Malware Analysis Report

2024-11-16 15:46

Sample ID 240219-rm2czaee23
Target 80f5f062bb7cce972a6e49035ffde4af
SHA256 3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a
Tags
google phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a

Threat Level: Known bad

The file 80f5f062bb7cce972a6e49035ffde4af was found to be: Known bad.

Malicious Activity Summary

google phishing

Detected google phishing page

Checks computer location settings

AutoIT Executable

Unsigned PE

Enumerates physical storage devices

Uses Task Scheduler COM API

Modifies registry class

Checks processor information in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of WriteProcessMemory

Suspicious use of FindShellTrayWindow

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

Modifies Internet Explorer settings

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-19 14:19

Signatures

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-02-19 14:19

Reported

2024-02-19 14:21

Platform

win10v2004-20231215-en

Max time kernel

150s

Max time network

151s

Command Line

"C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-768304381-2824894965-3840216961-1000\{86C0BFB5-1281-4D8C-A069-F17D65A2C4AE} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-768304381-2824894965-3840216961-1000\{098E9929-6646-467F-9AA0-32B9A39E58D2} C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2184 wrote to memory of 4988 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2184 wrote to memory of 4988 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 1304 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 1304 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2184 wrote to memory of 1332 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2184 wrote to memory of 1332 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1332 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1332 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2184 wrote to memory of 2808 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2184 wrote to memory of 2808 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2808 wrote to memory of 2612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2808 wrote to memory of 2612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2184 wrote to memory of 4892 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2184 wrote to memory of 4892 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4892 wrote to memory of 4224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4892 wrote to memory of 4224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2184 wrote to memory of 4972 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2184 wrote to memory of 4972 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3848 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3848 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2184 wrote to memory of 4044 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2184 wrote to memory of 4044 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4044 wrote to memory of 4800 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4044 wrote to memory of 4800 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2184 wrote to memory of 1868 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2184 wrote to memory of 1868 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1868 wrote to memory of 3648 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1868 wrote to memory of 3648 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2184 wrote to memory of 2020 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2020 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2020 wrote to memory of 528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2020 wrote to memory of 528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4988 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe

"C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb805646f8,0x7ffb80564708,0x7ffb80564718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.linkedin.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb805646f8,0x7ffb80564708,0x7ffb80564718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb805646f8,0x7ffb80564708,0x7ffb80564718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb805646f8,0x7ffb80564708,0x7ffb80564718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x108,0x10c,0x110,0xe4,0x114,0x7ffb805646f8,0x7ffb80564708,0x7ffb80564718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffb805646f8,0x7ffb80564708,0x7ffb80564718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb805646f8,0x7ffb80564708,0x7ffb80564718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,6289055022533289766,11671830334323070124,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffb70bd9758,0x7ffb70bd9768,0x7ffb70bd9778

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2080,6289055022533289766,11671830334323070124,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2644 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,6289055022533289766,11671830334323070124,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb70bd9758,0x7ffb70bd9768,0x7ffb70bd9778

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6289055022533289766,11671830334323070124,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6289055022533289766,11671830334323070124,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb70bd9758,0x7ffb70bd9768,0x7ffb70bd9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,16835054555688258561,16564047813801037593,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 /prefetch:3

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6289055022533289766,11671830334323070124,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3916 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,9280331699072989759,8779275580616844301,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 /prefetch:3

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,15500807802966922413,590801367437568108,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 /prefetch:3

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2988.0.780186967\24036514" -parentBuildID 20221007134813 -prefsHandle 1868 -prefMapHandle 1860 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3185ecce-14f9-4207-a235-88bdbcf7ba24} 2988 "\\.\pipe\gecko-crash-server-pipe.2988" 1960 2b69c4d8958 gpu

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6289055022533289766,11671830334323070124,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4116 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1436,18363518345037168593,9003279674781331662,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6289055022533289766,11671830334323070124,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4332 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6289055022533289766,11671830334323070124,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4480 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6289055022533289766,11671830334323070124,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4656 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2988.1.970252121\2098545552" -parentBuildID 20221007134813 -prefsHandle 2404 -prefMapHandle 2396 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2d15b9e7-137e-4b20-83ba-33b2c21fec1c} 2988 "\\.\pipe\gecko-crash-server-pipe.2988" 2440 2b68f9e4558 socket

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6289055022533289766,11671830334323070124,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6289055022533289766,11671830334323070124,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6289055022533289766,11671830334323070124,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5944 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6289055022533289766,11671830334323070124,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6289055022533289766,11671830334323070124,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6112 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2988.2.1054585636\564751129" -childID 1 -isForBrowser -prefsHandle 3492 -prefMapHandle 3488 -prefsLen 21668 -prefMapSize 233444 -jsInitHandle 1112 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {21d907f4-600d-401b-b839-6ff350a6b927} 2988 "\\.\pipe\gecko-crash-server-pipe.2988" 3504 2b6a035ab58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=568 --field-trial-handle=1884,i,794693062260859995,10219879222454118772,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2248 --field-trial-handle=1884,i,794693062260859995,10219879222454118772,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1884,i,794693062260859995,10219879222454118772,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1896,i,6009942894942609149,3360754933511420328,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1920 --field-trial-handle=2000,i,3243362269149684975,14118535807783830673,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2988.5.52611231\342634198" -childID 4 -isForBrowser -prefsHandle 3916 -prefMapHandle 3912 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1112 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0230288c-1fab-4ae9-908e-2bad62638c93} 2988 "\\.\pipe\gecko-crash-server-pipe.2988" 3924 2b6a035c958 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2988.4.431025528\590770951" -childID 3 -isForBrowser -prefsHandle 3120 -prefMapHandle 3084 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1112 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7365a07b-5004-4336-a5c6-27a5df5ddf82} 2988 "\\.\pipe\gecko-crash-server-pipe.2988" 3132 2b6a035bd58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2988.3.1925496295\1694885103" -childID 2 -isForBrowser -prefsHandle 3740 -prefMapHandle 3152 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1112 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a72c18a2-c1c8-4ebb-a536-e7d1175c358f} 2988 "\\.\pipe\gecko-crash-server-pipe.2988" 2964 2b69fcad258 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5036 --field-trial-handle=1884,i,794693062260859995,10219879222454118772,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4904 --field-trial-handle=1884,i,794693062260859995,10219879222454118772,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4040 --field-trial-handle=1884,i,794693062260859995,10219879222454118772,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3892 --field-trial-handle=1884,i,794693062260859995,10219879222454118772,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1780 --field-trial-handle=2000,i,3243362269149684975,14118535807783830673,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3080 --field-trial-handle=1884,i,794693062260859995,10219879222454118772,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3068 --field-trial-handle=1884,i,794693062260859995,10219879222454118772,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1628 --field-trial-handle=1896,i,6009942894942609149,3360754933511420328,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2988.6.1915993120\1777847302" -childID 5 -isForBrowser -prefsHandle 4776 -prefMapHandle 4772 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1112 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {676a6ba1-c436-4be9-88c1-0b2fdaeb5737} 2988 "\\.\pipe\gecko-crash-server-pipe.2988" 4788 2b6a1b08658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2988.9.269228127\373023338" -childID 8 -isForBrowser -prefsHandle 5960 -prefMapHandle 5964 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1112 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6cb3f4ca-8edf-4b7f-b148-6eff03c2d228} 2988 "\\.\pipe\gecko-crash-server-pipe.2988" 5952 2b6a3303858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2988.8.1143294736\899038361" -childID 7 -isForBrowser -prefsHandle 5740 -prefMapHandle 5744 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1112 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ab2f36be-8c5d-44fa-b52e-0a3f60996b84} 2988 "\\.\pipe\gecko-crash-server-pipe.2988" 5824 2b6a3303558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2988.7.1318824853\1150102181" -childID 6 -isForBrowser -prefsHandle 5568 -prefMapHandle 5560 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1112 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1b9227c5-e1d3-4b78-9e2e-eaac3323e5ce} 2988 "\\.\pipe\gecko-crash-server-pipe.2988" 5320 2b6a30c6558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2988.10.1833735150\1439208256" -childID 9 -isForBrowser -prefsHandle 5800 -prefMapHandle 5804 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1112 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {706e928f-7753-4ebb-b6ec-0873e2322319} 2988 "\\.\pipe\gecko-crash-server-pipe.2988" 5792 2b6a38a3758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2988.11.831334281\1111228362" -parentBuildID 20221007134813 -prefsHandle 6428 -prefMapHandle 6424 -prefsLen 26381 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4a44b795-e709-413b-b16c-2ee4ed20dcf9} 2988 "\\.\pipe\gecko-crash-server-pipe.2988" 5624 2b69bfe4758 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2988.12.1788566491\1554528010" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 6592 -prefMapHandle 6588 -prefsLen 26381 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c571bc94-9e99-4390-bff7-eb1e0b74904d} 2988 "\\.\pipe\gecko-crash-server-pipe.2988" 6596 2b6a115ad58 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2988.13.298394351\342428351" -childID 10 -isForBrowser -prefsHandle 6888 -prefMapHandle 6884 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1112 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3cd49b65-5ab6-4c01-8878-8ccce03c05dd} 2988 "\\.\pipe\gecko-crash-server-pipe.2988" 6900 2b6a3a77858 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2080,6289055022533289766,11671830334323070124,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7032 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2080,6289055022533289766,11671830334323070124,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=7036 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3176 --field-trial-handle=1884,i,794693062260859995,10219879222454118772,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5476 --field-trial-handle=1884,i,794693062260859995,10219879222454118772,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5484 --field-trial-handle=1884,i,794693062260859995,10219879222454118772,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2080,6289055022533289766,11671830334323070124,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7256 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5804 --field-trial-handle=1884,i,794693062260859995,10219879222454118772,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5484 --field-trial-handle=1884,i,794693062260859995,10219879222454118772,131072 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,6289055022533289766,11671830334323070124,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4444 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=988 --field-trial-handle=1884,i,794693062260859995,10219879222454118772,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 163.70.147.35:443 www.facebook.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
US 8.8.8.8:53 www.linkedin.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 8.8.8.8:53 85.177.190.20.in-addr.arpa udp
US 8.8.8.8:53 78.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 35.147.70.163.in-addr.arpa udp
GB 216.58.204.78:443 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.169.86:443 i.ytimg.com tcp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 86.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
GB 172.217.169.86:443 i.ytimg.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
GB 216.58.204.78:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 23.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 10.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
GB 163.70.147.35:443 www.facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 11.214.240.157.in-addr.arpa udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 52.24.144.241:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 16.221.240.157.in-addr.arpa udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
GB 216.58.204.78:443 www.youtube.com tcp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
GB 216.58.204.78:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 i.ytimg.com udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
GB 172.217.169.86:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.169.86:443 i.ytimg.com udp
US 8.8.8.8:53 241.144.24.52.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 rr3---sn-q4fl6ndl.googlevideo.com udp
US 173.194.141.8:443 rr3---sn-q4fl6ndl.googlevideo.com tcp
US 173.194.141.8:443 rr3---sn-q4fl6ndl.googlevideo.com tcp
US 8.8.8.8:53 rr3.sn-q4fl6ndl.googlevideo.com udp
US 8.8.8.8:53 rr3.sn-q4fl6ndl.googlevideo.com udp
US 8.8.8.8:53 8.141.194.173.in-addr.arpa udp
US 8.8.8.8:53 rr3---sn-q4fl6ndl.googlevideo.com udp
US 173.194.141.8:443 rr3---sn-q4fl6ndl.googlevideo.com tcp
US 173.194.141.8:443 rr3---sn-q4fl6ndl.googlevideo.com tcp
US 173.194.141.8:443 rr3---sn-q4fl6ndl.googlevideo.com tcp
US 173.194.141.8:443 rr3---sn-q4fl6ndl.googlevideo.com tcp
US 8.8.8.8:53 183.142.211.20.in-addr.arpa udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.180.10:443 jnn-pa.googleapis.com tcp
GB 172.217.169.86:443 i.ytimg.com tcp
GB 216.58.204.78:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 static.licdn.com udp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 118.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.187.234:443 content-autofill.googleapis.com tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 234.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
GB 142.250.187.234:443 content-autofill.googleapis.com udp
N/A 127.0.0.1:50307 tcp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 rr5---sn-5hneknee.googlevideo.com udp
NL 74.125.8.74:443 rr5---sn-5hneknee.googlevideo.com tcp
NL 74.125.8.74:443 rr5---sn-5hneknee.googlevideo.com tcp
NL 74.125.8.74:443 rr5---sn-5hneknee.googlevideo.com tcp
NL 74.125.8.74:443 rr5---sn-5hneknee.googlevideo.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 74.8.125.74.in-addr.arpa udp
NL 74.125.8.74:443 rr5---sn-5hneknee.googlevideo.com tcp
GB 142.250.178.4:443 www.google.com tcp
NL 74.125.8.74:443 rr5---sn-5hneknee.googlevideo.com tcp
US 8.8.8.8:53 ponf.linkedin.com udp
US 144.2.9.1:443 ponf.linkedin.com tcp
US 8.8.8.8:53 1.9.2.144.in-addr.arpa udp
N/A 127.0.0.1:53124 tcp
US 8.8.8.8:53 platform.linkedin.com udp
US 8.8.8.8:53 stun.l.google.com udp
US 152.199.22.144:443 platform.linkedin.com tcp
GB 142.250.144.127:19302 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
US 8.8.8.8:53 127.144.250.142.in-addr.arpa udp
US 8.8.8.8:53 144.22.199.152.in-addr.arpa udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 172.217.169.78:443 redirector.gvt1.com udp
US 8.8.8.8:53 209.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 78.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 25.14.97.104.in-addr.arpa udp
US 8.8.8.8:53 r1---sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1---sn-4g5e6nzl.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
GB 142.250.200.14:443 play.google.com tcp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 102.11.125.74.in-addr.arpa udp
GB 142.250.187.238:443 youtube.com tcp
GB 142.250.180.10:443 content-autofill.googleapis.com tcp
GB 142.250.180.10:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.187.238:443 youtube.com udp
GB 142.250.180.10:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 14.227.111.52.in-addr.arpa udp
GB 216.58.204.78:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
FR 185.60.219.35:443 www.facebook.com udp
US 8.8.8.8:53 35.219.60.185.in-addr.arpa udp
US 8.8.8.8:53 beacons4.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 8.8.8.8:53 116.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 8.173.189.20.in-addr.arpa udp
GB 216.58.204.78:443 youtube-ui.l.google.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a57cb6ac4537c6701c0a83e024364f8a
SHA1 97346a9182b087f8189e79f50756d41cd615aa08
SHA256 fe6ad41335afdcf3f5ff3e94830818f70796174b5201c9ee94f236335098eff8
SHA512 8d59de8b0378f4d0619c4a267585d6bfd8c9276919d98c444f1dbb8dec0fab09b767e87db972244726af904df3e9decbff5f3bb5c4c06a9e2536f4c1874cd2f2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 5e77545b7e1c504b2f5ce7c5cc2ce1fe
SHA1 d81a6af13cf31fa410b85471e4509124ebeaff7e
SHA256 cbb617cd6cde793f367df016b200d35ce3c521ab901bbcb52928576bb180bc11
SHA512 cbc65c61334a8b18ece79acdb30a4af80aa9448c3edc3902b00eb48fd5038bf6013d1f3f6436c1bcb637e78c485ae8e352839ca3c9ddf7e45b3b82d23b0e6e37

\??\pipe\LOCAL\crashpad_4988_WLQSTWTPKJDERNHH

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 da720017583df8212fd69f8fcd7b6b6e
SHA1 0ea9e35cd6c6dd27a9601b0ec3a30cc8283dd738
SHA256 7ae143ff4808674a468026efd4944dc2007b3f6424ad789d88c0a3d31a625e1a
SHA512 4f526d979a5e772bc7cc8692fec922332ab8aa932573f93225dcb7908b55f42daeddf3f9d4b54ee47b042843d82483caee91a0273bdded58dc2a41b60b4ce0d4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\48f978a8-26bb-44aa-96db-4c9a65836e3f.tmp

MD5 2074b2c9a21a5ca2f42c7027fda6762b
SHA1 606c4791caae4e74a31bc59b725876357fdb0911
SHA256 f8b00367aa6459c6047398ca7ecca7232293db893f83b9bef8dd2123a8ba5034
SHA512 6dff86df645191bfe860f5f225fee1d0c523a8fcf191ef99b97445b732f0ef5a8582c9168b0116a2bcc210c9217f5d984af68d5745f440292da285bd7feabaa9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 dbeb2e1b1dd56939656b2b37d92eb7b2
SHA1 08904ffa25b2a236ad2cd6fa5d12c87c8b22bda2
SHA256 3b24ab63d7fe06e750f521f466033b512247aa33bf25cc5f033343950d843ead
SHA512 0645db4c38a9fa58fded11a35d8cc857b40b1b1c0f3b38cb1847b6fba75b715cf53c769bd3017b953830d921662a6d5788de1e44db6e2d9f433328da7821ed6f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\4953e3c6-bacf-4869-be3e-4d4a61060758.tmp

MD5 68dc3ce40fe7cfb108f3876a8f551524
SHA1 f28aa77f17d01b723675337b47915644a1ddbd13
SHA256 e5f53e3e700b02ab215bc91f784ff90bbdeb7aa5bf2df1b26d526d2f3dac1d17
SHA512 bb96eb64ea6543a51b00f3b5677265b32abd0c4bcc3b865b6fe1ca9ee82a6ae17dc545d0525a384989a4d6cbedd1b14c74dbe0735d8ddaf421cd570dc3013086

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 aafc36c39a5d0d27a1193c59ec9d828f
SHA1 cbeaba5599220d07f7f42c330993d509dfd801ca
SHA256 bf336b5320ea129037d03eb725675ea160e18077f83c3bd54e28ab4bb823eb30
SHA512 ac69de4f0fd7a14d95320915075025d6c9be3323da78286c974c0b0f5e6e457ed4978d62e139f77b37c30ec129c5fb2e17ceab488db79c9876810f0e164c743c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 411f9cf284b5807d426f2c2a41947e39
SHA1 a52db310d4f19a72c1d984811407869c262df844
SHA256 5b44f5f9a8e6ee8a7c8040c12323238f6d21c9d38f3a7e11fb1abf845259f7eb
SHA512 80831560e5227c4e022d1543d32794769f45f67d0edb736563e4a18ff64d8df32b03c18b108d84c6904a9bda89eebf80b7d953a60f5c900ab75a4ee8d0ba69f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 f526633e36c3dab25e501326f4ad65fd
SHA1 150a241b8be86b00a1ec4bf5c76b31ee22b5e4fa
SHA256 2f5278791fb46c165036cc6ad1537e080edf23db21f867471897109ef9078e47
SHA512 738974b9675901b3a0ab4f3197ce490082f60a31bb5eaff22cb84b44a0c2c93726854770c4fa9cc5096c41bf063d8afcdcb69998a7a3cd9150861ce6145df8e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7c986eca8449b0bc026f25a7cd0f9481
SHA1 85ccb02f99d5049bd84b9d5c31e94527ec2dd93f
SHA256 ad982b55a1bf3d9bc0a66bff59c817dc570c82840e2821e2da7b43d80f8ef15b
SHA512 aa15b274561a5200d0e54c89b3cba8abc86a4f0aee3d23eeaf579195c7034c5062fec364866a410239d36a5828c45fd4c7ce10677c3d75b749e0ed985b09663a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 265db1c9337422f9af69ef2b4e1c7205
SHA1 3e38976bb5cf035c75c9bc185f72a80e70f41c2e
SHA256 7ca5a3ccc077698ca62ac8157676814b3d8e93586364d0318987e37b4f8590bc
SHA512 3cc9b76d8d4b6edb4c41677be3483ac37785f3bbfea4489f3855433ebf84ea25fc48efee9b74cab268dc9cb7fb4789a81c94e75c7bf723721de28aef53d8b529

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 91ae391eba1822b3c970cd4571f801e0
SHA1 f26a3027cc22c32598045dfef56f3c1f17e9c317
SHA256 bf16d94223f6ce55113dc16dfcc563f39fbf0cc48f8c6ab12e6d3ea37883c1e7
SHA512 003cfad7dc297f39b806c9a23a13ff49733a784800e6cc08a31f8b4f2047632176c534ec0e0e2ba65faf839b704414dcf6284d8346c0774d7b1029fe138a7992

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\0602b7d1-2739-4c39-91e3-75069a3bcbf6.tmp

MD5 3e407282b33dba2b1e60d1dbd0ca3729
SHA1 8b960c11a83bcf2e6f03a71dd0ba7298cbee2fc6
SHA256 26c67734e7e0fd698e1bfa86fbae2aab81765a2a9c5e890c3a9f94e8b280159d
SHA512 f10815805b3654d621aa50d0a362aaec1b9160f85299d5f25885e0d312ebf2c6affd916fbe25f5eef198f2199753b7f53c4169a5bb4bd721f5c67dfe9c2850d5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\datareporting\glean\pending_pings\5c31db01-ab79-4665-a3d3-fd49268f95ec

MD5 d74aeb0762d9352ddbe387d77744fb87
SHA1 69fc946a7485287d7e98d88a6fe1ef245c38a75a
SHA256 eca6f24089d8725a3c9a90555496d9468e1f55cc813e7e280854dcdbc3805983
SHA512 769b5b215f38f4eb683c4931e528a8a3217615e48ce9793bb16f20dc3c20e452adb63c3be28ef168cb6bf3477038a74e24dd009162e657b7cb68334dec498ffb

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\datareporting\glean\pending_pings\83a540f1-cb51-4751-abf1-1efd457d42a4

MD5 d668bbe4c0cc3d8ca31633ae22629191
SHA1 03e9f19b3ffed3ebf874d83c3ac02b6a0b67f6b0
SHA256 d7548f9418ebbe481fb1954218297eb8e9f44875df63007dc44324113151371a
SHA512 7119454dc08f4ef76bd59e4629174de9cd5bd2935f4866cfe912593eb641d37b7c78d2bf03c20daa90f5fcad750647c6230bf4a0bf3bdedbdc834220e6002959

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\datareporting\glean\db\data.safe.bin

MD5 c1c4de77090e0e65d88eae8f9f4b8f29
SHA1 929e670402b4327e6ebd837f057218ae24188978
SHA256 d9b5d7f543da46e7c6931597e028afaa1b0d26e40e4e7cbbade6641229ac0005
SHA512 1511641d35ffadf32ed7f8c3598caf806a18bb404eeeb9b9f4c13935ff1aa9eb6630114464af800fcc283b3c7523ac1d3deb1b6968a52aa58ed9253a387f29a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 88acac24b238f6a4324d23f78014f66c
SHA1 b33d92ab67bd80ddd0d3b7bfcac83c9608b605b0
SHA256 6cc3cbc131a8af9f7bd6b37ad15e6fc0149fd341bbea33e2ece5a7ef12a9aa59
SHA512 fbdbc8e2014af7bd475a8f58e0a80af0ef2f2880edc21ecb2a4c4c5f944911b7fb1ed937c97f77d71aec37c9a204dcc820f1c90c336933c4f6c4bfb436edd7ef

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\prefs.js

MD5 44d92a9949a6e024a4e3ac483b8f0b02
SHA1 812a7d091240d2abe7a43fc8908eda6fa6e3614d
SHA256 a5f4757b884382e233d5a1646579ec37f7df0f55f9738b8c4678c5260bb7635f
SHA512 b101d6f2a895c35cd40ec8dcd0f59a334f13eb37093db03b57c4f4ea7151eda8089b57f544d8bb26d838998dce5788f29394d9eb853af27aeedcc13b5084ec2c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\sessionstore-backups\recovery.jsonlz4

MD5 1ecb274b32d72f832949be9583fee09a
SHA1 6ef28991890e2376936ee5d5387f85d01b8769f6
SHA256 ab5e695daf616b53cd94903f9073d7b1ddacae8089d956fccde6888abe97b050
SHA512 32dfc6479279090d5ba843891b5c1e4d88cf28a867c4d60f85da28274d73c20e70113bf8b6dba8b83bf8b0210de030a98bfeb9d5c6aed0046bdd48cba9119add

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 9f7a6750b7bdfe628c2fe569e7db3152
SHA1 6a1191cef64c4215bd1acc36fc79c2411b5b79a5
SHA256 02630aaa83cfeecff0f74ebef56d45f94fc4dfbee0a343e46610680956598c3e
SHA512 04b099918cdd7e8d8bbf06612e0e1d46494b82480b253ff6408a2460a408b21a6366ff95c2662e69644717d97ea1a5675a2118aa4bd31f35b0fbc8252bbd7b37

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\storage\default\https+++www.youtube.com\cache\morgue\249\{de1a2726-6986-4568-a1ae-3348545457f9}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3f87c5fba83999b7c4bebefb08c078cb
SHA1 8aba3ab50cf3a79409ab8c2bd0e56d5ba2a5ebc9
SHA256 b4ceadb914acd36ca439b5bc38317b7ac741318e3e0239e6b859ebc819ba7166
SHA512 baac188c461344bccf2305b460c780ddfa28cef31b2356f1287bea84bb8f853b1081a45c86c1350426abf0fe7f6288a97dbee88588b8e531a87e2c8bb4df28e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 6db2d2ceb22a030bd1caa72b32cfbf98
SHA1 fe50f35e60f88624a28b93b8a76be1377957618b
SHA256 7b22b0b16088ab7f7d6f938d7cfe9ae807856662ce3a63e7de6c8107186853e4
SHA512 d5a67a394003f559c98e1a1e9e31c2d473d04cc075b08bb0aab115ce42744da536895df2cec73fa54fc36f38d38e4906680cfacfbf4698ee925f1609fbb07912

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\storage\default\https+++www.youtube.com\idb\2477397884yCt7-%iCt7-%rae4sep6o.sqlite

MD5 c87df6068b10cc9ad8a36b23cac82a2d
SHA1 0a154299c938e894df5c99edeb48795a6792e0cb
SHA256 1c984e3b15160331ff6cc78a5e762a45ef6625f71506ceb89aa7e9b625a3b2b9
SHA512 4f9109344311374376946f9f03271076cda74421d02cd47299773a3b56ab7eaadae47a4aebccf67bfc3ec2e99a315d859e2041e729363943fc452210ffcc8f14

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 7a204d478c8dfe822bf86f9103bbd9b3
SHA1 7114b36ea1588d9372d730b2ee5dec7a3aee36d1
SHA256 d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb
SHA512 f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 75fb30c313dc87b91c42ec93f12a6639
SHA1 5115a0ddae628ae4c41498596f2b929c3a7ddd41
SHA256 0d3f4f1dfc9e790c69aadba57fc4ef3ba76c3c58b8d4e4ddc3a3374a078336e3
SHA512 88f072377f31fecd2aeaeeabecbf1825f6d6ed8f5a94a11d8d294e8c80a0cffdd52733a9569067b5a6dbbdc9a2105ab54863e3466923ff3ae6a64a375d8ff198

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2c6657bb4a1ba8570039145ca8345479
SHA1 9c0a7a0cc90daa88556ff1d54f0390f8ea8eb1bc
SHA256 425cca48dd71e13ea16c13e4dc2445944a6f626d367ea5315797e6be9a2b732c
SHA512 a2902845f2f1f420f9cee1a09282997db12e8ffa4e8c198c252d100705c32f94ec5de3f7af92a0e4cdade36be7946ff0ab8491bb216090bc1743f975daa8fc62

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 45ced2ab36997f9bf1a3e54bd06998b3
SHA1 35a719d549959520519eb19f822fd781076bb114
SHA256 f6e4584213a9676a54ed9a812ff38f42b9fe50f305ef6b66762e63a18a9b5743
SHA512 28039add7effb98c316d976dcbff6d883d40b9e5520024a0d9d7d88669148780c22afa54233f66b925299db9df54ab1b3aa600b5eeb463ca8e4e08f3a064cd95

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

MD5 07d1599644d9d351c0edeac0948a08e2
SHA1 57851cb9245ec0e3bbe5e3929f83d16dae46b33c
SHA256 90e0411e9beb88af0eed93e63ad65281dd5e2020d444bf04111ee0087a9fdc5d
SHA512 e7981c49b0359b12ace9de7af4f5ef52f1b4dfdb1a0a828810e9779cb5ee8710e76231db390877cc515dc919fb66d5c289e3b06f5928816b67e25ed6ac49dbe6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

MD5 2b9776807df1c30ef66c45ef60237487
SHA1 17e925fab39688d0d907687da86f566e283ee63b
SHA256 58a7c2031d7dbf5bda9614b64123996aa3bfcb5a783f901145baf087066c04a8
SHA512 e67162fb491ca513627e9fcb69a5db19a15129856ea3d01c2f0b5add061811bc5a0d4b6d8e53e4d7fe155b3bdf4a786cff697df5165368616589b411f8fafcf7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\cache2\entries\103C7951EAC6E8B508FE2AFE0F8CADF80E5FF3EA

MD5 5dff04f375444727a5e57798508398bb
SHA1 51ad7379b82acb2c487832153c52a0606e45a7bc
SHA256 c55d99f1441880d672886856e95d1ceb4c8d8711dd5daedb0401cdd4a1992a5b
SHA512 f61733341643e1e9024af3d69610a36ae1668d3a0c19b2e354eb456f84750c4dd437ea2acab663be1f9e9ba4e241ec6521ac667b84223d73404d558bbf90d5f6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

MD5 6113d9f8b5839ba1672a924487efc6b8
SHA1 936ee83885f93c86290d3e6785a7aa57bbc948d5
SHA256 06b5e5a492bf40fcbf52c71bd4181409df6d8766baf268919a18d8a1c60f09ba
SHA512 76ecc189cf732b835244687a435db5070ed839fa4fa5e784e50c0a4b4c5e0c5fbba931059cb17651723c3b9b8446f40a66225a2e5bd0ff907e1948820747d836

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 e7509c0974f418f9abc9cfbe6680c85e
SHA1 1b05ca39e4e5007eb16292ac9153dd09e6e8b491
SHA256 5dfeecb28f2faf93c24e4755b3bdd2d1d32bac448f7ec94ea3eab9e934a425f4
SHA512 f16b7a2ef1e574328a918c42a6291ba3bb8fb146104de2f10471228d122ca27cec21e06fe3ed74192f6b72f01895c6c527f2706a9aa6c582b8d270f4a58d7d42

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

MD5 e4871a2a01805f6a4e4b5b302fb51c79
SHA1 5ba1b6c82c8861baae0d2ad4e969db97b05398fc
SHA256 8fe4ca7286a0bca3d62f59e060e6de37466a99e4e2eb293a533d5e470470fe2f
SHA512 007882924601b014e95d9d5cf3a804c231d0b192dc1b714adba25e393e6c7c1adaf068a99ba4848f8a1308f2c9ce4f3b947fab576437d5f8f59f22067f803eb6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 74fd5143b1734183ae978271ea81894f
SHA1 753a6d30c271d05bd63ae44df17de6d57f501744
SHA256 eddea3a23d2c35b5a7a887d8108c3e45d544fd698fce1f680db1ebcdfbe885a3
SHA512 116a4a1f6c5600a71f0c6daba7bd4f944000cd9be4296408dd71d1d85d71a7e2e02abb9cbe59c4fcead84f5ab1baf3f3ca15f27275c211e092cc1630581689a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 48a1f77ccf0f523f5c2864f20fc9c4e6
SHA1 a97d896b97804750932a9e8444f7a65cfbb295a2
SHA256 0097fe392f2479647d8c9f3840c7ac49f8296b1908bf0e99722a86f223037ed8
SHA512 e89189bc54043bb14f6535b55ba9aec1f27cc36defeaa5274e5f22acc50854bd9b34073a41649a4cbd66abf456bca5b1a695354bc4de3569c9bba9a494e05098

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 26009145d15eb91da5fcdc138770618b
SHA1 17c5dff4b9fc5e5a98f93cdf35ceb5ffa4c2f8e2
SHA256 85cd6bf80a72139a65e56632c333d648f0ebcd9bd8c1fd526557949f93ad7e8b
SHA512 187744cfdcf34bb94c50e175873a35e48a937ca816e6cea13870698e00b4edcbecb2a17f79e5f5f0980de4e0f7fe02327ad4917a10839c4e69bde5b791979696

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 00e4719e921c916759eaaeb965fb9b6e
SHA1 f0e7c979c0a1e85ac78d9dd231502fb425b18cd0
SHA256 5026526565cff03c7fac8772152e339d2161d8b473c2be9f2bd85937a47aa6d8
SHA512 b67fdeaad9acbe718c8713b6c4ce3dc7c4d76726f94febc6539d245e47b8893c744c338d6c2b18c5cad99e9d0141d1ce514e53d67dbc8d1d825e5eb08c5a5781

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 769287d0597f2baa517207a337bf038f
SHA1 3db7e68e2009f19907d2287caebf99eec0b8287b
SHA256 5e930a1c171d4599bb6daaf71ac52b2b50eb0f15e1ac08c0ba651fb27dd06b0d
SHA512 f504f98bc5550d19e1fb186fe35c0c9d67411259ea37e87404d503af6c04b3a6724959499f2be17ef753fed53bf892f0c27f6dc11ded18a7d22eb6e3c28d7d3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

MD5 dc3b8c50e8c0eb3efdb4f61a11b07f95
SHA1 d0ff754f54871d9d06fda35d7ed84a396473cbe2
SHA256 fa158e2b238e5515c36f41e294701218c9b1c9908aba7382469b4a82820c9b35
SHA512 50c7bf882fe3e7e42078ca3c2b720ce87d450fcd4263f984e47a126d914cdb314ee6f1920ca22e196e9487df4d8a863a66c4590565b9d7f8ff7aba25e40c1b2d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

MD5 468f56c49e928f7324bb12c425b1028f
SHA1 e62a69dce5978ebc31f113e66c8a298cd812192e
SHA256 281f7992219e8282dcc55a27a46c7b7391381f3b17e23bfd859804051ba46228
SHA512 ae9a65b88d3c9868245d161547f4759b58c16935a50c3e0b4c17d966b302ef7253c66539b14c6897f2eaf53da75848ded6c7c4086cb48f2a2d6b9eddab45209b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\sessionstore-backups\recovery.jsonlz4

MD5 915e4c5ae779f621911d9ca42c1759d5
SHA1 1b16662a4225eaadf2f1c6090f8bbf8759436326
SHA256 0476afa2a07d884290e50f63561c321e81859e0117a08135df1c0ed80a898f8f
SHA512 286e0c55997fe122937f28d97f300adfb72f9f681bbac94c555b96cdd201f2b60354edfd535c3dfc5e7003483ca9aeb6e76c1190ef7c425723ca4751617665ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57af4b.TMP

MD5 3aa89bec2dc85516d482076700a72105
SHA1 60c015a3f12f5bfa9bf5eb197ffaca5bfd47485f
SHA256 f8de97f9734be81abbf078dc29fd6ea759d27bfdea3e9dd0e915888d7123d0b6
SHA512 78d1b1e0605d6231f63d5bbf8fb9aebb4b323c9dd622d1d222aa96504c79537c12879aebd88353203d8966616d767baf93fe1a4935551ce7c293cf5ff7ff7063

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c969e8b35ac1969476b99b10ac7a600d
SHA1 f8de168d2188f362a18322aef292f03db54e3016
SHA256 23585cfaa77735b4a766fc4962a07a004937fd15e786e4545138c0365018a9b5
SHA512 cd4bebe49b1bf15faaf46eb3382aeccc49a9b5f7ce73f9f0b3f240d33fd877f55e2120bf81eed2315e15f940bc62aaba6fbe8f48e02ac6f601e1f24ed0bab9cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ece13daf5a5814c7be43e432f7737ff5
SHA1 2c1b5e5310ed656a1f3898ce1830d96b042d5588
SHA256 994f3dbf1feff4b65615918a7e33e04129d0bc4d6c7d203800a1b53398526ce0
SHA512 5e3b89b3cc534a04d768ed437a292d6a9a23e8e883a30bb7809568164b07292303a30b565ab42cc170c42e13eb19688593c29aa181051b87ed907521a7a267bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png

MD5 7f57c509f12aaae2c269646db7fde6e8
SHA1 969d8c0e3d9140f843f36ccf2974b112ad7afc07
SHA256 1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f
SHA512 3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir1720_285452776\Shortcuts Menu Icons\Monochrome\0\512.png

MD5 12a429f9782bcff446dc1089b68d44ee
SHA1 e41e5a1a4f2950a7f2da8be77ca26a66da7093b9
SHA256 e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37
SHA512 1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

MD5 95b4805836c6d43c683adbcce74f6ae6
SHA1 455ea152e5e6fe6f462b337a431333e18d814396
SHA256 1501f48d09b189e7f0214954ea507925fcd0ba80cd8ca2ad1bcccdbaad9072e1
SHA512 ce96567484ba89afa0777a5780c853f1f3d1a0e75ce6aeb72ee3acaf778b62e528026748d19d3b8ac2e04e79c50998bf2260f2514ff5c053fc0ae278fffead1b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 a6a6429d6a40d519b8302ba85468bd5e
SHA1 8ba0bd85761c7fd2efdd2cd79c95644c6fe17976
SHA256 c307d54fcee53c212a0521ac00f1d0fa08fb0d0ad8a7e1211add81b2b6cca4be
SHA512 693e4c4ed5fd047b06f33a592a69575d3db3ff5fc2cc7645bc06d6af42765d053121fb524b8dbdc5e41a9f72305b84a4a0dc996424961aee3dc0f5272572869d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

MD5 982a868f8e838477ce4dbcc61a1f1849
SHA1 65354d8e13a3de7d3e5b00e2e729838774f3715c
SHA256 f573fe49dd43a383adc31695aee816599d21b366f9fe7a539d916cb96b4fbe89
SHA512 f21e5ef9f98790f786eb12f94a01892bf7780a6022cfcb1637d0660b03c81abbe1c1c3c57e373727d7fbe046f798dcc5b0b46a36516f49c294944378de7215d4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

MD5 13466d8d20e89e35959827032e6d6a51
SHA1 e91eb48272d4eee7980247632c0c4890e1cfd970
SHA256 f1ce9f1e895d734c880328ab669716ab286e3ef107f1cb1fa54cf4a66d35ea2e
SHA512 0896cc5024a70bca78a920b54fb7c63cc147b64188d35454bb5e45b7ede3b859c6b760935971e69012a04b22e208fa4ad0f0e663895fe9a567ad296be19ece67

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

MD5 426d8e217829ed1343ae4a592b79f6c5
SHA1 e444f83ed8524ce6862cb85e6a587215a2a8415e
SHA256 0ad7610390db0e850386726817f3755424106fa3eeb3a4a9addf7b0ae101d98e
SHA512 d9b5820223b2386a3deb57d46d7087591a39d14c8c179bc7f402c65b2f54254e006d4184172412823efa0ebd20e64a81515aefff39d65db307698cbbab8b2d93

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

MD5 82f1abb198df1f61f16606e55330f21c
SHA1 b6428a279be448da73792d52058601705871d78b
SHA256 fa54b15b2150d4ba39ae61143f402a518c9468f7da08361d492dd02ffbeed559
SHA512 27515c9734950bdfa6fe5490156123852dbdc22938fdfcfba131cd463842ce57594fec4fbdadd2016b12643acc132ee6b36dd283bedad36b94a65ad66a77a4c9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

MD5 4e786492c677f64e5a7b174003634f04
SHA1 9e8e95b8eb5b095ab28f40b191964c3cd209b295
SHA256 85eb24ed83570c11e6988d1988f8786456f39e7910ed64bb85b48f530462fbcb
SHA512 f6a885b4696c701acb30f5e741519ee3ccb354940f94ca3d7c718a7c156e137f7ddc93a1ef76facd1c6e87fa116df56b619c58932a0aa472971a2b938a61bc63

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

MD5 d28a8b2a61482fffe479ec9daad82b2a
SHA1 d63bebbd4f05ad58b31dca7f676b2ada83570c35
SHA256 a790e45c7a6149b4a0289159f413027eb763b78ab9448f7039dd953357460ed4
SHA512 edf84a59f7fbe1b80b43f07412895980347dda2e44f3cc04252cdfc3676925de593099164f2bc3fc999ef8a84fec5b803f5d6c37cbdcf159d7173a34b11f31b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 57d1d3b8757ac2d83b30c1e157d3f86e
SHA1 75e3ea6ee5da83177039fcb65002c15d74c83195
SHA256 d1f62a6e0cf4ff0040312bd94d33b53da473c7c3b30c1a95f68a6fa333fe54a0
SHA512 5d92fef582c690dcbb394a0cafee5fff0a6db5f83ec06b4d89f5efe1643e4996d708bfc36400ea260616698acefa3d4289319b0de75722a1505b2f9b4fcb2bcb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9c06a9c7b66d362ed33fe426b1dab086
SHA1 78fbbcd9a62a0fcbfc67141a91a1f70e468a4f82
SHA256 c3ffeb322ca5aaf176393ed9d077418d378b57b28aa5e0138bea759b1b24aa16
SHA512 39a8ad2884803dc323eb2e3e4bd641903026efc827d4c7630815c1b54524f3d2bcac0951566e909e96fb7866b953fece6b3f922ac57b0619df3dc74f8e972ded

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57b248.TMP

MD5 a1c2194aba57247f47bac2ff14d70023
SHA1 0ce5b58845354cb0fbb43d556f97112dcfa279e1
SHA256 e5ca90d3a7b1bdaf10c878764033ce41f21c2f840d584af7a6fa467caa7a1e9e
SHA512 b1f08c273d6129e58eb5ebc357750d377791a2a99367c2fc6a41a3f17b1e01aa33450a70d5e8a9c9bdf24d328af499ac2bf7ad71a4e5060ec414130d291712af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

MD5 1ccfec0095eafbfadaed6121bba85a50
SHA1 42138a9ad0f9100933ae9771a0570b388886130f
SHA256 233c7744c658121611b9a44ee51a360c515567f912caa14a0c23d330ca1156d4
SHA512 e707689cf462b6f89cb6d91acdf69ad1de4e15698688cc2697affb9a2ba1b1f45d12835d9fd76203f4d17265b10b4e3ee490e9f86514ce648978115a035afc27

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

MD5 40565ae77bdd56c5065c3040f299cbd3
SHA1 326505677956a0caa2d8c422b300e510a0c44099
SHA256 a366a1cec37da47e00204083349df8c8ab365b666391bad9298ffeb692539ad7
SHA512 630930aff08acd9b76e3267597fbcd35cc74f4faf0180d8b164896b8ea0fa487f92cd054f0ba3382dfcfafd8a29d7b202ba4c291c6be3f2900cc4f64963d62c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 21f1bf5aa02d47b26c920619013429bd
SHA1 1815ae0c7dab805127dee4d9a40503434a54b137
SHA256 e34f3ddfe22a424205605d1f562622c19b8cdff7ba0c77834666281d86116831
SHA512 0d61381b7b702695c526cc0d3661a2e93e4972021e5d97d35c546da1bf0abc12ca381c02a50c2b291c78d838eb1b3d1a553cc1913256d363fa4e6cb109d94351

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

MD5 677fb61bef5fa1202a8f0523e4782887
SHA1 eebbb0cc2335618d37e61f73e957a107e4b2366c
SHA256 94f3cdddd62891402d55c6fceb813dab275d542ef664fa1a234bf0e0ce1d20db
SHA512 7c253d05f3aa6cd06d5ea5adde3cfc72f3d89aa19a161bfdf28744fe144f08f58bbed14f446b6c3b4aeae11b65c2ed6ea120a46546040ce7d76cbf173d3051e0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 c9365d9c2fc80267ed9a8e35fd7de29c
SHA1 05904ccddf60ece380b41beb09506d995a93437c
SHA256 e4ec74a14c01eae12976a9159e08816cc8b9e37f8f65c7ad0a823a0e3b5177bd
SHA512 ec7677614e9cb9586dcfe13d72c33d7d62f1de10d5ea2789477206ba63fda06946415c1ad37224fa22baf84f80067b13e16bae0ed1765887424ead5e80108fa5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\cache2\entries\C496E7D04AE4066E547323445566A7404888E4BE

MD5 2f0d7e494c7bab56da428b54cdf3a35e
SHA1 32cfdf7ebb4018700408b30fc936dd9762cba9fa
SHA256 c259ac2a609ad97ecf0a1c8e4f6ef9ed605a5d3145d91a609abdd93ab39a1bec
SHA512 065652a83143267385d8f30bf4914adc650ef180950462aa513bc070dc4cd392c55df30cbdcaa19559b2f5e81dca153bd3bf0145b6c2558c00b2d65bfdd4e3f8

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\prefs.js

MD5 5a4451031b46e86a7e3eb530a2cc6f1a
SHA1 5299397804ed708bb4b7fd79e8ba2a66dc32200d
SHA256 10fe1a32c4fd7869cae479e1ed8792b323f55d17159999bb9056879e3e3a669b
SHA512 37620476c00feff8250d6dd27f434431f080340ab59d37c996f06544f4ac972548524456a667c4b6733b9ccb1d4b12774bf068965f2fba1134452b3916a8c1ab

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 e4d63184c40933be0502cd2176bd30f6
SHA1 84b655ea74f13b4ee568d096eb2c26c83ff31955
SHA256 7b69490818b28ad442af65a47c8c4015dec5d2847c3af7b2681cdf8feb622ab4
SHA512 cdc89b70e5f25401b846248a682fbd611245c600d27c6e14919719c40fce66b1ad63a3d2ccf6f9e45d73b2df97f5f2fe15490924f4a5430296d08857ee24f440

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\prefs.js

MD5 24323be09f3ee8e8de747833bb33d8f0
SHA1 bf3f09e93ee653c8ad5fd4a406f49adad26c9c26
SHA256 8d3098bc59079b1c92dd411d7c8963a654f3ae56fa0f5101a9d810ce17f28dcc
SHA512 f5614a3930912216a8181fff165eb6af885a918b3daca61e8e123ca15d7dfbc89cbe8895f2d4a40ee676425c0c79a7f84c593968ecfe139278be27e314a01fe1

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 64384ef85db24fba2a1dd97af792a9ef
SHA1 f17a66b44f5c97643fbc8f5df95662cf4d872363
SHA256 7c85ca02f770d6a2e1172e3031af03d73548e24c292b2a8c730b0b1bccd2a3f7
SHA512 2878155d1d926e4a64116117a4fbd89cba30704297cbffc586ad053cfd0cc50f08d8c57561b412e796939d3ce3f9cbfcfccd5c2b23387c657374cc208fb2c475

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 84609afa4c7501d6efb7af01656255a1
SHA1 23b8690a00ade2ef39e2a7d591e069838fde77a2
SHA256 d16ebf395d683b1f5320097d0f9b34c114b4d20c43107d40aba45d76fc01e008
SHA512 d1d1104919b8815ad2ca747985c1de73c57d82a019559b65611b43b1c8e3f9611c34ca1201adf92602ee4b23256d1052903ab8a5fcbf0ed6e94eecb3a4e5f2c0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 fdca1e7a865aeb2f907f458bee5adeda
SHA1 b478a1e18f1a1d5e2959a3d787cf7d90e6870213
SHA256 666d43d6ba48f78f4de1e4f193611b8111647cfea38dbaca6596f6ed02aa7078
SHA512 425828fb914ace76c681cec05a62e869ece4c28bb2144ae33705cb0a343d6fe5237d87d12161f27489da2240c148bff9a42550da7cd9431296c262b12b8b3fb2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b8d28cc0391d461289349eb37ea5dea7
SHA1 1612e28adf2ef9f8f9bec692117d02f19545eddc
SHA256 4f87088b15ff94752ee7e57f323746d0802fff4a4636e44553323a5b5f872a0f
SHA512 459135380960062974723c4ef3d94cbe472bd7b57f1231d9fcb6df01409d0df74c9087daf2dbe47939c148c7b8625b387794d07a49497560818b868140871d4f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c44a0ce3b0a5d9640227b60e17a56750
SHA1 7cf4362080442e0de9bbc086dcf9bcf4cd0b285e
SHA256 13dcb6e00aa90e8d38f166ab79ce2dc2c67f8beb5406b16af96675cb1e79e072
SHA512 fbef624f2c939996553fa933f916fe335b753fc27a21c9687a9890bc72768e095bd6455a7a314b26600ed5b61c54965c2ebae0db9a8a45fca8aa167568c9d77d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\937dc3a6-c37a-4c96-aa26-b72326d4b347\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\prefs.js

MD5 e4653616ee937788f7639571f87ba89d
SHA1 4cd4c77b07f065a722a6d66c4f85bd86570bae44
SHA256 761f7fa301e698c5a6acfcc7c0330df74554c92027d66f1c7652e01de49749d4
SHA512 f3562d9023a74bad3ad2e8fd2d00a8bba3ee4367d12151589574b877638930c66b1724f6ffea85da92a2736aba972ecc77f227dc8f32bd62ee6eb3e89450f9ac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

MD5 81ac05c6d01d84d913a56c11909cdc7d
SHA1 55f6bd5429c5a35ed53caae2cd50d856edcb7883
SHA256 b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5
SHA512 0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 709f7544bd3e74c424113e6853948595
SHA1 a8c1d9e6c8493091727f0e303e45ab92b773343a
SHA256 0f2a35c8b824d54b483d0b2ea10964bb7af8eb6b1c86d40efbac4c55e1123a2f
SHA512 c2ed4cbb5e48d04eeb63c94d7d88acec5af101c2da003a34379023d8454d810ae357d0b4265da7027af38889fe307ca597f815111295ed62520f39aabeb2020a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 986de458afa8ad54285e61a0d7ef6e1c
SHA1 fa4bda7953531be3f769d91e35e587ea09abac36
SHA256 fd4222979e89860d78018fd004b0a6e206ecc7b36dccd6fbd09b967ff503353d
SHA512 7abe8dd1d2a41fb30cd9f4c67798fed8a0cbff4a4faba4477fac6353c71b724d660ca8e916466ebec31ec78886b32203e32ab2aac837c334f5ec0f1eeace68ac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 7378f426d93d2f806b536db7d5d1ef37
SHA1 3b7a025816a583f4d77e2d446666cec3d280143e
SHA256 d40eeb6f1bcee392df7288d7ebb484b3e8fc769fa52d13a41804d59573799087
SHA512 44fbb6d3b806dc28ad340c33163649a12fbae9bd70823ad39da45a36e3325efaea3e4d060702d0aa08f417592b7a512b967610e361b08101e7f981bb9cedea5d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 65223f525a9828de1e2909d6ad2d4e4f
SHA1 a696b2ce9ec7d5bc22258fc8fa9657a112344d63
SHA256 492cac7bce8a3cfc1a4315659fe4592defe927b7b10e38fba1c06f4ac300959e
SHA512 5b7bb865f509769572eaf4353fa6057e739e2487f2fe2a15e8b325d76cad3d5cac9c58d01fa8201b01db4ebb4ca190568a5add7ecf51b25affdad5b599478a00

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

MD5 86eac13ae042c5838d20274274d5d82d
SHA1 a1edc2336435162d57edd8e9a4a2b7ce2d693fdf
SHA256 2c700f68f9355697fcfb8a1be428158cc2937d2e0d01c0afbaed92cb2cb0c125
SHA512 313452f845e01faa3b45d9b37dd7db8bd1f2596684762d9affd50c1479c73592f06160f459c1fb11e4f7f38d185208b9c86c373f1abf34349daa3314382e337f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

MD5 4c44a4c4705e1e7ff214516345726b38
SHA1 c50da19ec6fbd99ee4c4f305e9ece188e0d19233
SHA256 7202e097880e3d2f06bd216cc9277332b95ff8b7d3a676d3ce89b869eebed990
SHA512 58c1de9c2d940b1d6195d96320c3b15030439ab71b1bf6a0d9e67c88213a3d1d29602a3079fbe4ce9cde6e6879020c05c237e1a7517c942b6c26f9da681da979

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f4861c95b65eb50fcb91c5d0b76e5fd8
SHA1 6164c01ba8cfce1cb40f41d9b27d7079d9492df2
SHA256 6a4037175d19d6049fff22f3e0b29b4a031f1d621b1e717c0ddeded57c6c3eb8
SHA512 22627d58cae2c06ad128d94f3d5b0ee39617ad77c2d4db738d1d02a95e23d7c38e8a75211aff5f8904aef83f0aab69822e7ecb281ec35bd099231449f0dba939

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 4cfe42607ff8707feea75d3ab011d6c9
SHA1 496b4ff72d3812f7ac3f4fd13db113fab406b48d
SHA256 8a9ccd894857263d2d5cf66efc4e20d27fca4c6373fc11310ecf22a8448f85ac
SHA512 3197acdc2685c4ee429bba68385961cc2051f3f0b5129255780c83a64b5892aa386ea369a24b61af18e303892879e1708741b6ed5fef437d7b48b80309f5a7db

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old~RFe57e04e.TMP

MD5 c589819a68795dd220d0d7aa2c0740c3
SHA1 698c0d5f5fda5037e143b04d6826c4068c14c2f9
SHA256 a2416cb2ac63e805bbea23389b37bb9ebb1fe8f21d44d2272fe663c5334889c0
SHA512 a63b4cac166aff36b2158eb7d662990b2969050049f067c3a881f3e268b517def45a5fb8e44ee9e386c7ba7ae6ead558c233d7a272e03a0fc1295983ca018dbd

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\sessionstore-backups\recovery.jsonlz4

MD5 4fe44aab5be444164718190982f161f4
SHA1 3fe7228a152c7018c3f59ba32a296a92e93eae8f
SHA256 0bf61376970e7e04a260a2521b9eb3a085925bc3a1fd53d4964c4094060554fa
SHA512 c5ff17069fef72ad8d536e7c283fee1ada974bf9407ffa9dea3fee75eefe1e914fd88d7a7d1be9970f74b231c192d6c94462e26ba9c4aee0def1293ae0fe5dcb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 1c616980122941f7e12b8d5bf93392ea
SHA1 1a394784813d646241e8cfdf32fc0b54c3d2cd7d
SHA256 a7d92cd215675a476f582e10f63c78433cfed038cc4d891c36b71d64bbb41773
SHA512 942711bad11af4289c94f47bec858909d6695d81096b19e4cae51780e73bdb78127c874a986fa9d80ccd286f63a0d31d202cdf2d6e757630c5838b1bbe0d8fec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 a052b0b3e38f4112376ca27e01b09e3c
SHA1 6c9a3622c346e7a42fe8ce5bbe7b8abec358c825
SHA256 fac3bd87f6974f84711bf7d224e34102a9692f1126296be3378aea0a07062085
SHA512 474f4a81466deb4c487f73be07f5edd550d9bc67e629d045e1449a026960ef42f342f7c5aa74e651853bc6eaddf489e291740e8963825b6be55f8702beabe09b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 7599ac6dfc8443075124f3cf82324e83
SHA1 a51bea35f87806b0ce439a2175b9ea154cc4207d
SHA256 6c664853c68c6fa1d6f51b342f458878a28543d82360a9f5e600ebd37a44a7b1
SHA512 fd2627ef422fb264876d8ce123aa027b80579219ebf15278a91531350d2ab884ce4e3b51b10a971d2985f7527051072c9ad33d6e5a2c7a7a5e062ac1939ae490

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57fe07.TMP

MD5 edb4b035ee0b1aacb4ccb374854c3298
SHA1 c795cec4101bc52108c3c519ccd4f3a30d84bc7a
SHA256 977a3cf4f17f1b24c1b16562c22dc8577b7c924ba1d27bff96a125faffa4230e
SHA512 c7444c6123de7443e6366c80d4208152ccbdc7f2f5243484fd1e850fa6b7dcd71c80b4761e89f00ac77e40bc10ead5f6327af42f46bd18e6c211983ccfc0bdb9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 51d41e65194583cdee8c4373f6bb6708
SHA1 798dbc7e1601c8f6a173ff6d12d7e2a4d8c55e64
SHA256 4f0ebd909829b25297e7358f9e8b53f493c13f15af79a54337ff5c46a60d1d88
SHA512 aec71399715178702f6cc01bac49a931c6be16f50281c271ec821bf6e9189651381b2cf02736d93655db45f86259fe30aef6eb37562963043d614bef6137b2bd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 0c3bf6fbd7990302692e65f41e161df8
SHA1 9eb9f2dbd703c9a2fe046691fb2a3d5727d8897a
SHA256 fcbd77b7271671e3941cd2c3e5550b7a29dd8f049e5ee72371636e5682c90482
SHA512 5a5f57e1d21d9ccf3cdef1b7ab9a881064b85bceb4e292da9a70b5e87c71e24a1943d2b2ce870dfc6dbc238cfd393414b52af31cf3f117699cf0f825465f4e83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0dcf3b864457cb3b0f687b0d77f6ebf0
SHA1 10b0029bb805b69dd5bc1d0d390528d0bbe6785f
SHA256 3dc4d50661fc797b642e3e43690e79072ce95bd50683ec83d7d39169178c242a
SHA512 ff2ea52999f46f3ffc89e96c1abf7fd8dd95495b91149a88fa0b39987b64e5ebb8d1edcfd1cb99c54373d2384e15b3c6cae82082d375bb85a5ca5482b97dccaf

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sqqfzpo5.default-release\sessionstore-backups\recovery.jsonlz4

MD5 2bb041046a5ddda3fe6361b26ad1caf9
SHA1 de977ac71e49c0a2b254b0031c484f382520c24c
SHA256 cd7d420089ee1632f12d21bd1f87ff6e78f703f8bc9b61fa0cccb759829a895e
SHA512 fb4947371de9c7503091c2db3672b4843dc884053625cae7960aeb4387cac5e7c64d9dc7af27b9c18a154cad8c0d4461f81dfacf8d4474381403493087313082

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 9df53c081e2f570ad1bf08fbe420dde3
SHA1 02acdd1b924b556a04b17823fb06530a05511522
SHA256 68ad83f0036c53f041adb5afc5c8c689289aee8aa08892bfa7a6328811b4a44a
SHA512 b5a11547b219de7739fb4e6da878bda2b220111f048b8da1b49b820062fc74533769ce974e8c6b1a30dfccd8c045a072f204172ba4e0b9c0fcc644e389b891ec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe582258.TMP

MD5 e500fe9936df0f472454ae9c32a30587
SHA1 7c317b840b8694e2320392f9db6c85176cf84980
SHA256 1a14bf1956a88b0fedf11d68b8dd539fa4b90a67bdc9e77f71211ed8935bbf1b
SHA512 502db98d3e3cfa8b22aec7a83a12894e48817f1ffcbd4ef2e9dc2acd93032afc1800e0ed5eeb690f7a1b11c2ecde34d12150964e51cc77a2270cbb94669465d4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 20f7d30e424705eb722403c7cb19e0fc
SHA1 1c210fed47f3793266f4682e332445d7b5ecaad1
SHA256 04f2e5396465dbdc881fd947e4f5d523bc4e06059454d784eeab7f8be9ed1729
SHA512 029df913bf25ae3009998df5e17094495dfbcecd109c2d15516dd391406e0ca692c3324cab34165edf86614f46fa2b2cef60f27c0e6671c46dbb59169f1fb1cc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\3f72ccd2-5355-4ddf-aa59-02f0e3844f1d\index-dir\the-real-index

MD5 44346f526e445d803fc918930fe37bb7
SHA1 15bfa90e488744f278ee2512827d71673078bc5d
SHA256 7d0108720a5546e93aa7ec61265598f2ea126d3dfdef60e3b4c4ca903bef23c5
SHA512 fe6ddc6c2de6e88b1ef531157839486098b073142a6168bbbef7533fa59d80edce7439171e45f0d3ff550d12be0af149fb3d5e96e09982ce7b7d30502ad9ed5b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\3f72ccd2-5355-4ddf-aa59-02f0e3844f1d\index-dir\the-real-index~RFe582c0c.TMP

MD5 41a069928ce8a6c76fd3ac840e3fccb8
SHA1 82789ce5e5360503c36fd4fbb300dfb838fd3045
SHA256 75fd6a34f45b3ed6d311955891fe42ffb80706156dedce9b0c243249b956f5f3
SHA512 72450fe91665a53ee55fa863cf695884213052c7b074e8961bfc59b62254ee694b6bb84a25bbb6960d21eff942f282d7de76441b37feb24db58c8bda9764a492

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 cb552f2c04c80f16f034e8aa7eb2e107
SHA1 da0003b1a1346e456c56130c46f1ad23f4234c71
SHA256 04ef09741f5a5a078ea4e0924561e935ca9c215f91ca27b1341ed52f013ad18e
SHA512 02049fb42d2eb1855d2a20edcf0126f2d8b20ea82df8b166c47ad3ec81fa5c3cee8af7e0378628f9c65425746110f887a12f0801475c5a46f90fb4b149a43235

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 ab21c92d3d9881bb276c73c1214c2fe6
SHA1 2f47f72028b1cee72fc14debd00c111a83fd6247
SHA256 9b0491bb64e28c56d677442c2bc96fd17fcc05354c16ede3be8a9b0f62fc2c32
SHA512 41de984fc71d5d5665f79e4787f2f52863d3f12ef19ca78d4bcf3f3baa2d3fd79585a06b871dbc93ea2f6e1f38e914d4cc51faf03ab97785526056d456e5a9ba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7da17d4ebee94cf5d6c2790c612fe3a8
SHA1 8f84cef402e363d8919ab7af504398848528d73b
SHA256 60d422089aca2a119ba314503785b3bc1f92671c72a23d2419a935bb6858b25b
SHA512 9eddab161f15b6ffe302e1281ffe6a75f4f0472d2a338703928874d5a185f1be44a0865a92bb1817babffd5872b766ac751f3620e06610fd57ede546f43abca8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 30a7ad7110c7ceed7e2fd1f1b184125a
SHA1 b6058b2b7191e87782045d788bfbc23a8031ccac
SHA256 ba3c9c87089691104327421170e816e7864661dffb830ba1bb1c092929e8bec2
SHA512 57d7f17fd1b66fd211e8b7b738bdb51fef7bc1eb67b2ab3a67e45ededb6510c4da39d284f14847e77e0d8a5212078ca054e5fc083183392909280edb9f9356d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3815f2ee14561c3a159740845170dca4
SHA1 7ad738acb65c1856021a9fdb7da72dec5c9f80a5
SHA256 51ff1c37eb8a73ae21f9a63e24f310408fff9c79b7d45a99b42c46125f764215
SHA512 4a32118b4d37ddf15b641ef727570df54a57a9d07b390275980227672d5883d1548059d4a5ae4e4a72f47f0f30602d701a8999a39d3cb83a6e7610c7f77d0269

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 60727006fb18cf7a6804ef161baaa86c
SHA1 4a945438afe6cd540bcfdd60029a3ad873378494
SHA256 1001cb75784e47ceb357f1faec7b7bd66bdd7fa9fcab0aea7a1bb8adc4d2c7bb
SHA512 86c4da96ff27a40121dec6c7d1881a39ad46cc8d5b728e5af22081b514fecc432b55c402bb99c587d5a547e31cbc71cfc1ff3af57ebafce9d248a704c97ac6d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 51ccbf1491900e877cd2ab8cce2ff2f1
SHA1 3481b585c59616abffa05c1619dae7d44225b8a6
SHA256 a1c23b981bb3c27ba76b75c64476976fb994779b8d4065608f968ad0f9d34ce9
SHA512 15f83cb9a9b38ca1ffc34207dbb5bfa576590fde5a2e22d7549c812beb3c4a523aff70061fb84d917eccb2d36bfebfbef9b508f98f0b1ff639ffc800aec5fd64

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 27ff1cc95003f897ec673ae63fa51632
SHA1 619e7f85e686893c594cc9f32c1bdf620680615f
SHA256 2865307e08cd2a39241916a9511093692b09e7a13b67a4d8a3328188d310ad9c
SHA512 f68c643e55099f8c4f39b047b29dcbf86bd993291044c6e8c4af57956b8e049ade876c414f4554f3b641c9644a68b56252e20eda7eef70945cc8d26b93a4326d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 078a6a8af54f4439358bcb27da4f68ba
SHA1 548d6fff9d32773d85dcb3a5ebc4b89acb702be8
SHA256 60366edb5e408741a71f4c66c948075347b284d77da4e48ffbd92d76ebf5f2d5
SHA512 91c0ef0ac440ae841621a6e8ab393847e53f138ec2abdbe477b8f9c1028799963cf94c5982875dd6fa00b9937b031d3ea2ec67e9f812baab604fdb51d87a54c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9b3ff8f01379b3205cda57db45b5f290
SHA1 88ba13ea2171e4dd943ab99f94e085e3949227e1
SHA256 c3940c7c58275d71f16d67c374152ea86784603256a995a72450d18ae3f264c3
SHA512 677691df42cbcff833ea23cbfaef4516b14b413c9fba91719b4a4173985f22aabd829ad619fb77b1a180db273842a9e9d674084b07a2f63d5a2cbea49a4a7b66

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 f2ff1a137167079260d42f45065be7cc
SHA1 9d264f9beba60fd3ee9bc9070a2fafb70fe171b9
SHA256 bd897d7db8edcd17367312d9f2971269f1e055eb2d27475eba466b043e3b7222
SHA512 149a294eb7a5cf56855ae6f0b2e5d8d73b8438d631a24e7cb6cf813d7b85e50c5e29b6aaaa6ba30e043271e4d36b8c645d2af72f6c7b1bf641b519023ff5ee8f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 d083440827c77bf359958b5682ab3c62
SHA1 a87f92d7b441af0cb072efaa6dc8be24342881ef
SHA256 97c0a67fa4427337a68398fed49cd2245f79b731d94317305b7bafc24b2e881d
SHA512 f9e3f9414212555798be04bacc0d32bf60218083d31a871e3e83b343f1a9feaac8bc8847462fc638a05d90e33e2510b89eafe7e9ae3082e91520bfad71303fc6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 8c74aec35a5e910ca5673f5944ef85fd
SHA1 5fa11f3ecb581489e90f61c42bffd7ff1cc3966b
SHA256 839d73bf34b2eb7c3161480f3507192cd6fd7a79231aa45eab040595480820f3
SHA512 3f3197796f56abfa31b8a66ce65ec33d2eb7b669d23db87ca59cb0f767f5090b90e8f1f6ee7a51b62b0034851d00513b2a9ea0c741c04a2186217b9fe84235fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 2dee870a71e4e8eee06f389d3c491e02
SHA1 bff19aa16a8c61efb134bdb0ae2cada94f65adc4
SHA256 5509bc384a61f866c6a359b102ebe8b8f3c43b454b299216726cb9a44b813ea4
SHA512 09db6875fd40a869fa834baa6f0dd158ae8d59e540a88c08f20d98fb8d82592a61240a5835aefb50090119ddb5cd6b57da20c880feeb5c4ae734ff36f4a2c23c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c21d92793ca1e8980e5f68086a2126b9
SHA1 cfe581d8279520bff71d6e0ca26d9d6784890df5
SHA256 f27ea21b13fccdc958aa52afc8a64ac59521af15203141de8fe5ed1232b4ab3f
SHA512 9e9134f856b13194c13cc0523b798d38996cf8bce468bdcecd451121cd60127bce85c5d1361f82ee73506536577783e4872d510d377280760a8f8d2007453b36

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 c04519a9c4f9e8a61d0b8ddf0e366116
SHA1 c41754f8bbe9d1b8a61cb7ebb349039f750d8bdf
SHA256 7012f632fec74f0f63405040e53778440312a6643ec22ed61baa56b82e5661f5
SHA512 c2cbe30fb50642518bcfd663113483932cc6ae62f41f356739cfb4e9cfe989d1bd3eb3b9b0265599fd95a663b66a940eb8ab425978693a6b86b2d40fb6b0f981

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 77a6597b2f144addbd0314c711ba3d5f
SHA1 2b3a097bf2baf84b0da07a7a4876a817f8f5a8c4
SHA256 4ec54f6a72331e49df0c07436de34b60ce6352e72f9db2ed419a1b6b9eaca00d
SHA512 51fb8b484eb74ce0ba034b831e859adcd1c620c9142581ba975ddab2f3ae6c812d945a84766299ecb7e771d366b91983cd596ebc79722a3e69950df70e82ae02

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 746e20e8dc6709f0ead92add2c7aa477
SHA1 662ece89b0aecce6d7390afdb6a08d7740d52db0
SHA256 91a8bb2ed000624f361bf3492bdc8e95aef2db213a443b07e78ea7accd489291
SHA512 7c8c4ce7aaddabaa8e14d3c8ed143966dc90b782f23aa41dcce24cb0dda35d2eb0bb0e951bab315203a2b517a3ae523a6aa93c87651d93faccb733ffe3207a5d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 613214188819245b2da84cbcbbd30d09
SHA1 197d9d17e2d8b9ae76c997adf9e055bb4acc5453
SHA256 c504e66b5ce16d48482335fc3191587c1f570c4342a42b8e447e7adad5231d92
SHA512 a3da2e235a5df0caa0def38a309d6242d9624f0eaa88a7e658c4abae2430937f56ae04db8af1f4336f58476124176467aa888c718f348afedfcba907b798cae0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 c12ecf198aad3b17255b6ea2ce1eb944
SHA1 e7da5483cc7d7d30d313e61efeb48dea14c3a36a
SHA256 ecd329123dc199835de50433921aafa4d994a5c25e08caecbcf4e40177760060
SHA512 eff26bd313d6047e6524e4b63c1493acba368af252e586c196773812eea142943e59e21c4923da18399a69ec3e539856f96b77d3f57f0a42c0497883efcb0684

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 724a4e1c4487bc69b9fa18a8ef6ffba8
SHA1 321f6c2007442fa8be56e7b309bff46d398d4953
SHA256 00f5abec6125f1c545f7a78f258abe9a9525a7d3ac661d08aab7f4645f1f5cbd
SHA512 cd1f7d62a18ac692ea043f5fa8c65502d5638669ba34b9a1058bc4ff601097e1215103c6f6c3e93b2e6e5183f84ef5de31346a9684dda295d26779f1338d95ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 6a98f16ef067c7655c591da009ae059f
SHA1 915e55460ea86a49ff62d3a2d221322e42e12b39
SHA256 f340684c9d0cd084512913739cf557c7b761abd520c23c4c176b0bbda706ea53
SHA512 6137a88e900270807636d17cb06a53880f928432ac870b0dcb44e9a81e0f2c804d08aac5ae0d7165721aa40a896f34d1018b663da393fa5026ce42ae3fd14d6e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 268fbfbe37c7f37044b9249b59f2d44f
SHA1 1704b540ba4d9357b626f6b63359acf805ccb607
SHA256 7b71778d1424055a744c2fa1d164e1d82583fb4bf63eae149302d6dd8ab72c73
SHA512 ae3f63793db5f490db0da387925144451db31e1395a1fd236426d8b3a6c80cf856995b13febc394cb651dfd116a18d3150c91bd4587fcd9373df79bc2827a6ce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 567eb76b2ab9d0980c5f6be74da47859
SHA1 eb5d678cbee870a10145812f921e97c739d3547a
SHA256 c8f535932eef473ba74f34aeb477b35dbf4f5aee7bc54b9a4bcd7568bf99a885
SHA512 d4a06d30f8235bf5d6a2d28ae56239e3f29eed00bfc8e12ccb30c4530630fafbe3671e3e2bbcced52d7f448d1922ece4ce213b872994f5aef8e5fe6538dfa08b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 12f09050deb278ec9229501a9f647271
SHA1 45eb8938345882f21ddaf3e284b7d931efafdab2
SHA256 f069bcb11598158e6d24c60caf2f734dd92cbff26c8de1d993f3129df6a955e7
SHA512 885d118662fd2eb2d8baf664af9c85638ed525dbd22e403619df1a4f7b4afbc33a8ff5b42e43d5c4a0dda2c0366ec8f48f552c5d15c6791086db09a84e10a41f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 f48be85e4ccdf0bbcfc26381de700fb0
SHA1 679757eff8130a8035a2aa4fb34b3a2c77f4e346
SHA256 2cd326123c06892b25bab0cb54b01131c9f93268ab34dc1a42af63afdec85db5
SHA512 a6dd5580ec51a54a5eae35314ea3505b89c009da5d92002f346b6c5d91a5b982434c01f6acdd2451d4ae71bb64aecfdc420437e4c81ccad8cf10045b0c9bdb9b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8ee54d64d304faf321176ac6aa1edab7
SHA1 f49d15a8726c4ca97a18393e53849d61534f4bfc
SHA256 cb11e2874c45bc1786db6998b3808b36e3c0ac00b5617947e63828ac69955320
SHA512 d797d6a942c2c6a1fe180672d5914122f85b2e029f13593c00b14e4fba979e799b6155eb021b281deac792a0eeb17a53c97d01a77a0333f4224fc6fadbcf860f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 e874bfda0c382fa2948fd42a1d295cbe
SHA1 974e4e6419aa0509473afda69fac415e1fad24aa
SHA256 9f01e04f3382ecde15ba9b15ecce9a36115063d4e7f478f8fec264992b4f1991
SHA512 b6008073d563277fe2b04412754488cc2e2a7bc2e1eb18801f4efe2e0747f061a0fb8f66b03bbf729aeb34caaa37365c5d3a15f65dd9ffab3cb279cd02b0e197

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a45965883cd469252d4aa707e1fda2e7
SHA1 2f9dd607d4d12f72db0e344455a1fc1445bace19
SHA256 8f2df1719a2a4d499962db1301c3b45abc07368104ed49bde225de542e9d7d50
SHA512 4330a290d243080621d77e4e9551a9f365db60bedeb53ea874569119a00d2275563d301d64cf5a42cec6581b30b14674deed9e432b585479a2dde060f43a940d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 48586c6027efd064c592be2fdca626f4
SHA1 1c9a210b9f3dd20a705831f19466e11bb201d7cc
SHA256 75c7191808f6dc312b43b0d37c00b220f9a88b3285335446a6e09b1782928410
SHA512 bc99e17cf79996bae710d6dad47871c221a612562700aba05e23cd25ea6c23ecaa25b9d70cd35976c0b08666091a1badc40b90c6aadfa426b98dabaf7dd8f586

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 d20eee5b8d502b57e6815740fe3d2a5f
SHA1 107b2d0455ac969deef4807f419361a6337867d8
SHA256 f6b74cac59a531db7da12d643b34c9532dab52d43d083fc31972d2d74c432caa
SHA512 51f8a35474a47ab9657b34c42e4399aec4c1fd697a35c1c1f79f7049f8c66e01ded896251b8437f1f293f11634bc246b64ceb1c14467e3967cf6e1ea3935b5d7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 eca6c1bf4ab026324a45863bb8021c7a
SHA1 ef40414b08f5fd524b5aa9fb8fc6ce06baaf0d4d
SHA256 4a74954e077d625e5d89472a06959571004d58dfd271e5d2581eaceac5e844fc
SHA512 c9b683e1265878a185acc399f51b7c6562074d734e59a35dc7fc33746a94e4773a4af9e1169f0e1c237d54e554cb18a87f6e28d5ceb49ef840626ecd83602a3e

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-19 14:19

Reported

2024-02-19 14:22

Platform

win7-20231215-en

Max time kernel

36s

Max time network

148s

Command Line

"C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe"

Signatures

Detected google phishing page

phishing google

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a883829c536588438b4279b7bc6c193000000000020000000000106600000001000020000000a6256e8dee51d9fff7983ddfb2d6047dddfb8379fff37d31425ef97e6fc8961f000000000e8000000002000020000000512ffc2d3995b8a807ba5693d37bca29e5523914c9e44dfab703d38902171a502000000070a2dc820740dfe3e1cfc729edf1099e2e7a37096da7a2ce85bd0fc6b68da03b40000000de5d02091434f8d812877041c20e44e3d8acd97b87fe10f74f415eaae7434eb191b2a19637ae27b8bc01233560f466908640857ffdbc7e23954b019b7244bb2a C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{E43016C1-CF31-11EE-BE47-DECE4B73D784} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff5600000000000000dc04000065020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\DOMStorage\facebook.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com\ = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1712 wrote to memory of 1968 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1712 wrote to memory of 1968 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1712 wrote to memory of 1968 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1712 wrote to memory of 1968 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1712 wrote to memory of 1056 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1712 wrote to memory of 1056 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1712 wrote to memory of 1056 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1712 wrote to memory of 1056 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1712 wrote to memory of 2896 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1712 wrote to memory of 2896 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1712 wrote to memory of 2896 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1712 wrote to memory of 2896 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1712 wrote to memory of 1612 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1712 wrote to memory of 1612 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1712 wrote to memory of 1612 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1712 wrote to memory of 1612 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1968 wrote to memory of 2736 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1968 wrote to memory of 2736 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1968 wrote to memory of 2736 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1968 wrote to memory of 2736 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2896 wrote to memory of 2824 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2896 wrote to memory of 2824 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2896 wrote to memory of 2824 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2896 wrote to memory of 2824 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1056 wrote to memory of 2792 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1056 wrote to memory of 2792 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1056 wrote to memory of 2792 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1056 wrote to memory of 2792 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1612 wrote to memory of 2600 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1612 wrote to memory of 2600 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1612 wrote to memory of 2600 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1612 wrote to memory of 2600 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1712 wrote to memory of 2976 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1712 wrote to memory of 2976 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1712 wrote to memory of 2976 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1712 wrote to memory of 2976 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1712 wrote to memory of 2548 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1712 wrote to memory of 2548 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1712 wrote to memory of 2548 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1712 wrote to memory of 2548 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2548 wrote to memory of 1196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2548 wrote to memory of 1196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2548 wrote to memory of 1196 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1712 wrote to memory of 1388 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1712 wrote to memory of 1388 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1712 wrote to memory of 1388 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1712 wrote to memory of 1388 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1712 wrote to memory of 1772 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1712 wrote to memory of 1772 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1712 wrote to memory of 1772 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1712 wrote to memory of 1772 N/A C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1388 wrote to memory of 708 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1388 wrote to memory of 708 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1388 wrote to memory of 708 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1772 wrote to memory of 908 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1772 wrote to memory of 908 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1772 wrote to memory of 908 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1772 wrote to memory of 908 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1772 wrote to memory of 908 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1772 wrote to memory of 908 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1772 wrote to memory of 908 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe

"C:\Users\Admin\AppData\Local\Temp\80f5f062bb7cce972a6e49035ffde4af.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.linkedin.com/login

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/video

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2896 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1968 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1056 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1612 CREDAT:275457 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef5a29758,0x7fef5a29768,0x7fef5a29778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef5a29758,0x7fef5a29768,0x7fef5a29778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef5a29758,0x7fef5a29768,0x7fef5a29778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="908.0.1698930923\2073268455" -parentBuildID 20221007134813 -prefsHandle 1236 -prefMapHandle 1228 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ee406912-bf3c-40d5-820a-5757bfaaf4e6} 908 "\\.\pipe\gecko-crash-server-pipe.908" 1324 fad2758 gpu

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1580 --field-trial-handle=1472,i,6643726466153916670,12126113082113936794,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1384 --field-trial-handle=1472,i,6643726466153916670,12126113082113936794,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1132 --field-trial-handle=1472,i,6643726466153916670,12126113082113936794,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2108 --field-trial-handle=1472,i,6643726466153916670,12126113082113936794,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2116 --field-trial-handle=1472,i,6643726466153916670,12126113082113936794,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="908.1.19948681\1497889316" -parentBuildID 20221007134813 -prefsHandle 1500 -prefMapHandle 1496 -prefsLen 21610 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {be737b3e-8dd1-4333-bb39-4c54f02016c3} 908 "\\.\pipe\gecko-crash-server-pipe.908" 1528 43ee858 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="908.2.549759702\1878960302" -childID 1 -isForBrowser -prefsHandle 2188 -prefMapHandle 2184 -prefsLen 21648 -prefMapSize 233444 -jsInitHandle 588 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1df4695c-1583-4b42-86c9-7076e09c098e} 908 "\\.\pipe\gecko-crash-server-pipe.908" 2212 17b0e858 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1104 --field-trial-handle=1276,i,9663301895240051373,3811798035101622512,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1144 --field-trial-handle=1276,i,15806780682910062443,4077829263724386536,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="908.3.816099611\46388046" -childID 2 -isForBrowser -prefsHandle 2820 -prefMapHandle 2816 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 588 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b9a09286-96be-463f-9c61-115ea8f24f7e} 908 "\\.\pipe\gecko-crash-server-pipe.908" 2832 d61f58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1444 --field-trial-handle=1276,i,15806780682910062443,4077829263724386536,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1436 --field-trial-handle=1276,i,9663301895240051373,3811798035101622512,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2716 --field-trial-handle=1472,i,6643726466153916670,12126113082113936794,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="908.4.149094642\905111304" -childID 3 -isForBrowser -prefsHandle 3424 -prefMapHandle 3440 -prefsLen 26170 -prefMapSize 233444 -jsInitHandle 588 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0db2cc03-f134-410e-a51a-a246e2734bd7} 908 "\\.\pipe\gecko-crash-server-pipe.908" 3448 1dfd8558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="908.5.1003368055\1155742558" -childID 4 -isForBrowser -prefsHandle 3556 -prefMapHandle 3560 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 588 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d8746ca9-506f-4daf-8da4-0b2fa676cf50} 908 "\\.\pipe\gecko-crash-server-pipe.908" 3544 1dfe0858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="908.6.1406966064\252950412" -childID 5 -isForBrowser -prefsHandle 3728 -prefMapHandle 3732 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 588 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8f9cde36-2255-4a35-9ebf-3bb99de26e30} 908 "\\.\pipe\gecko-crash-server-pipe.908" 3716 1dfe1458 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=2792 --field-trial-handle=1472,i,6643726466153916670,12126113082113936794,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2788 --field-trial-handle=1472,i,6643726466153916670,12126113082113936794,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=1548 --field-trial-handle=1472,i,6643726466153916670,12126113082113936794,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=2272 --field-trial-handle=1472,i,6643726466153916670,12126113082113936794,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="908.7.1922917355\390978400" -childID 6 -isForBrowser -prefsHandle 4100 -prefMapHandle 4048 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 588 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0b48b986-8014-4564-aca8-f41b00114cc5} 908 "\\.\pipe\gecko-crash-server-pipe.908" 4104 1dfe0558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="908.8.1164754518\306820654" -childID 7 -isForBrowser -prefsHandle 4236 -prefMapHandle 4240 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 588 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3748b9e6-4c78-4981-b778-b871bdf08590} 908 "\\.\pipe\gecko-crash-server-pipe.908" 4224 2093e658 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2472 --field-trial-handle=1472,i,6643726466153916670,12126113082113936794,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="908.9.916155275\2014451255" -parentBuildID 20221007134813 -prefsHandle 8508 -prefMapHandle 8512 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {db7906be-4b11-4daf-a87b-3bf2f2e5e0f8} 908 "\\.\pipe\gecko-crash-server-pipe.908" 8496 20b22258 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="908.10.1652043052\2135151" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 4596 -prefMapHandle 940 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {554de83f-2a26-40a9-b782-45347155d774} 908 "\\.\pipe\gecko-crash-server-pipe.908" 8508 12ad7e58 utility

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4568 --field-trial-handle=1472,i,6643726466153916670,12126113082113936794,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="908.11.59942623\36793347" -childID 8 -isForBrowser -prefsHandle 8084 -prefMapHandle 8088 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 588 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d19bff60-c315-4d0c-a39e-55834761363b} 908 "\\.\pipe\gecko-crash-server-pipe.908" 8112 d68d58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4360 --field-trial-handle=1472,i,6643726466153916670,12126113082113936794,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 static.licdn.com udp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
US 8.8.8.8:53 m.facebook.com udp
GB 163.70.147.35:443 m.facebook.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 platform.linkedin.com udp
US 152.199.22.144:443 platform.linkedin.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 152.199.22.144:443 platform.linkedin.com tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 fbcdn.net udp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
US 8.8.8.8:53 fbsbx.com udp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 www.facebook.com udp
US 44.239.198.133:443 shavar.prod.mozaws.net tcp
GB 216.58.204.78:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
GB 163.70.147.35:443 www.facebook.com tcp
GB 216.58.204.78:443 youtube-ui.l.google.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.youtube.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com udp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
GB 216.58.204.78:443 www.youtube.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.169.86:443 i.ytimg.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 172.217.169.86:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.169.86:443 i.ytimg.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.212.234:443 content-autofill.googleapis.com tcp
GB 172.217.16.238:443 www.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
GB 157.240.221.35:443 www.facebook.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 216.58.212.234:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 rr1---sn-q4fl6nsl.googlevideo.com udp
US 172.217.131.134:443 rr1---sn-q4fl6nsl.googlevideo.com tcp
US 172.217.131.134:443 rr1---sn-q4fl6nsl.googlevideo.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 172.217.131.134:443 rr1---sn-q4fl6nsl.googlevideo.com tcp
US 172.217.131.134:443 rr1---sn-q4fl6nsl.googlevideo.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 172.217.131.134:443 rr1---sn-q4fl6nsl.googlevideo.com tcp
US 172.217.131.134:443 rr1---sn-q4fl6nsl.googlevideo.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
N/A 127.0.0.1:50238 tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.178.10:443 jnn-pa.googleapis.com tcp
GB 142.250.178.10:443 jnn-pa.googleapis.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.212.234:443 jnn-pa.googleapis.com tcp
GB 216.58.212.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.212.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.169.42:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 www.youtube.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 35.244.181.201:443 prod.balrog.prod.cloudops.mozgcp.net tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5ednde.gvt1.com udp
DE 74.125.162.134:443 r1---sn-4g5ednde.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5ednde.gvt1.com udp
US 8.8.8.8:53 r1.sn-4g5ednde.gvt1.com udp
DE 74.125.162.134:443 r1.sn-4g5ednde.gvt1.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
N/A 127.0.0.1:50278 tcp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
GB 157.240.221.35:443 www.facebook.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.200.14:443 clients2.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.204.78:443 www.youtube.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 google.com udp
GB 216.58.201.110:443 google.com tcp
GB 216.58.204.78:443 www.youtube.com udp

Files

memory/1712-0-0x0000000000380000-0x0000000000381000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E43016C1-CF31-11EE-BE47-DECE4B73D784}.dat

MD5 972297ece67919dc253eab079030d4ac
SHA1 3a7ff7dc0f9d7ce5240b35e0413293841f9eefad
SHA256 aa4c354300e6fce3de43a72337b9134d9fcec3b8bb316dfee729b16b31c83994
SHA512 33f9e932a256bbfba3c8207545f1b6d941177c85d51b1a981bc1dd2418dc1248982243f1ba66c0a0aa6a604a1ab657f30a365ebdee361ff578898052616600c4

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E4303DD1-CF31-11EE-BE47-DECE4B73D784}.dat

MD5 37f924343c34ca8857ea3de4e82c2520
SHA1 3cbafb0781835cc6b91a00389ee24f25a181f20c
SHA256 f2dd1bb99fe31d79ea371ab40edf02362e22ef267a633cfff7b6fda62e0aca06
SHA512 924a081ab25e142277019392ef10641b6304652a6a9fa343d2a584bc85d26a10a385a71ed3be075ee19eed8a07819404c319ac17f58a8b8270500b76ae2bb939

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E434D981-CF31-11EE-BE47-DECE4B73D784}.dat

MD5 eda5f69405558f8f40b8c86a5b08a18f
SHA1 566ec471dd5c1244c69b71b156ad29c7e242e316
SHA256 2b4c97c672f454d8e6967d1f6fe674f06bd33f5090c4a48775f242e40be57b35
SHA512 c671c0918bae6842306e92c0661485651dd14445f0a0eeb5346a3efef6feb020fa46afaca96750de273a557f0635f8abe7c9d92d94c3d0373e3c57072e3b02c7

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E4303DD1-CF31-11EE-BE47-DECE4B73D784}.dat

MD5 aae555e092d79e785a53609cc4ca09bc
SHA1 08ae576b511eb14caedcc7f8b12b1090ac2391f6
SHA256 992282333b94f01c8a1a7719ace6a858bec8065e0ecebd0a696e38dfd2013dc0
SHA512 f2fae7878239d7f6fe6dc7eed5d89426bfb6b451065fa2595af0494401101737b62a295587720faef2f54549979e84ba42a072efca6f23d8f828dd6cf0458bcd

C:\Users\Admin\AppData\Local\Temp\Cab5053.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\Local\Temp\Tar5162.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a251df55573d3bcb2c43c9d9a099956d
SHA1 5fdd4422defb00646974490d5395b2240f6be57c
SHA256 0e0ac777db75a78deecf13282d406b1face32738c3af2abc6140fe7a5fe9f1a3
SHA512 64044e60c76520fc09955cb0bd82a15f9fd3ff20e53945dbb967e5ab5c133020528905631bea14b988e2d45d871d54b6d7dfd33d0599a1077bfbbc46d933ef96

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 5b1e61565370ced4389e1fb9cf2eea34
SHA1 b3247b7d4a124b21c5acb430f207dfacf097f1bf
SHA256 98c2b007222adfaa8b008a1088da7cdf8f49a4edea94dda5913549eb607f0f74
SHA512 c9cd08e193323351b5b6ef9e3ad5062e1072242a0d4380e7d6dec73a7ffa23a0283eb8ef5595bfd86a4d87ba53c0c5bdb8a83454e856160f42dba7c7f92ed362

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 f1196c13dc9545f605e8e2805f405c9f
SHA1 3ec61f4763fa2c18e2d96b39a7eea61e9d3ac9be
SHA256 296f2d6a33699239db94c7e567259e9be8da0452060f93036ce3ec7238f17150
SHA512 3a0b9745224976e8af69b38cb96530fb1d1f5d0e27ba4a7755bf57c3ea656730873d3b7cd0088491ff43896739da6705283af64ef5b5b9aa71b8426460f73014

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ec394395d8b410a33417a1477a77f55d
SHA1 70ae3e481bd37b51878c7905a6d4a80b3ce33bcd
SHA256 0420591b268035a056ee14044d1abd162308e0c4600e5806038aa96dbdff1171
SHA512 5af88c0917ee8411e76839e33b140b35723b232d97117e47816a6674368635673f9feb6f2762e8157eafd06ed0a7016a6aa98a2ce11a9f0a574c934f6565d22c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 91d2d8d310c279767970805b179d81c7
SHA1 f16b17e8083c8b5436664c60a1f3a9c1aa3448fd
SHA256 0b62837d1bd24b80cdf782b20a74826eefd59ab4a6117f53b05aa311a9ef0ba2
SHA512 f7d1662dbbca63c23a713598667af449e6957126d9c97c2a148fe0e4c92fdf6063ed9620e660af5a67b78eff2f974b05558eba3ce5d15cb7dc9745969ddaa801

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5572c607233016d698ce0693e74b1009
SHA1 6e9c10d4b7de63ebfc0feb63e2ca7b256ba822bd
SHA256 6ddababa67e841ddc8bd220e690e13749a0c22f3aec9d6b4ac2c5b391d1d6f6e
SHA512 c183035181bbd43fab3d8a55e9cf5d3c445b3ecce385d3a77934fe72f83ec5dfa6b4c0dbb8bcbe320e3c32d95afa2e1b5ad52d3318a9815b2159f57f47c765d6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 690d81327d0405387936a58b9b16392d
SHA1 b71e7d953c212db5dbb1bcce580272b3c1eca7c9
SHA256 77c16703033b0dd6e311b30609bedd8fed1cc7fd42514dd7c2191ceabbe82af1
SHA512 5b981eeb380882f0473bb34fd180a4ede84d56153222a8a753124b9283a2979450d0cf4e7d048a9143dfd85b5971f545bcc14907fecd9654129724af05f53199

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 05a1495f7ff12f1dab4f8d185a120f7f
SHA1 20768f7f4663cd44d4b77dded8e658be2c7c917e
SHA256 b20a63c049aaf701fc3787eebc192536dfc00557b6709878f1a40d84098c588b
SHA512 f102b8cb1ada393de8372b8f73b1612ba28e8d36223b259a1f194448ffb15733ef6dc49bb8c160c6e97a9ab87047a24df33fcd691cb816cfb6015f0b293f4a2c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9b67999f9eea3d33822a0cb981c7e051
SHA1 3c037862136c142018f4ca428cf5fa9ca994fd6f
SHA256 85da30736a55cbd8d6cb33c59990c9532bd22717910dbbc1b6ccfb2cd68bfa54
SHA512 46743feb720d614b5fa3ecf26799593e68274cd166c585eb518a4889afd53a5924d77e539165897389da31d783338e64ab2606490e8f151d706d3adf9d37c6cc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_520FA7AD0A5B7A5300910F5BBDCB6D0C

MD5 070ac81019794f3620c13edd4ffc1599
SHA1 612f6bde370b21fe4b46d5bb675213475a9d2dd4
SHA256 8b2344b01000dcdc7ec04fd434cf87c88becbdca19f3526675ec937217023bf5
SHA512 871d7cc43deccd8d6c794e58c30c2c8c96c290fa5dc1b5275ca9e232c3c499e1b60ef429bf3596cfe42746c19fbb10c89d78bc790b62ade188a275b64bf20e19

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_520FA7AD0A5B7A5300910F5BBDCB6D0C

MD5 0d475a764f404e231206bdbc20392613
SHA1 08adab374d681c8a2e385dc1aab1f8814a646d0c
SHA256 dbac3ed47e9109bf3dfc043aa2051749ec60abfd9491abda7dc840785121907d
SHA512 49b63bf4ca2f0e5fa337d1b1cc257690bb14388c19476893ac4e490e3eca9ab1588fbfd1842ffdc550c72decb593950643017813070c0fe7a7f685e2254a9775

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_520FA7AD0A5B7A5300910F5BBDCB6D0C

MD5 54f52551b62b031af09eb64a6e846863
SHA1 7106c871a8f8fc8f7b68ad2d92865dee08dc36dc
SHA256 3239b773184310c2c575c51e5865cfb60f381094f8f64749bb7029c0ec7bdf33
SHA512 ca3a4b8d1cdf82b83bdbfb8706434bc0f926eba273f20a5f73269c17b91c38d744bf92e698393b6231b25a1f16c747a1c932143fb46b6a33693b9f49c833747d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_520FA7AD0A5B7A5300910F5BBDCB6D0C

MD5 02c509a6da755ec7d07b2a74700d0c21
SHA1 c16bfaa571c6f56cf5d8b5831c26702bd0de62c5
SHA256 ac82fea5d0d48b2a638b4d1536a95312b3be00e694e7f39e815d14dafde7de4e
SHA512 8833ee22deec8833cb72ee680fe20295ddde1596c1e722125b4bc3ea86a59b60c2d63b6662d41b7995cc8f771dc67bd227ed2d56b3423182c2fba528f734027e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_520FA7AD0A5B7A5300910F5BBDCB6D0C

MD5 817765ff0404247532539438a312b5c5
SHA1 5c10a8d220480e064716f7c7bfa582da563dece1
SHA256 dcbd86382dcf93e6f76847423ffdef505b912c4543fbe890a8f935b0c655b6ec
SHA512 44472893c707a9a423024c397dfb9e4a8389a13a169d57652beb4251039ad97a54408136d0682c97d651d5d33a781217adc1c707ada9a0137690c3e03cc45ef2

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTTGCPI6\favicon[1].ico

MD5 f2a495d85735b9a0ac65deb19c129985
SHA1 f2e22853e5da3e1017d5e1e319eeefe4f622e8c8
SHA256 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
SHA512 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\d151rer\imagestore.dat

MD5 00d57a21bf5ba115be67e94b84703dde
SHA1 5ec54d74ad2080938fbeecbb3e62fafbfd5ee618
SHA256 fb7654996a5a3dda438cdf0c49c5eb6635841650e7b678bd6e449d01e6a3f18f
SHA512 21505c95a79f1d272e4e9080ef65305bfb8fd70dba58b8917fafd38c03b4fd32d6322549467b9e8366a070977557f513504b66585fef9c848c005ddf768a6de0

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CFHPCFFP\3m4lyvbs6efg8pyhv7kupo6dh[1].ico

MD5 3d0e5c05903cec0bc8e3fe0cda552745
SHA1 1b513503c65572f0787a14cc71018bd34f11b661
SHA256 42a498dc5f62d81801f8e753fc9a50af5bc1aabda8ab8b2960dce48211d7c023
SHA512 3d95663ac130116961f53cdca380ffc34e4814c52f801df59629ec999db79661b1d1f8b2e35d90f1a5f68ce22cc07e03f8069bd6e593c7614f7a8b0b0c09fa9e

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\d151rer\imagestore.dat

MD5 b162864fb1269639f36573354aa3c320
SHA1 e9c753a16eb0658d6e3ff81a6494447c1debf12b
SHA256 0284270f60e7deea5d8f384d931ce64bacefee06784083104b96ac9ba1c89c50
SHA512 51295310389f067d4f014f457b4b84998c3f4d2d5dac2415c53fff196c722463aab04d168a1b81985a8ce1a88fe0d011279df219f993d7a38f3d83a219e86d08

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\O09QS9S7\accounts.google[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\U8DI8AG3.txt

MD5 c8c2ad1f2ca376cfcd9e0e5bdaa21875
SHA1 5080f4e9e206fd5c5c00b7cedabef68cd50eeba5
SHA256 71f35fb2a4befe579e90ec36ade5165a4b29aefb0720582a7cf69ae5232ba6f7
SHA512 3706870bb53e5f91d70f1bd4b550abc5cc3e18b013a8a03321795e2015660ccba8f69ddad3ac43d1e026bd09cfa49825ea6cb08b2ea93db214287f79cbff5942

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_77B1CCFAF3D0516ED1D1368847DAC1ED

MD5 a3cd08eb3bdead5bcffe5edd8b78a445
SHA1 0690821870aabbb491ebbf25ae7707de62336f3e
SHA256 e0d5059439d49458ddd35af23f868747e1091aa6f3c685d2a72d88d1558d2ce5
SHA512 df398a4dca12353bb87935f5861ede5cae5da3162e7690337e81c9aac6c6ba7394edf46bb4c87ba9f3bd1935a601c35cce1c25dd077e29303211e0b35b9b7ff7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_77B1CCFAF3D0516ED1D1368847DAC1ED

MD5 7f68f572686ff86f36349cc3b9d1473b
SHA1 8b41a72bd98fa01ccf86b96268d82deb57eb8b04
SHA256 a2104a17936d4b08e689d514c6239f65c25c364a92b20749d61930e287dcf31c
SHA512 c29bf715ec7e96c6e3b760645bd9f24fcd6445337cf31c13c68b65637f7a93ea8d65680758a1525c8f54c680bb6f732186adee826a28a09b34c053ebaf652231

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1YVWL6AI\favicon[1].ico

MD5 f3418a443e7d841097c714d69ec4bcb8
SHA1 49263695f6b0cdd72f45cf1b775e660fdc36c606
SHA256 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
SHA512 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\d151rer\imagestore.dat

MD5 5ffe628b5706a7f9112e828770031f87
SHA1 864287507b53cdb8c1ae4606b6f3a7a361211d36
SHA256 3293c5b9dbd1f5861634915e6cd2da839923e0e2ee93efa3f9a71e8685cd6984
SHA512 83144744f07b58beb9c7a96688ceb52a5de6e55319aaf4054aff3cc0e433356e003add5e18c50bc5921c56d6392e463c38d70226bfb2856e9e93aa95c95765dc

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1YVWL6AI\4Kv5U5b1o3f[1].png

MD5 a81a5e7f71ae4153e6f888f1c92e5e11
SHA1 39c3945c30abff65b372a7d8c691178ae9d9eee0
SHA256 2bc7a47889c56ad49f1b8b97385d5a4d212e79bb8a9b30df0665a165f58b273e
SHA512 1df32349b33f6a6fcb1f8b6093abd737fa0638cdd6e3fd90a7e1852bd0e40bc2633cb4e13c4824fb948d1e012e5cb9eed0b038b121404865495d4e57e123db69

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\d151rer\imagestore.dat

MD5 690cbb536051e66944fc8474b27c2d92
SHA1 90a6cfb27e9908187f8bc0e7ccc992c2b6260378
SHA256 274561d8aa7dbfc4e2994c2fa09280a9e1a308321630925db9322610f8328aef
SHA512 b8788207c99542e377f2419219e8df63df846ba8ca8a71d87d270db10ecc238cf223641970dff6d519dfa5517afed19d94c22542e3b5f493a0ffd28896fdef67

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2d32d386d043889b45f0acdf1405d28c
SHA1 1927ff46123cb9e1161386950c4bad034cdb7069
SHA256 362d97509d7d2e0a82e1e29fc1bc6931bf8fb9aa3da5d102ffe044f5df708b4e
SHA512 94a17eae3bd2aa5d6dcfe25dff6daee7e7aeac46146f96c62edc7bbd84ee2ad221cf4aa76772d607cb6ace86b01a136439402bb8ca0c24af2ec89553ba164c99

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0c8e51b71022e1b5a750a33dfcb96148
SHA1 4ff4f589839b13d2df75a380ae25b58a34aab390
SHA256 a0b84ade2a5241e19d2387fd0f755459783e0cfcc57f6f47c97fa73dd1143e5a
SHA512 3197fea99ff42f454c102aa0349d215c8dd582c436e3d7ab0e763f8fe3b79f20a2aeea9fba749bff6c2a2c42d65f03f05e8646361bd013302c9482c1fcccbced

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b6a4e4f1190347b7b775cc8ed21b7c66
SHA1 3ac62574b42a780112958d7102de9e2490f31be2
SHA256 c431d095bc8b2273a532d642fdcf0f0b7bbaf0dfa4a913d2d6a1933c6a9245c9
SHA512 9ab56715c0d3ea7d83dc8cec0ac7dd8b72680b61f5f690e1f4d2d1f29bf78090d21fe6d75dba2bb8fac120e757c63d9ab88c85e532cae4448be57dc7ea719b5d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b5d9ebeed93e53461fb3e11ef9a53806
SHA1 6167f9f3550288dd09987c1b6fb67e851686eed0
SHA256 5fd2ebb07f5825214fad263154500356504db980bb70ccf813f2de19dfc2cc89
SHA512 fc933a7a7850b404ab87a14e039c967e64064bf97457933fedb67243c0d493cee7b884654e78fd9548bfddf6a3467d4c786ab0d258d94f0e34db3870dbd750c5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d9b5ba0a104a158934ac928ab15ce6ea
SHA1 a5e655846cbd053b5e2cf5f27de8866d330cd960
SHA256 049bc9c78caff175ac6c807e429f2881955976bfa43c46071bd3277e3b2ab22f
SHA512 c2fd0a9fbdb37f05d128db474cb17d17ee9560b8181af72ec9911d47964ccd94005c1a7c9402fbe62e74f8531ba03a0024b6252aae95718898d995604de507d7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 81c73a22d76695115d81e58164b483a2
SHA1 9bf4255a6b8ada0edb89c9fd832548056cff82a3
SHA256 40e6843a2b2c218789c5dbe4affa76f9f75aafe206e503e2ac44f86ae92d3244
SHA512 ca9f15b3d3832227007827560ce6c670a410554330dbe0ebc85fe390836cef52c7350af4eedb059e97223b95feac7f401e503cba71204c70ce099e8b92f295c0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4b18089b99c7d27d08eca498970f1039
SHA1 e59bcd9f37c35e21d4d90bcfd979ae156a071f9b
SHA256 896075365e811f5c3320d924b29696b6f8fc52220b57851dc0755866ea988827
SHA512 7eb307719ec1a9978473cb41faab357ed7ec1a95c5802a03045fcc03e14f2ecaeb96cb48a46a82a3612894d319eab80cc89df8545b07b9bdffc82bc664cdda1f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 99ddb094d16fcdc43ceb220213ad895d
SHA1 a141a4233f5eeab76495cbda160dab845640c5ed
SHA256 8ef8dccbc2daa6f8adf202d1e294165ca5821b227bc164ba312c49570d5cb25a
SHA512 0ca3891f1f30082c39bbc0daf6b077a2859d8e09d0bd6e09307bc96dae2cdc69281a7bb1948d9a2e8d2a63c560a04b1c3566d574b2a040d1978d74dd52608348

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0c440218450021955e3659f2bae943f5
SHA1 61b6e5166e11ee5ae2b5a160345378ee801b2cf6
SHA256 f990edb1efb8c1d5da69752705c0e6e8bea3e299451569ff88274aee2ab090a3
SHA512 3b5d1937754614fd754fb22fd4dcef991b590e0b95c4ef46ee582b6ce8ef338d6952115669ea3ea43d8b0759f12ead40604e82136d1255123f762cac303058e9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ec2005c9fd8d86dafab47c8af876d2e6
SHA1 059828c6cde43dae5c7f0c07fedb3e0158c591a0
SHA256 6868369f40c5ab5381639942cfb6240f08415a37b812cd5afb875433f8210a1a
SHA512 788b2566a11896428c599028302211071be013c3bb2c92708bd2f2b66641a74dc5e0c280af32343796e0d3655d236b72f8ee1625fc0866c3b01c728d54185827

memory/1712-964-0x0000000000380000-0x0000000000381000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 6992aa2d747756123be1c5b182f9ddec
SHA1 ca793310391afb6484938a731839ef59a13ded93
SHA256 89563071fb7bb4205206469f561504c6b36e764dd658eaaf8d02c0901d7dee26
SHA512 022312f898dbc857d3d9bcfec3b8661e61e46bce311ea4b885b30527c05b739fdc1b3c0a0bab6f6fc0b0d972f1dc03a7ed1027b7bf649bc6b46d7a73ccd4e864

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

\??\pipe\crashpad_2548_SVBVTGRGLSESCSFJ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\d849fa0d-ac74-4035-af81-51b34f1da290.tmp

MD5 a90ee7fcfbca2466ab266443ff343e21
SHA1 435fcbb4f7b24cf462d7570a87d9106d52e345f9
SHA256 ef22d10a0406b814cf1b13a69df9e9c88101db0506b20a1a8f61657395891bbd
SHA512 f2d9af7e981cc0ed3f18b889b77c590d0f589f67b84f228bb7be893b9b84da9920ad826ec6662559f9255bb2b27f4bac969209b91b5466967ea78ada68d27c47

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 265db1c9337422f9af69ef2b4e1c7205
SHA1 3e38976bb5cf035c75c9bc185f72a80e70f41c2e
SHA256 7ca5a3ccc077698ca62ac8157676814b3d8e93586364d0318987e37b4f8590bc
SHA512 3cc9b76d8d4b6edb4c41677be3483ac37785f3bbfea4489f3855433ebf84ea25fc48efee9b74cab268dc9cb7fb4789a81c94e75c7bf723721de28aef53d8b529

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\59bc46b2-0e09-4729-8223-e41009adb029.tmp

MD5 aa74b12a3c59206387e532ae5b291ee8
SHA1 6d62c11d1e1b65f598f632e50e4e038eac77a02a
SHA256 fa36c92dbde953fc1f7426d88bc5eb78812562d5c7a9d9d73efd4c1e958f893e
SHA512 d2fdda72fb3bb430cfa35790de9b2027a53ea42c754f294254a3aa0788dab1a8f9df039aa29202b40cd58d764e0a5acd6e4e2d47b5e6344a896e910e27d26f12

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\datareporting\glean\pending_pings\f0b744ec-5ff8-43f4-addb-4fb01ea7a7d7

MD5 b7236b038991c81587b2da0f0005a041
SHA1 85f415df890c6ca8f6b8ddbd5b625352d7f8f594
SHA256 44c4bdb6650de586429633f6c6081f1608d7a687be0ccda0a2466ed0bb5b8376
SHA512 6350a2db6d0b20912fafce1a74781641d729d6b05c89437af36af3d287f8fbccbd90ee84d0a22e9b3171cd956e8e454dc3a0305e6d803548f4f663ff862dd17d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\prefs.js

MD5 a6ba08d2b3f878c92fa2b9e4ea3281db
SHA1 39d4d534372856cbe20113d8c29b7611f9d7ea64
SHA256 f6f4565bf6f400ed996514e96075ee49ef6b874b1fc623ebbb8391580170d53b
SHA512 a25e834e96dd010d2a264eeb8c0f3ff8fa63be6c242eac87329fdcc765fb1c581c956de7509af2344b39fff586122b2472d9678c40b92817f7bf5fd5d94b40f4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 42f055e712706af8dd847fff2b3bbf18
SHA1 84e83a77045fc0fd81138f163bf1b0ff42aa6883
SHA256 4a45b38b72e421ea1cdb8b03aad202323b4fa5a448b16328d81323cc5ea894d5
SHA512 f92334fa28176a26afbc920e7262e3921f304ba014e76e88e8663645c7fa7cf2136050a1a1f0527f3181a63d289ba447de5553afe891d38b659d74f9582d524a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_213A1FC67444E3E9CBD41E0A7B4B61D5

MD5 2bb163291d180858f6e5a033e17b51f7
SHA1 920a82eeebe4060d8d0e1d128f21fa8949a76a11
SHA256 d34746f42a10f4b2483d7e97868e729ca95c607a6808968b8fbc988b45588fbe
SHA512 a0861f5192533ab724c80f01dd48c04a34e9fd03f97477c7b0753a43b7a04ea037e5d9f5eb0628273912fa873f6e97ee29949b8a604faf65c9b0c2ab4693ca78

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\datareporting\glean\db\data.safe.bin

MD5 8e6dd2fbef3efcfa16328ada3f659260
SHA1 9da091dcf488a1a5c778890e8b7e6a1e77de1c90
SHA256 2fdf5980a89b56c76360fe6c6e2d0af45963d28d9db2c0f6b2bce5caa855b17a
SHA512 1c2414f6dc49b29cb3feec22b1458d51e8df101540b6102a6493132ecd60fe28e729666ccc2ab04cd1483b118782795b614ca98a0ff82ec1c7638867492b0fa4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_213A1FC67444E3E9CBD41E0A7B4B61D5

MD5 96629895d74d14d38cfc39e6a0059ffb
SHA1 dc8aca4479d4c4fb193d4089211528eb1ca4bc23
SHA256 415753d0b371509f01ca90745266bdffad01dec169f321fc23974e826e771c7c
SHA512 add594498edf8a10609204769816a0b267846cd27acf77ef95b0232c3defedf7c157fee28768fb03ae8dd82a6b08df17ae25aba6c68c2b1d298deabc87b0cf1b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_B88EBDD1C39B7C1DDC0A20A63167EC66

MD5 c28b317f409273fde133bd50a9fe4e4c
SHA1 d1d3fd7223e8a9b52c42f12fbb3de1e0d39f0ff9
SHA256 e29eecb0814d74fe773f9856fd20323533b274197a1781de036caa14086f5235
SHA512 b53681b8d1be79a64dec020444a25b7bd2c3044951a5a17a7bb5b98ff1b31f3bb76d906cc4a0826a18c2c650a9184c509fcfe78008e944987299b1cf8b5aa885

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_8F986B155B6342EE1ACF678AFF6889B0

MD5 dd0e7a365e693c451036b8cbd84d6351
SHA1 2881d46eb9175b41aa73038a95bfd09e274d1b65
SHA256 d97d69b4b62609977dac8c6d648af27ce3dfe5acf67b1d6c3e591312e6ec33e7
SHA512 bc85fe30e03470bcf94afd12195f7e3c134de8a5a829005ed065878863cccdc0c0de7fe3e07976ec23850bf957cf564503aced31d32794dc3666eaa3bda00cda

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\datareporting\glean\pending_pings\eaf5e539-b31d-4732-9469-e653fe23d8a0

MD5 f9273d23f1389fa20bcfa528705affa5
SHA1 f4322ac1cd1d7d418d47769212410c2534dbd6db
SHA256 ad86ec3a97f9d4c10ee632cfcc63045f0be5941d8a5e5d996a243df60a712dc8
SHA512 790462c4f02f884a1250c205a232ff7c3d0b21356d1bf8a0dda9bf1897275aab7fce40843d8c4c6444e3b4683cf4a288500bec33eb2c53c80ebf1ae57729e243

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_8F986B155B6342EE1ACF678AFF6889B0

MD5 49fd850614a6f64eb34dda997697dfbe
SHA1 9f1a46706ec245aad4b913cd914c35890af3f64e
SHA256 fabf7473c9f098676c4f694d738bd1d18f136fae3657351dddc07d2ae235c1bf
SHA512 0b0ae826cf25a4dd1b0aac13202d6958c17e66dd9ee90380b6605160206b0a5e2684f11d2bc2df96e4ab494d6bdd65ed01886028d7d7f4ebc13ec01bff62c8d3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 41723617c7cc6a9b945a2784edfbb614
SHA1 e21fddf97de22ab5b4d60ccc2d71f932a6a9008b
SHA256 0cfff88bd1a5aecca3e3e9a8e2f41178e0523dcb1e89298ea4a98da9bedff507
SHA512 b1497b7f77d7609d4be2b11e0884e71ef53c8011c3715f2583bee40f34ed3a8f21498301cb0a083922d3ebd9d01c23178ac26de81a71cd78400ed3d801e3cd5f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 6228dc65b2aa474e7ccc8667f98435c9
SHA1 cb0f9502367fb3354ae1420fa877ec012083cd34
SHA256 18d25613c4147dbe8f52ba2648e9a37bc7b4cc385008616a89f941ab11486042
SHA512 a04f40c701c67c190ab6a74f02df94e8693b2a8d1feaa322bf0a01e87e41efed02c7cc732231bd8de4a1eb0d63638f9aacc22f83e8c703eba728eea8a489081b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_B88EBDD1C39B7C1DDC0A20A63167EC66

MD5 5399c820d79de34303dea6deebf213a8
SHA1 789d40791cfe6892b20f74ca9cfb9aac53eddb84
SHA256 bb43766f7de1f8f6f587ade85f12ec9281abd7e4e54526e0a372bda62e21a221
SHA512 299a0579c1e96b3c9a44b5183688e2c7636290c61accaaec4ff84270d13115427903581165a9475c15174106bf6fc64d89ceefe344640f78abec327f6b20b739

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\prefs.js

MD5 83b4ecf48e96f63dcd3c3d59c0b985f4
SHA1 2c3c105be5403884f0207dfb5dede0d0e1d05234
SHA256 91c5efc08a84d28637314017737b0ecb8e3cd3f719f5606139811cba7987d937
SHA512 012c5b253b6f94211e68cca68bbfa56ac325b18b209c909f7fea360bf6ee7e98148df852978044e03428e1385a03884a42766e19a3eb3969eff8daafc645212c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\prefs-1.js

MD5 6f3aa00135e2f533223e95809327409f
SHA1 858d8044d64843624cf421494dbd8c16d9f0bd68
SHA256 0f061db3eba874419ec3af10ade4a6e911e29eafa5a48cac9053e5f0a91b0a3e
SHA512 eb9d602bbfc6884db5e07de83ee251a8e3df12b2168d45f3b95af620e35955c9abb89ac65343d70cc6d62a4b0c073cfdb591a4e603f3c99e7310033262c94f5e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 19e2e84cbd35f6a638b9ed8be15e4727
SHA1 b243deddf1a4ec661eb6dbc4a923b1f6da85cae7
SHA256 0ca2a191c5203d727f0310f7634141d9de007d6258322806c824cb49126ff5d8
SHA512 5ddd8b84eb7516d1eabe096e883d7e79de00bea9a4b4295c7cedef36da28568ccb42c8396fc393f98030761773c012d6a7523a29ebc2e8294f4912983c7ddb03

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf76d4cc.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 27b7ee478946c1de06df80df2a294162
SHA1 7826646e97db676cab80cb7c968c93eb25f3ec59
SHA256 616b978310fc8e80639e5bc98099c61be24dbd8574e2f7c01997634f9ad58579
SHA512 8655f244c6d4937e7cc3ef4270362968a8c51ee1d273eb5cda53245a29f09d801e27131e463efe6825e105cbdc1785a9a0cb1fb60685c00a0bd80116519deaa5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 6106c0a3afd03ac10af37d40b150dbf9
SHA1 7e42037ac4c9f685253999df3d8465f1ac6055db
SHA256 f32d759fc1a06c863fa6fa31d78d6f9edd537171f16f4574814290b59495b673
SHA512 2764c9095ac568b03b106986eeb65e35ec33894994f28d75e2da75f6efa7718d6a47fbf35f3a850b68549d1aa9e4dffe452b02e77bdeef35963be1b0964d5fc5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\storage\default\https+++www.youtube.com\cache\morgue\198\{1c0c097a-5e55-4674-99b5-ac40aefd8dc6}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\storage\default\https+++www.youtube.com\idb\3994864016yCt7-%iCt7-%r6ecsep3o.sqlite

MD5 f5f0bdef40e3671f4dfcb12ddbd5a28d
SHA1 289c5140db6a892d730a7af2bbb1c3d1bb5ba9e2
SHA256 8e12b3d0e101ae22ce8b79320138ce6ab44332e07d8aba2b3e9384228372314d
SHA512 25ce34843e711baa814d6cc86cd3b76649b10c8d47b4cff3af2be056903989d8f93b8149ecfef3b79f39a73b8029625ec6a38f6510f60fa8b062bb8ec6eb258e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

MD5 95b4805836c6d43c683adbcce74f6ae6
SHA1 455ea152e5e6fe6f462b337a431333e18d814396
SHA256 1501f48d09b189e7f0214954ea507925fcd0ba80cd8ca2ad1bcccdbaad9072e1
SHA512 ce96567484ba89afa0777a5780c853f1f3d1a0e75ce6aeb72ee3acaf778b62e528026748d19d3b8ac2e04e79c50998bf2260f2514ff5c053fc0ae278fffead1b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

MD5 982a868f8e838477ce4dbcc61a1f1849
SHA1 65354d8e13a3de7d3e5b00e2e729838774f3715c
SHA256 f573fe49dd43a383adc31695aee816599d21b366f9fe7a539d916cb96b4fbe89
SHA512 f21e5ef9f98790f786eb12f94a01892bf7780a6022cfcb1637d0660b03c81abbe1c1c3c57e373727d7fbe046f798dcc5b0b46a36516f49c294944378de7215d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

MD5 a6a6429d6a40d519b8302ba85468bd5e
SHA1 8ba0bd85761c7fd2efdd2cd79c95644c6fe17976
SHA256 c307d54fcee53c212a0521ac00f1d0fa08fb0d0ad8a7e1211add81b2b6cca4be
SHA512 693e4c4ed5fd047b06f33a592a69575d3db3ff5fc2cc7645bc06d6af42765d053121fb524b8dbdc5e41a9f72305b84a4a0dc996424961aee3dc0f5272572869d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5899cd91857c55119dbea67a2738600e
SHA1 6f4f13cad9e18722a4e28c3a460267c78adfd8ee
SHA256 7dc1480693e48b83d26339f659df9d0dbbaca483dbb1b27842bec5df37f88528
SHA512 9a77acad94f61b4bc638572fbb947ba89a2a25be564bfc81bd424cd4594b650790236221bceb76ed66f400e1238450eb79d4b2add1ceb565b9af1305c9fa8431

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\33c6d692-e324-4740-92f6-befdf7f31146.tmp

MD5 bc603c4614d8e1350aea0a6a04c2a24f
SHA1 083bc4da05900d896c9fcbaf312c65cd147df160
SHA256 6aa4296e6b62b9b96ae275ccce49c4989bfecba39df4405a18c3c64935398616
SHA512 3b669574c6a16528b169e30a075776098b9a84d172cf60828d7743a605db566f2965f21f9ace14180aa9273986c94167f6400ec9e5c5a36dbe9e2cdcd4d271d9

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\prefs-1.js

MD5 6a6c533d8d72e440ee1538a9ab35ec6d
SHA1 1eac36f5292f6462526b2a724f0dd97ae2edb5a9
SHA256 ac3fe6057c96c87145f33c0fa4f7e00a9ae1f9692f3bdbbc00f2a7a3460dd43b
SHA512 9d6b04a03f352e11f5a8eb921a153e0395e01887e0de4310128626e2d6ae1b388c66801c8dcf31cff389dfa9e433a5e43290f3a116c4d4b82bb8dff84356abf8

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\storage\default\https+++www.youtube.com\cache\morgue\69\{b8b6dce3-2683-48cb-a0e7-be9c15f4ea45}.final

MD5 51bb0fe00991a2ae6707b3aefc583918
SHA1 21ec201ebf41ad57faaab02f7961ce5a746e6dbb
SHA256 97dc140355b2b45b54c3dab1ac66b951afae0bc742402cbc342be117f4424e0a
SHA512 41863cc0f1252366a5514dd62a06f4bba493029b8c7a35e19173b6d7f9114e7098fa35d284623b6641d28f7d7bee1ce99064987afc985dbf0354368f71f9a39b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\storage\default\https+++www.youtube.com\cache\morgue\86\{dc2e8996-adb1-4325-88c3-cb6b517ad756}.final

MD5 45e25bb134343fe4a559478cd56f0971
SHA1 79f18ad0b7e3935c3231ced0edd8ea3c7997ca93
SHA256 dae4dd8e56ccc952312b3b238a1db294d4d7ad4f532c31cd1c2e5f9dee881678
SHA512 9b32b125c4183fe992630bc6ce9a511157959556fdce53f8264aba2aa8fb7b0e53b408b505da2cc96cdec771470927e74cba3bbd6eb71a5077e9f933cdc85292

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\storage\default\https+++www.youtube.com\cache\morgue\64\{985bbcec-5605-4980-a2d5-102e3a7bd540}.final

MD5 5b0f165bbdb71faa1bb5b26c4f022e96
SHA1 704bbe81e0d8370e675246e1cbb347bf8599aa45
SHA256 b95a445bd9d295276e8423f1ad3fc50c740512a634f2115364217544bc87d44f
SHA512 6c521b2c55135ec98f79193bf9c62b73cfb1801cdeed03a9871878f677aacea46cae165a4290682768ca1c1192dff2e87b63c39228164d72d2c7abbe732f8d20

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a46dbbf41e5d5f8551585b1f04ba356b
SHA1 5881d16819a92e47ef8cd55c580d92385e8c1085
SHA256 b4e4782b185482d50f11d4499f1345d063fbf832ee5e819509bb77b062dcef1a
SHA512 7e76fa3bd4b02ccb968451c16da60f2515d8bffb2edaf8ff29db8970557b6f0461630d35eb6da5b2f5df8c91ae4ddec82a25676af5d5191579fd24a09e74c5b0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 6d6458759846026f39ab268ab3a91014
SHA1 4a955da72cbd1d594338b15556157bf2f9e4ba3f
SHA256 9093010e1c3cc8afb3e609ee92aaa03fd29c57dc6bd067941d24ba4466a65fc5
SHA512 479738fd9d7c3a824c51f9f160e5a742f0a7ccea34a95ad4a98c16164f3124d96426a33c9c595b00f62de3e38cf01204363a8d6d68cbecf397b47f73f8149235

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 21c93e8bd6e74d4633fdba06fb7d6b61
SHA1 37444beee4c90508dabbbd62db55a29679204bef
SHA256 5299e5478cb63f1a3d8f3336167124aa457e9488d05aef10292e0990921fb060
SHA512 2df9e67bce3af1f85d6560c5563c1a46b803f04674e736f5b67d73a8ef3aa2385cf6a795edc4806a17ebb4e11c41634f313f91d8103102cd861922fcf107ea6f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 faf0adce66962d7229c54dac819b01a3
SHA1 a3d7098db7327d18c04c488d80f0c6c136e769aa
SHA256 0ab47ca3732736ce94ce67669de4aadbe2ed2a1a345131f45ce8d654f67bbb23
SHA512 d7e10147f1ee208496620fc4add05d04d3430b8c006f2a8d088492eccf2df7aa6bdbf654376885910a4be0d6fb9a49a1c6fa377ee11b3675738989d8e00a2b1e

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f685e4eae4e2f4140fb14fcdf98b098e
SHA1 5d962fd2f0aed0e5c2eb6e7f2c19efb79b313da9
SHA256 eb71ca1ba088f45495883e4c063db34a822b18f6d6b70c1b3909db95e106afa3
SHA512 8eb8868b30bf6ad0271eb038460829439b4853e39d6f5a20025f70a5179b21586ec6fea5e3452338e0b8fb6aaa410876e26b36d6ec9874d4d6aa9db77969fb5f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a9e6196dd5636eaff0e82b8cc4a19c73
SHA1 34481a47a94627d80012d9d4e4c753a91a76e5e8
SHA256 c5992e2a5486035a22cab67a6dfb837da7ae693cffe3b15223ee269cead40284
SHA512 c9841802a353f7b6982fc0d3491102198d09ae36d961f303e5ad260685ad54896d8dd7f1b0315a4f02c077b3ce27dc42909f721ab357ee6675f9fe6f850a3199

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 641d8b60926363c0b612d994f4265e14
SHA1 827ddd7ed0c380de526037c03c364a4dfc76b2c3
SHA256 e56ab4c85197239b15e6858ac2184ffc19e1c9e94d2530c52177ffb85322de85
SHA512 5402684a9ffa5a2c3cb7f2e80454055ed7f10e18a39c5f4a681026d68e3990026b3df1f63cf6dbaafe9d65adffaea9cb41107b90982426d4af15e541761f7dd4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\prefs-1.js

MD5 bf01191adbe77bb4e598c567e7f0b19d
SHA1 07cd0eed4979a00f7943a285dcf80f16c7a330c0
SHA256 a5c46c3047b1987f0c38288de23021a5f5fe8c09376f6421371f2faf0308e8ef
SHA512 420489ec6569f57b8b104e35c2783323872038690274b04a7515424a39ece1229efced3a3beef5eeb463eefec49afb9e345867e00b6b2dabec65e9efb35a8d6f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c3efb90f4684a656d6f6ee62288d50d4
SHA1 513a55044db9f4f1e37b71647ad90afed2291a9d
SHA256 48bc17905631597978bef2a4107a892b457287b85653c9d43af4e060de9b6188
SHA512 93dd9d16b376995043e01f7df981991687ed5d054fe1f3763153ca3671a892d1fcd9e2cf40c4739f76e2e6bc5d6b44ce675e186b90b0c88937b533156a37f4da

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0d6c4621a65a014fd9c3efff81df67fb
SHA1 4649714d973810b853592b57689d01d8aad6f70f
SHA256 8789b5da1be39e7e71821fade3fdf1e851ec3ed978296701f76c1a33f25fda8f
SHA512 2573e5810ba483bfb08b59392eec39f87bb40690f6303c42a4f4251f00ca00830fe065aa5b5014e226f727f7727e94ea558e5e961f1c73a386823a1541e1efbf

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 6fb495a059d577e9086b5e09c9f9bfdb
SHA1 826f266aaabf4a4a2ef030ca5bf2a4067f2bd127
SHA256 88b3c35d3bb19c261f3980595781bd5f56b47a008d510f084b397e4a6b2af4f3
SHA512 70cd2b12ff31a4acd613ee786fdee32ad2e9760f4f57a7c5c917fd58c7de1e4eabb3a041b491e7c8536c4cdf8f5604793f440da9ca076dec6ef0a6f7704a6867

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b8e7b4cb28434deafad9cb31c6ed615b
SHA1 09eb8ebf8dd64760cb2665bfc4c8b73f7c0ea61f
SHA256 dd55083340512318d9d5120e95efa18c1ec08c5944db812e81cd74eab10244d0
SHA512 d00ee1140e51f5f1b5b7144adf7aefca5d61df9dc174dc6e307a1111a929e762f742d4b3e2282985d3bdc089d10fd425e473ce0460769cc192bccb4f4a780d1e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\14t8eq6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 c71dc6e1b89f08216b177b04d9051895
SHA1 3e11507ff4459b2b89cd73919982b0c844f0c331
SHA256 6b8e2256be9fe39689042e3270d39bcafc7b69f10306c1a0ffc0f8450d971b5e
SHA512 7bc0f75b1f578f152b2544656ac1c8bdaba473bdc30b7bf7a4e2fc9df6910f093bbe5bbd0b2523b5656680fc6d6c1a457f3b9179d83730b4b826337452e9b03f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8068db88d906f20fde13341fb1cbda5a
SHA1 f459008ca391b19536551f2014ffe04ce125a7da
SHA256 169e92cf1fdec31b3ac41e8a77c4af28b5ce9f3ffe59ec65196588b1620d0f68
SHA512 9bce83d7578ae18ccfd24923cf6cb98a1e86e9821a9a1e0d403fc5b10aed9e88728df8ff2227e5082e7de2dae36483aec745b7c34b3f21a59f0a7cda64ae8464

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 5924990acd280d4e035f7db258a748da
SHA1 673f51a41485859b18fd463ca48ee46ab069f1c4
SHA256 53c4e441840cf364f292d276a96f0a85666cc16ecfc55345c4963b5e9deda474
SHA512 92b86763cc0cf6d73432aa24b6920647c46320eb9354814fe861a265b96626cf4516fa53a1d964e4c0f161c9b6c29fc790ac717e299a074a8dd234e8c3e689eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dc3897550a99b9e37a6cc70f4dd2b5d5
SHA1 e0d11f7c994de48e08f2a014e9956d3e208e9766
SHA256 41cb5b60aedb9a81984cf039c54dec885be1c52e5e2971241d3520f978ff7c13
SHA512 f487601b437b0220fcd4ab604915b0d4162a9de954c2431c3ef5763128a0f0d7031e59f0700fd7fc31583937444018a6a1a7db16017b024202cafded734d28e1