 3debabf75008f0bde4695f5549c752c8edda998e
SHA256 f0702460aebd1925384bc476dc6fd4787ef0b1667a4e2f881de1d55b25bcd6bf
SHA512 68edd06ffa171f17ffcb9608da4aade727730e5541ca454c230588207d70848dc9da4f4dfe59f8ad30e85db9389e60ff119a3017ec6ea05df3351507b75b733d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e20b922dd09f7febfa3b481d18bd1942
SHA1 af6a2d782fc0256fb46ed1b19d26f7d68e2d112f
SHA256 adb7633f45228e36d0a45894e384e3bc9d30c56a69352d516fd954b2d69d34b8
SHA512 76c1462961b15a89fa61e73f456b982563f9f22b0c9913ad68ccfc71131b296675d6fccd94548d4417b85cccc59525dcb8320b02637b727716989329c5633ce7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 4f1c91bfad90900bb0d618d234f9b8bd
SHA1 a5c33fe18d26b55d1a81c6a680852c2d6ccd8309
SHA256 453e7d140ce6e66490345101092f45412ae8f7aab821e15178b4e9f62f6a9205
SHA512 1f99ef61517a20d9d81c6e7a8c3f4cdcaca28bab2e3cd5d28dd19a31e2d3365cbd841aa8239cb9cda9c85a3a343b2b60a18aeecc66bc56edbb478fdfcfeae50e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 b4fb078e1ac383471d95a8aed399d9d8
SHA1 cc8f4c0ed5b92c1006409575ea161c7c2f137cc0
SHA256 8c3784893b7ea44606441a9c2762c3f895bd6c3f101e2cfcdbc249a0f4a88356
SHA512 abbebc83b55c4b64040783bd7673695640a3d5de459c51a36e956fcb5543e21bae835f1d1abd355a65b56c237cffe25425ff133f2cf7504e8f5875e776eedd26

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 3dc17dde0c8df725622e82e1dcaa21d4
SHA1 63ff03476fd02b2a7a476583d6e46c5b61644e70
SHA256 a17c420b18ca06f00536a04a7ed9fed8e14db52b0c4e8e02d9bb70e618863d22
SHA512 8d798debafb36aefbdcfc671bc0294ce502a08fb448b96ea61b34c30911547b48ab9b2c496660d6736b53102fd585d8885aabb7d1352a405f10a71a65e21c2c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 0efc9650756a9db5bbe5be3c253222b5
SHA1 77ffea9254daa3de0b82c0a5ebc32611e311c4e2
SHA256 ba7cc2afa835d654028be92955eeff3b14b3242aceb00a6b5ef85e64669ae0ab
SHA512 8f4c8c854fed674e4a3cf4ac20a248a6339be5e410fff1ac187a5bfb0ef952f4123c004db3c9d2b249e1a849a7c07b58b55c33dca804776fb16fe74b29ae35fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0369986a22f80a333637f71981aebf81
SHA1 ad12cb62dc7ef6fbf699933c4100c31fc9edf9d0
SHA256 a00e5e339550f4aab631850e1a1bd3966a1ac0c94c898f250350d70f2e394b87
SHA512 b53d770d3c6a8be44a17aae92eb6634330f1eafb7ddd797d49a39dbf9733d16fe96000895a8c8db1b49982753fafafcc109e4bfcfa22f9f876e4289411065cbf